Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q5X2ww7U5ySPZDTHUeA4rxqGMSU.roa
File: q5X2ww7U5ySPZDTHUeA4rxqGMSU.roa (raw, json)
Hash identifier: YdvgUKQ0yIj2hjXYN4XZS2Rm+HSa2La+CfD4HDsFBbY=
Subject key identifier: AB:95:F6:C3:0E:D4:E7:24:8F:64:34:C7:51:E0:38:AF:1A:86:31:25
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCFE51D28E1FCECF944002ACC279CEA27
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q5X2ww7U5ySPZDTHUeA4rxqGMSU.roa
Signing time: Wed 03 Jan 2024 15:15:48 +0000
ROA not before: Wed 03 Jan 2024 15:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:e5:1d:28:e1:fc:ec:f9:44:00:2a:cc:27:9c:ea:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 15:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab95f6c30ed4e7248f6434c751e038af1a863125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:17:7b:2e:b7:59:5a:f2:a2:ed:10:2d:d7:
f1:fc:f5:29:d9:c3:42:92:30:52:1c:39:64:3a:15:
41:9a:aa:61:9a:8a:c1:fd:93:29:d3:f3:2c:be:7e:
21:ca:4d:cb:78:87:c3:d9:4b:dc:51:70:27:3e:01:
3f:f9:c7:f8:08:41:b3:90:85:69:fa:d2:c9:6d:08:
b2:6d:10:41:15:da:53:03:2f:69:6c:f6:00:34:53:
ff:da:80:fa:90:e0:8c:23:1e:7d:ad:23:cc:97:65:
8a:3b:e9:e7:cd:5b:51:8b:3a:6c:6f:9e:04:ac:44:
a6:60:91:21:be:fc:ce:50:3e:02:0a:cc:96:2b:7e:
73:0c:22:44:d4:61:3c:e1:ae:7e:11:8a:9b:0c:ae:
8b:7e:93:5b:18:26:62:c8:3f:88:68:d3:d0:15:cb:
28:ea:ef:ce:96:c7:07:8c:c1:08:63:5e:95:8b:bf:
dd:fa:35:08:ca:f7:bd:f8:52:6a:7c:74:09:c8:73:
f6:b1:95:a8:dd:04:de:de:07:bf:4b:4b:a8:f0:a0:
4e:e0:c8:e6:39:2b:64:c3:39:94:61:88:1d:ab:b0:
5e:a0:14:25:2d:43:dd:34:5f:82:cb:02:bc:a9:29:
e4:9b:1d:5c:f0:7d:68:cc:dc:09:34:be:85:8b:aa:
a1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:95:F6:C3:0E:D4:E7:24:8F:64:34:C7:51:E0:38:AF:1A:86:31:25
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q5X2ww7U5ySPZDTHUeA4rxqGMSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:2a:c9:a3:70:8b:7a:0f:98:ed:a9:a3:65:e1:75:b2:c5:fb:
c2:47:e6:cb:aa:be:a3:41:59:a8:f7:7e:10:d2:d8:d8:bf:69:
05:82:a4:1e:2c:5e:c3:9c:d5:80:6d:b7:1f:c8:6e:60:99:56:
b3:d0:1c:40:3c:9f:26:2d:47:18:b0:58:e1:25:3a:c2:9e:ac:
c3:8f:97:e7:eb:8a:8a:ac:51:5f:c4:d8:f3:21:54:4c:12:2d:
2c:dd:b8:05:48:4d:0b:85:e6:43:65:d0:54:49:6d:ed:e2:02:
9e:ec:a7:9f:e6:41:7d:fc:dc:60:92:14:5d:e1:29:1d:01:8e:
d2:02:8b:91:c0:70:e9:70:76:3c:a8:21:04:da:77:a3:f5:4e:
d5:f3:b3:08:b4:2f:c3:10:68:b7:57:8b:71:ba:2b:6a:f8:ad:
c9:24:e3:cb:50:7c:03:de:3a:58:89:7c:60:ea:1e:58:73:7c:
02:6f:65:78:4c:2b:68:7f:1b:56:17:2a:d6:32:1f:d3:40:5f:
04:66:01:db:ba:ee:84:d5:cf:ed:f2:f7:31:e5:8a:29:f0:6d:
05:29:89:0d:79:b4:60:6d:05:a8:4e:97:9c:26:35:60:46:ae:
0f:a9:62:fe:7a:70:0f:6d:d0:75:87:f4:ab:81:49:fe:06:ab:
bc:3b:c6:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzP5R0o4fzs+UQAKswnnOonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMTUxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjk1ZjZjMzBlZDRlNzI0OGY2NDM0Yzc1MWUwMzhhZjFhODYzMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBMXey63WVryou0QLdfx/PUp2cNC
kjBSHDlkOhVBmqphmorB/ZMp0/Msvn4hyk3LeIfD2UvcUXAnPgE/+cf4CEGzkIVp
+tLJbQiybRBBFdpTAy9pbPYANFP/2oD6kOCMIx59rSPMl2WKO+nnzVtRizpsb54E
rESmYJEhvvzOUD4CCsyWK35zDCJE1GE84a5+EYqbDK6LfpNbGCZiyD+IaNPQFcso
6u/OlscHjMEIY16Vi7/d+jUIyve9+FJqfHQJyHP2sZWo3QTe3ge/S0uo8KBO4Mjm
OStkwzmUYYgdq7BeoBQlLUPdNF+CywK8qSnkmx1c8H1ozNwJNL6Fi6qhGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKuV9sMO1Ockj2Q0x1HgOK8ahjElMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcTVYMnd3N1U1eVNQWkRUSFVlQTRyeHFHTVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABcqyaNwi3oPmO2po2Xh
dbLF+8JH5suqvqNBWaj3fhDS2Ni/aQWCpB4sXsOc1YBttx/IbmCZVrPQHEA8nyYt
RxiwWOElOsKerMOPl+frioqsUV/E2PMhVEwSLSzduAVITQuF5kNl0FRJbe3iAp7s
p5/mQX383GCSFF3hKR0BjtICi5HAcOlwdjyoIQTad6P1TtXzswi0L8MQaLdXi3G6
K2r4rckk48tQfAPeOliJfGDqHlhzfAJvZXhMK2h/G1YXKtYyH9NAXwRmAdu67oTV
z+3y9zHliinwbQUpiQ15tGBtBahOl5wmNWBGrg+pYv56cA9t0HWH9KuBSf4Gq7w7
xt0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:55:38 2025 by rpki-client