Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dOVH1DgtDEwU43bb3sFIE7Aa8u0.roa
File: dOVH1DgtDEwU43bb3sFIE7Aa8u0.roa (raw, json)
Hash identifier: B08DY7176ijn/pgZrXtZsu54MGGD1UdcihUMn0rZktE=
Subject key identifier: 74:E5:47:D4:38:2D:0C:4C:14:E3:76:DB:DE:C1:48:13:B0:1A:F2:ED
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC715A1BD50EBFB5596276B4FA7E09285
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dOVH1DgtDEwU43bb3sFIE7Aa8u0.roa
Signing time: Tue 20 Feb 2024 15:15:00 +0000
ROA not before: Tue 20 Feb 2024 15:15:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:15:a1:bd:50:eb:fb:55:96:27:6b:4f:a7:e0:92:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 20 15:15:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74e547d4382d0c4c14e376dbdec14813b01af2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:40:8c:5c:48:2e:1b:d5:6c:31:1a:0b:4f:1f:
95:f3:37:35:29:a9:35:fe:c6:74:d3:13:56:bd:8d:
3e:ae:bc:21:cf:2a:bd:85:f6:b9:3f:3d:82:cd:31:
f9:c6:a7:b5:7f:1a:81:8e:39:44:77:3c:ce:b2:25:
fb:8b:30:55:fb:f3:3d:68:a3:6d:b2:07:1c:72:0d:
50:bb:0a:fc:af:14:be:1e:ca:f6:a7:d5:04:9e:63:
bc:4d:1a:8e:72:e9:eb:55:b2:25:09:73:a6:59:a6:
e3:d6:53:b4:5a:1d:5a:40:05:f9:5a:26:95:c8:75:
69:91:cb:5a:81:22:8e:7d:bd:ef:23:8d:e9:32:1d:
80:79:ba:95:7e:da:fb:79:49:e6:b8:1b:23:0e:35:
2d:90:7c:2f:0c:30:ce:34:a1:44:16:76:98:9c:4a:
12:bc:e3:9b:fc:8f:f4:7c:35:e7:f1:f5:e4:54:b2:
42:3c:74:58:18:78:a2:6c:24:93:3a:be:34:57:52:
45:b4:98:42:21:d1:31:0d:0b:dd:5a:a6:3a:81:b5:
ac:00:60:8b:f1:21:bb:40:6b:d5:d0:2f:97:57:27:
28:15:68:95:db:13:0b:98:16:7b:d7:52:9d:8f:89:
45:c0:f3:d5:96:8f:a5:60:6a:c5:5d:9a:a0:06:54:
a5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E5:47:D4:38:2D:0C:4C:14:E3:76:DB:DE:C1:48:13:B0:1A:F2:ED
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dOVH1DgtDEwU43bb3sFIE7Aa8u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:b4:e7:55:b4:a8:09:7c:cc:a8:3e:ef:a1:f1:c0:c0:17:8b:
72:8c:c1:53:77:c0:2b:a0:53:42:12:14:7b:e4:52:2d:ac:bc:
b7:03:e1:57:76:18:d8:ec:d4:7a:86:f6:91:ad:88:c0:f9:e8:
5a:a1:d6:91:6a:c0:67:4b:6b:24:5c:b3:82:b5:60:29:99:e5:
08:e6:3e:e3:6c:9d:c2:db:c0:9f:bf:d6:03:57:e3:17:56:85:
ad:47:92:a0:06:6b:49:52:99:33:15:6f:92:a9:82:e5:da:76:
fe:e0:3b:f3:51:b3:d8:87:e9:69:98:25:7c:cb:64:85:f8:c4:
9b:1d:36:56:c1:ed:7b:be:32:dc:d4:db:35:39:8b:7f:bb:e4:
46:b4:fa:18:3d:47:7f:bf:0d:6c:04:4b:66:9c:66:d0:8f:11:
9e:8f:24:6e:92:30:c8:9d:1d:13:cc:0f:45:e1:3b:2d:2f:8c:
ae:2e:0d:19:df:4f:ea:3e:27:e2:9e:08:c0:44:4f:a4:ba:f3:
79:0f:7e:ee:7d:e3:f7:b2:ff:f2:80:63:ff:5c:76:ad:f3:4a:
a0:3b:f7:5f:fa:fd:f7:69:6e:9c:82:05:31:b1:6e:22:62:33:
56:ba:9c:3a:93:33:3f:2e:e7:72:21:cc:0a:c6:a8:a9:a7:95:
3d:1c:d4:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3HFaG9UOv7VZYna0+n4JKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIwMTUxNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU1NDdkNDM4MmQwYzRjMTRlMzc2ZGJkZWMxNDgxM2IwMWFmMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kCMXEguG9VsMRoLTx+V8zc1Kak1
/sZ00xNWvY0+rrwhzyq9hfa5Pz2CzTH5xqe1fxqBjjlEdzzOsiX7izBV+/M9aKNt
sgcccg1Quwr8rxS+Hsr2p9UEnmO8TRqOcunrVbIlCXOmWabj1lO0Wh1aQAX5WiaV
yHVpkctagSKOfb3vI43pMh2AebqVftr7eUnmuBsjDjUtkHwvDDDONKFEFnaYnEoS
vOOb/I/0fDXn8fXkVLJCPHRYGHiibCSTOr40V1JFtJhCIdExDQvdWqY6gbWsAGCL
8SG7QGvV0C+XVycoFWiV2xMLmBZ711Kdj4lFwPPVlo+lYGrFXZqgBlSlDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHTlR9Q4LQxMFON2297BSBOwGvLtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZE9WSDFEZ3RERXdVNDNiYjNzRklFN0FhOHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGC051W0qAl8zKg+76Hx
wMAXi3KMwVN3wCugU0ISFHvkUi2svLcD4Vd2GNjs1HqG9pGtiMD56Fqh1pFqwGdL
ayRcs4K1YCmZ5QjmPuNsncLbwJ+/1gNX4xdWha1HkqAGa0lSmTMVb5KpguXadv7g
O/NRs9iH6WmYJXzLZIX4xJsdNlbB7Xu+MtzU2zU5i3+75Ea0+hg9R3+/DWwES2ac
ZtCPEZ6PJG6SMMidHRPMD0XhOy0vjK4uDRnfT+o+J+KeCMBET6S683kPfu594/ey
//KAY/9cdq3zSqA791/6/fdpbpyCBTGxbiJiM1a6nDqTMz8u53IhzArGqKmnlT0c
1Ns=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:51:58 2025 by rpki-client