Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_syBSSAEoxZR4NYu_3mGgP_vPvI.roa
File: _syBSSAEoxZR4NYu_3mGgP_vPvI.roa (raw, json)
Hash identifier: YLLLK61goNnP0waQA1gUwZqgSnEbgXB25UXHMYNc9BI=
Subject key identifier: FE:CC:81:49:20:04:A3:16:51:E0:D6:2E:FF:79:86:80:FF:EF:3E:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB796C23E5E3051360A80ADBA3F36AD60
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_syBSSAEoxZR4NYu_3mGgP_vPvI.roa
Signing time: Sun 07 Apr 2024 08:04:54 +0000
ROA not before: Sun 07 Apr 2024 08:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:b796:23ae/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b7:96:c2:3e:5e:30:51:36:0a:80:ad:ba:3f:36:ad:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 08:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fecc81492004a31651e0d62eff798680ffef3ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:3d:36:e4:80:c4:32:1a:b1:83:27:91:d1:
0d:f0:8b:61:5c:9b:49:58:02:33:7d:c0:cf:b8:49:
46:0e:4b:4c:69:49:d3:ea:cf:f6:87:d8:e2:b1:48:
ed:60:e5:70:1a:80:9c:6a:bd:a0:8a:ad:05:52:58:
a5:6d:2e:c2:d0:db:3c:b5:0f:72:e0:7b:1c:27:df:
11:89:5b:88:f1:22:8b:56:14:ed:83:5b:e4:b9:ed:
b6:0c:46:06:2f:f5:7a:f5:71:83:6f:38:2f:dd:07:
b4:c9:2b:d5:f1:87:6d:a1:b1:7a:0f:76:5c:09:90:
92:46:61:fa:da:df:6d:48:47:34:1d:5f:3d:2c:d2:
b1:d7:61:c5:e1:e9:3e:de:43:63:dd:bf:5e:bd:98:
b3:f0:51:ea:2e:7a:53:c1:db:9f:32:5e:50:e2:c3:
6c:4c:00:fe:3a:9d:0a:dc:35:2a:58:4f:bb:38:74:
af:7d:ba:24:f1:22:f2:e4:31:1e:38:99:f2:25:e0:
2f:22:7d:a7:10:1c:01:a8:13:3e:29:d5:39:59:19:
7b:dc:d9:04:bd:16:8f:f3:ef:5e:52:f6:c6:bb:fa:
c7:52:04:54:5c:32:0c:c8:cc:21:a4:fd:59:d3:e2:
83:2a:ea:c3:13:7b:07:bc:ac:97:fb:5b:84:8c:ac:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:CC:81:49:20:04:A3:16:51:E0:D6:2E:FF:79:86:80:FF:EF:3E:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_syBSSAEoxZR4NYu_3mGgP_vPvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:2c:ed:43:c8:33:8b:ab:84:71:ef:fb:b3:13:d9:27:00:63:
5d:ac:88:25:23:70:f0:2b:d9:4a:7c:b6:d1:c8:dc:4a:71:9a:
10:38:3d:50:cb:0f:a7:c1:1e:73:db:2f:0d:f6:83:f4:64:09:
1a:74:ac:a0:f1:0f:ba:dc:f3:1a:7b:78:a9:eb:07:b3:c6:a7:
24:37:b4:cf:9a:89:36:17:c7:97:97:34:4c:cf:e1:fb:fb:be:
b8:1e:66:17:4c:0d:44:f1:30:76:37:0a:42:15:cf:f1:fa:a9:
d3:de:72:ad:db:ac:9a:7a:86:b9:41:c2:68:bc:db:05:ae:47:
b9:08:2a:42:aa:a2:3a:d8:a7:ce:fc:92:97:8d:b1:42:bf:ae:
3f:50:d2:ab:fe:01:bf:6a:cb:4a:5d:6b:6a:c6:72:97:bd:59:
e8:6f:a4:42:98:43:47:b8:b3:2e:0f:00:70:60:8d:8f:3c:44:
81:56:86:9f:60:f7:5d:6b:dd:67:1e:16:ff:cb:33:67:4a:f6:
b2:17:de:a7:3f:fd:6b:aa:54:bf:0a:e5:76:db:e1:11:fc:bc:
f7:6a:b3:22:d5:2f:e2:45:ab:ab:8f:81:79:4f:d7:b9:46:5d:
6c:0c:f0:75:aa:02:49:90:27:c2:32:1d:57:a9:f1:28:7a:df:
4a:ea:ba:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY63lsI+XjBRNgqArbo/Nq1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MDgwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWNjODE0OTIwMDRhMzE2NTFlMGQ2MmVmZjc5ODY4MGZmZWYzZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1o9NuSAxDIasYMnkdEN8IthXJtJ
WAIzfcDPuElGDktMaUnT6s/2h9jisUjtYOVwGoCcar2giq0FUlilbS7C0Ns8tQ9y
4HscJ98RiVuI8SKLVhTtg1vkue22DEYGL/V69XGDbzgv3Qe0ySvV8YdtobF6D3Zc
CZCSRmH62t9tSEc0HV89LNKx12HF4ek+3kNj3b9evZiz8FHqLnpTwdufMl5Q4sNs
TAD+Op0K3DUqWE+7OHSvfbok8SLy5DEeOJnyJeAvIn2nEBwBqBM+KdU5WRl73NkE
vRaP8+9eUvbGu/rHUgRUXDIMyMwhpP1Z0+KDKurDE3sHvKyX+1uEjKz4swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP7MgUkgBKMWUeDWLv95hoD/7z7yMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX3N5QlNTQUVveFpSNE5ZdV8zbUdnUF92UHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEIs7UPIM4urhHHv+7MT
2ScAY12siCUjcPAr2Up8ttHI3EpxmhA4PVDLD6fBHnPbLw32g/RkCRp0rKDxD7rc
8xp7eKnrB7PGpyQ3tM+aiTYXx5eXNEzP4fv7vrgeZhdMDUTxMHY3CkIVz/H6qdPe
cq3brJp6hrlBwmi82wWuR7kIKkKqojrYp878kpeNsUK/rj9Q0qv+Ab9qy0pda2rG
cpe9WehvpEKYQ0e4sy4PAHBgjY88RIFWhp9g911r3WceFv/LM2dK9rIX3qc//Wuq
VL8K5Xbb4RH8vPdqsyLVL+JFq6uPgXlP17lGXWwM8HWqAkmQJ8IyHVep8Sh630rq
uqE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:19:32 2025 by rpki-client