Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ajC7BTFRx87hBQUhXslGLaKTsaA.roa
File: ajC7BTFRx87hBQUhXslGLaKTsaA.roa (raw, json)
Hash identifier: aVliIvJutH3mEJlYNdboT7OxEGRr94zA4GltTS8iTNQ=
Subject key identifier: 6A:30:BB:05:31:51:C7:CE:E1:05:05:21:5E:C9:46:2D:A2:93:B1:A0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB3C2742C6A6442A9C69D04CB5AEEE08B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ajC7BTFRx87hBQUhXslGLaKTsaA.roa
Signing time: Fri 16 Feb 2024 21:11:21 +0000
ROA not before: Fri 16 Feb 2024 21:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:c2:74:2c:6a:64:42:a9:c6:9d:04:cb:5a:ee:e0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 21:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a30bb053151c7cee10505215ec9462da293b1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f4:49:4b:7b:bd:c4:06:c4:f4:e8:92:ac:a5:
f0:c6:b5:09:e7:c7:7f:d4:9c:d7:5c:e7:09:06:e0:
34:b3:d7:13:c3:28:7b:62:3a:fe:7d:0f:67:ee:19:
01:f3:08:84:02:29:ca:0b:00:1e:43:a1:fc:2e:3d:
b9:37:b9:ba:7d:f9:4c:5c:2b:2f:ce:30:49:a5:d8:
73:dd:bc:23:60:98:19:8c:83:86:ab:7e:10:85:45:
f7:1e:9c:32:55:33:ec:19:2b:92:9b:13:62:0f:51:
bd:99:b9:bf:d6:2d:4a:6c:7b:30:f0:e2:e8:53:8e:
ea:9d:8b:38:93:0c:81:24:fa:91:b0:4b:b4:30:5d:
51:80:a1:3b:ac:e3:57:8d:d8:cb:e6:08:af:5c:53:
75:25:62:59:40:e9:c0:5b:13:54:40:01:90:21:ff:
8c:63:17:62:21:48:2a:71:1c:7d:f5:6f:0f:47:95:
50:33:bf:c1:06:df:5b:94:30:43:fd:d4:b3:7c:67:
ab:18:47:77:b5:bd:7a:a5:dc:7b:75:17:41:67:0e:
fb:77:1e:0b:97:64:01:20:bc:07:b4:10:b3:bc:78:
29:0d:ad:56:bc:41:2c:1c:0d:57:87:33:39:70:b3:
26:1b:61:f2:eb:69:b1:7d:a0:1a:fa:8f:3c:e4:64:
6f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:30:BB:05:31:51:C7:CE:E1:05:05:21:5E:C9:46:2D:A2:93:B1:A0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ajC7BTFRx87hBQUhXslGLaKTsaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:57:f2:5c:35:f0:5e:d0:ef:b7:bd:d6:cb:61:4e:8d:20:ca:
cb:65:4b:bb:28:bb:d3:4c:62:48:43:61:d1:d4:a2:64:89:1a:
c6:82:df:e1:f5:a1:52:d6:33:b0:39:31:33:3a:17:3b:8d:75:
a4:0b:c9:c1:1e:33:d9:30:0b:0c:b9:ba:da:e4:f4:21:63:bf:
1f:51:34:a6:84:62:7a:e0:6c:46:d6:a5:fd:3b:9c:d3:77:a4:
89:53:85:e7:2d:75:bf:96:26:56:5c:ed:dc:bb:f2:ee:fd:7e:
3d:d1:83:f9:86:a5:5a:5c:21:0f:a1:cf:76:4e:f6:73:51:f7:
36:c7:52:b5:ee:40:d7:79:b1:9b:27:a3:49:e7:82:6a:b8:72:
d6:8a:a1:02:c5:c1:27:67:f3:aa:07:7a:6d:59:02:0e:3f:60:
a9:4c:40:17:ce:e8:cf:16:68:cf:f0:aa:4c:86:4f:c2:68:21:
65:9f:cf:5b:67:e8:e5:45:2d:f9:aa:6f:b6:b9:1e:1c:e4:a1:
e5:1d:7e:be:4a:71:8b:9c:66:21:86:7d:72:1a:10:72:3c:ac:
cd:d2:e0:20:80:b1:67:86:2b:97:74:f1:84:18:03:70:45:3c:
56:a3:fe:cb:64:c9:ec:33:ee:bc:11:65:e5:f7:20:8d:fa:10:
df:37:38:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2zwnQsamRCqcadBMta7uCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MjExMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTMwYmIwNTMxNTFjN2NlZTEwNTA1MjE1ZWM5NDYyZGEyOTNiMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvRJS3u9xAbE9OiSrKXwxrUJ58d/
1JzXXOcJBuA0s9cTwyh7Yjr+fQ9n7hkB8wiEAinKCwAeQ6H8Lj25N7m6fflMXCsv
zjBJpdhz3bwjYJgZjIOGq34QhUX3HpwyVTPsGSuSmxNiD1G9mbm/1i1KbHsw8OLo
U47qnYs4kwyBJPqRsEu0MF1RgKE7rONXjdjL5givXFN1JWJZQOnAWxNUQAGQIf+M
YxdiIUgqcRx99W8PR5VQM7/BBt9blDBD/dSzfGerGEd3tb16pdx7dRdBZw77dx4L
l2QBILwHtBCzvHgpDa1WvEEsHA1XhzM5cLMmG2Hy62mxfaAa+o885GRvfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGowuwUxUcfO4QUFIV7JRi2ik7GgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYWpDN0JURlJ4ODdoQlFVaFhzbEdMYUtUc2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZX8lw18F7Q77e91sth
To0gystlS7sou9NMYkhDYdHUomSJGsaC3+H1oVLWM7A5MTM6FzuNdaQLycEeM9kw
Cwy5utrk9CFjvx9RNKaEYnrgbEbWpf07nNN3pIlThectdb+WJlZc7dy78u79fj3R
g/mGpVpcIQ+hz3ZO9nNR9zbHUrXuQNd5sZsno0nngmq4ctaKoQLFwSdn86oHem1Z
Ag4/YKlMQBfO6M8WaM/wqkyGT8JoIWWfz1tn6OVFLfmqb7a5HhzkoeUdfr5KcYuc
ZiGGfXIaEHI8rM3S4CCAsWeGK5d08YQYA3BFPFaj/stkyewz7rwRZeX3II36EN83
ONU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:38 2025 by rpki-client