Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_D8xxyK731ZHfOMxDoAnm59stxc.roa
File: _D8xxyK731ZHfOMxDoAnm59stxc.roa (raw, json)
Hash identifier: wmmIWQSQ7EfftjG5PVkukqkY/UPH6fAeUGcU8KfoRVo=
Subject key identifier: FC:3F:31:C7:22:BB:DF:56:47:7C:E3:31:0E:80:27:9B:9F:6C:B7:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAF0FF2C02F835D666585CACEF886DD25
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_D8xxyK731ZHfOMxDoAnm59stxc.roa
Signing time: Thu 15 Feb 2024 23:17:54 +0000
ROA not before: Thu 15 Feb 2024 23:17:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:0f:f2:c0:2f:83:5d:66:65:85:ca:ce:f8:86:dd:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 23:17:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc3f31c722bbdf56477ce3310e80279b9f6cb717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b6:33:35:e3:31:fe:7b:d2:b1:a0:f7:62:c3:
53:e7:42:de:8d:c9:ca:ce:88:08:d1:e0:2d:f2:d0:
1d:3f:35:43:37:c2:38:6c:a5:99:60:7e:88:f0:fe:
91:60:ef:bd:29:7c:6e:e0:a7:bf:7c:1d:7b:d9:2c:
8b:20:de:ab:de:eb:c3:2d:eb:0c:35:fb:b4:aa:bc:
8a:a3:7d:30:ef:69:d0:e9:d7:ca:e2:dd:fe:11:5e:
70:25:fb:50:fd:e1:be:64:a8:b4:41:04:18:bb:2f:
c3:4c:48:66:5e:fa:59:9f:e5:5a:17:75:a2:9d:00:
ba:5c:9f:da:6b:61:3e:08:05:5c:a0:c1:5f:57:67:
29:80:88:ae:53:10:bd:96:66:8d:c2:6e:06:41:e8:
4a:42:a8:91:81:db:1e:bc:e3:5b:a0:a8:43:6b:1f:
1a:25:c6:3c:4a:ce:6d:5a:05:3c:3a:1f:9d:ee:11:
6d:b0:f1:cd:e8:8c:90:57:be:b8:0d:e9:4c:6a:cf:
56:b8:c0:3e:f7:46:ab:62:17:5f:74:e7:57:e7:25:
13:6e:39:bc:fe:f4:28:e5:81:95:90:32:ec:1d:23:
d7:a2:7f:cf:06:7c:f6:88:e0:2e:6f:10:69:9f:31:
cf:f2:8b:0e:41:7f:65:36:9d:7f:2b:64:f1:a6:00:
58:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3F:31:C7:22:BB:DF:56:47:7C:E3:31:0E:80:27:9B:9F:6C:B7:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_D8xxyK731ZHfOMxDoAnm59stxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:ff:91:19:12:f7:d8:90:a1:d2:a8:60:2e:82:5e:a4:29:80:
b8:5a:fd:d6:96:97:a3:bf:6c:7e:9c:d6:db:1b:70:75:aa:a4:
50:22:25:0d:ec:62:4e:f1:d2:07:1f:4f:b0:11:da:80:c2:aa:
cb:51:b2:69:f4:a2:7e:b3:a4:16:e0:c6:60:2a:52:b3:0a:f6:
b1:84:7f:95:03:a5:8d:1c:85:23:72:2b:d0:96:1f:ce:46:a9:
49:1d:86:d6:20:52:52:75:5e:45:93:da:eb:39:11:27:56:a8:
76:fc:d2:52:b3:73:2f:24:1f:50:bb:33:25:d2:fa:6e:5c:f4:
fe:7f:97:44:14:ef:7a:16:fa:90:70:7b:bb:85:39:27:5c:4d:
55:d5:b1:a3:34:9d:f1:ff:b9:a9:fb:89:df:5d:b4:56:54:f9:
ac:bf:9d:99:0d:ff:18:3f:10:2a:fe:ee:66:8f:c9:d2:d3:15:
f9:55:d2:49:02:f8:75:cd:07:db:5f:23:5b:fd:3a:eb:d1:01:
a9:5b:38:b7:60:d7:e3:65:d4:ce:1b:60:b6:81:61:b1:3f:06:
4d:a6:16:f4:91:57:a2:9e:b4:00:48:e6:0a:e2:52:29:c7:fb:
de:97:89:5b:e2:4b:bd:0b:5c:d3:28:59:b3:ba:bd:26:79:7c:
59:2a:4b:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2vD/LAL4NdZmWFys74ht0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MjMxNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzNmMzFjNzIyYmJkZjU2NDc3Y2UzMzEwZTgwMjc5YjlmNmNiNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbYzNeMx/nvSsaD3YsNT50LejcnK
zogI0eAt8tAdPzVDN8I4bKWZYH6I8P6RYO+9KXxu4Ke/fB172SyLIN6r3uvDLesM
Nfu0qryKo30w72nQ6dfK4t3+EV5wJftQ/eG+ZKi0QQQYuy/DTEhmXvpZn+VaF3Wi
nQC6XJ/aa2E+CAVcoMFfV2cpgIiuUxC9lmaNwm4GQehKQqiRgdsevONboKhDax8a
JcY8Ss5tWgU8Oh+d7hFtsPHN6IyQV764DelMas9WuMA+90arYhdfdOdX5yUTbjm8
/vQo5YGVkDLsHSPXon/PBnz2iOAubxBpnzHP8osOQX9lNp1/K2TxpgBYiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPw/Mcciu99WR3zjMQ6AJ5ufbLcXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX0Q4eHh5SzczMVpIZk9NeERvQW5tNTlzdHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH//kRkS99iQodKoYC6C
XqQpgLha/daWl6O/bH6c1tsbcHWqpFAiJQ3sYk7x0gcfT7AR2oDCqstRsmn0on6z
pBbgxmAqUrMK9rGEf5UDpY0chSNyK9CWH85GqUkdhtYgUlJ1XkWT2us5ESdWqHb8
0lKzcy8kH1C7MyXS+m5c9P5/l0QU73oW+pBwe7uFOSdcTVXVsaM0nfH/uan7id9d
tFZU+ay/nZkN/xg/ECr+7maPydLTFflV0kkC+HXNB9tfI1v9OuvRAalbOLdg1+Nl
1M4bYLaBYbE/Bk2mFvSRV6KetABI5griUinH+96XiVviS70LXNMoWbO6vSZ5fFkq
S/o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:25 2025 by rpki-client