Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jv71mSgNNFdC2WgpG8wdkJN4fuE.roa
File: jv71mSgNNFdC2WgpG8wdkJN4fuE.roa (raw, json)
Hash identifier: LjT5GSAZuCOFqJwoWOYNWj6jD6voISiq8gQ9hvHJaBc=
Subject key identifier: 8E:FE:F5:99:28:0D:34:57:42:D9:68:29:1B:CC:1D:90:93:78:7E:E1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7771162CAF0477D4DC2EF63C6D9889CA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jv71mSgNNFdC2WgpG8wdkJN4fuE.roa
Signing time: Mon 05 Feb 2024 04:05:16 +0000
ROA not before: Mon 05 Feb 2024 04:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:7770:4981/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:71:16:2c:af:04:77:d4:dc:2e:f6:3c:6d:98:89:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 04:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8efef599280d345742d968291bcc1d9093787ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:01:82:6e:f8:1c:6b:2a:af:56:0e:c2:c9:
03:ef:8d:07:8b:31:0c:f8:12:c8:63:6a:51:0c:3e:
01:e4:9a:f9:78:fc:dd:ca:4a:34:f2:04:4f:74:2c:
dc:7e:f1:9b:16:42:3b:47:6b:44:aa:11:d2:37:48:
23:5f:30:f6:25:31:e4:11:60:e4:b2:41:4c:16:8e:
42:44:3d:42:6f:c1:e7:5e:fb:3f:3e:60:a2:aa:79:
59:99:44:ca:4f:3b:06:0a:5a:ad:38:34:9c:cd:37:
0f:9a:76:d6:1f:57:2f:08:90:d3:25:34:0e:e4:65:
3f:a1:87:14:33:f1:20:6e:43:93:d2:3f:f7:dc:ff:
cc:d0:91:d7:68:88:a0:d5:8a:1a:7e:3b:3c:9d:1c:
6d:6c:8d:4a:72:51:37:78:07:dd:53:b1:80:62:44:
37:20:88:8b:70:3c:24:10:d1:35:2f:90:84:c7:7f:
df:3f:15:f6:40:a1:62:ad:2f:f2:3d:d8:b9:1c:3c:
64:0c:be:49:5a:bd:ee:86:62:c5:ba:ba:24:d8:14:
86:dd:be:23:20:5c:03:dd:b7:b9:80:54:a3:80:40:
55:09:c4:b8:eb:64:f8:4f:68:5d:42:aa:3c:8e:06:
8f:9b:71:a1:28:e4:a0:14:a8:78:2b:b0:28:96:e7:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FE:F5:99:28:0D:34:57:42:D9:68:29:1B:CC:1D:90:93:78:7E:E1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jv71mSgNNFdC2WgpG8wdkJN4fuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:64:11:eb:34:a6:0b:17:60:48:5b:66:ab:b9:12:1e:f1:96:
17:17:d2:2f:8b:d8:dc:d9:be:c6:41:97:b7:f1:4f:50:46:a8:
71:c7:70:dd:4c:6c:d1:a3:a5:11:fd:72:2f:1b:ff:4e:20:ee:
ea:69:19:54:06:01:c9:0f:83:fe:cb:5d:e6:42:45:b6:aa:78:
61:5a:ff:9e:89:72:cf:98:73:b9:4f:a8:86:62:74:65:0d:35:
17:91:9e:62:09:30:6d:65:47:a0:27:25:b8:ee:f3:12:2f:9f:
50:7e:5e:88:59:9c:32:6a:6e:24:0e:12:68:6d:9a:b7:b1:34:
4c:cb:67:73:de:b4:f9:74:41:9e:80:a5:ba:a9:45:df:0a:58:
52:ca:9e:40:b0:39:f9:90:5e:24:3e:c3:bb:85:73:53:1b:75:
d4:0e:b3:df:28:f4:7d:de:32:c3:33:44:9b:ca:10:50:15:67:
b2:57:70:9e:bc:f0:70:63:5f:74:14:67:a8:b9:d5:11:a8:82:
eb:8c:8c:20:d3:0b:7a:d4:59:1a:ed:06:4d:d2:ed:d4:70:a8:
d5:54:1f:3b:ca:31:11:79:df:47:1b:fe:5d:fc:fe:eb:f9:54:
c5:47:61:d9:33:19:2d:12:e4:f2:59:09:ac:25:46:bc:c4:28:
63:89:a4:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY13cRYsrwR31Nwu9jxtmInKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDQwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZlZjU5OTI4MGQzNDU3NDJkOTY4MjkxYmNjMWQ5MDkzNzg3ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIkBgm74HGsqr1YOwskD740HizEM
+BLIY2pRDD4B5Jr5ePzdyko08gRPdCzcfvGbFkI7R2tEqhHSN0gjXzD2JTHkEWDk
skFMFo5CRD1Cb8HnXvs/PmCiqnlZmUTKTzsGClqtODSczTcPmnbWH1cvCJDTJTQO
5GU/oYcUM/EgbkOT0j/33P/M0JHXaIig1Yoafjs8nRxtbI1KclE3eAfdU7GAYkQ3
IIiLcDwkENE1L5CEx3/fPxX2QKFirS/yPdi5HDxkDL5JWr3uhmLFurok2BSG3b4j
IFwD3be5gFSjgEBVCcS462T4T2hdQqo8jgaPm3GhKOSgFKh4K7AolufLlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI7+9ZkoDTRXQtloKRvMHZCTeH7hMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvanY3MW1TZ05ORmRDMldncEc4d2RrSk40ZnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE1kEes0pgsXYEhbZqu5
Eh7xlhcX0i+L2NzZvsZBl7fxT1BGqHHHcN1MbNGjpRH9ci8b/04g7uppGVQGAckP
g/7LXeZCRbaqeGFa/56Jcs+Yc7lPqIZidGUNNReRnmIJMG1lR6AnJbju8xIvn1B+
XohZnDJqbiQOEmhtmrexNEzLZ3PetPl0QZ6ApbqpRd8KWFLKnkCwOfmQXiQ+w7uF
c1MbddQOs98o9H3eMsMzRJvKEFAVZ7JXcJ688HBjX3QUZ6i51RGoguuMjCDTC3rU
WRrtBk3S7dRwqNVUHzvKMRF530cb/l38/uv5VMVHYdkzGS0S5PJZCawlRrzEKGOJ
pEU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:53:58 2025 by rpki-client