Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r3VblLjK9CAXks3vGdrc8tSCttE.roa
File: r3VblLjK9CAXks3vGdrc8tSCttE.roa (raw, json)
Hash identifier: 4OTRINngASk+IK+RhkO+MSa+DX86gsPI8fK3e6g5HY8=
Subject key identifier: AF:75:5B:94:B8:CA:F4:20:17:92:CD:EF:19:DA:DC:F2:D4:82:B6:D1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E24361F1B9466847B4E3B9D6BFC7BB85E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r3VblLjK9CAXks3vGdrc8tSCttE.roa
Signing time: Sat 09 Mar 2024 17:15:10 +0000
ROA not before: Sat 09 Mar 2024 17:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:24:36:1f:1b:94:66:84:7b:4e:3b:9d:6b:fc:7b:b8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 17:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af755b94b8caf4201792cdef19dadcf2d482b6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:e2:18:54:3a:5f:86:7b:d4:bf:af:b2:29:
75:f2:03:b3:b3:2e:e1:e9:a8:a0:c9:93:db:76:42:
6e:58:f4:89:b3:d7:ce:ba:ac:b9:29:3f:65:ae:95:
ca:43:71:1e:a5:2f:66:e4:e9:be:b3:e4:16:3f:d4:
0c:5e:d4:ae:f2:e9:ba:24:9c:0a:70:a6:87:f2:e5:
42:70:7c:51:c2:17:84:6c:f0:c9:28:06:c9:1a:61:
60:25:f9:07:20:1b:d3:eb:83:d7:dc:f8:ef:5d:a3:
b3:d9:56:d2:88:cb:19:8e:c0:20:95:9f:8d:1a:2c:
c0:8a:2d:5f:34:86:75:50:e7:b5:5c:9a:9d:65:24:
e5:bf:8f:2e:24:e9:45:d4:3b:e5:df:f8:4d:54:d0:
23:14:a6:22:de:8a:33:0d:24:29:ea:64:08:b8:d5:
ab:12:f7:18:9f:04:af:07:96:05:c6:78:a2:f9:40:
85:94:3b:31:aa:f5:08:1b:ce:f6:8e:b3:b2:b8:7b:
6f:65:fd:ac:ac:de:a0:0a:83:57:70:6f:a7:49:6f:
ab:ab:3c:cb:9f:9c:66:c6:f6:21:ca:12:da:f2:99:
8d:9e:e8:48:b6:73:1e:17:88:70:8e:62:ff:fb:95:
3f:1c:17:f8:35:84:97:5c:48:7f:53:b1:19:78:d3:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:75:5B:94:B8:CA:F4:20:17:92:CD:EF:19:DA:DC:F2:D4:82:B6:D1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r3VblLjK9CAXks3vGdrc8tSCttE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:c7:21:45:89:ca:66:d3:8b:ea:a7:96:be:b7:d9:d7:3d:f7:
7b:e1:c1:5c:07:cd:d5:50:fe:9d:f5:1d:65:58:ea:40:66:9a:
0b:5f:dd:da:04:fe:1b:d8:5a:bd:fc:62:d4:00:2d:21:fe:e2:
f9:4b:a3:c8:99:b6:35:d9:7a:9b:c8:9e:b5:21:7a:52:92:1d:
2f:c3:48:4c:0a:86:f2:ce:e4:77:f3:1c:7d:ec:ea:af:33:b1:
a5:29:c2:7f:19:99:c3:11:6a:26:0a:9a:f8:4c:70:be:76:e9:
38:85:16:e5:01:17:34:2c:ad:95:79:75:75:04:e7:b8:fe:3c:
bd:9a:de:70:c2:fe:e8:2e:99:7d:ed:bb:45:40:70:aa:f5:5d:
ce:08:46:00:5b:0c:b4:09:ac:cf:1a:c6:4b:8b:2c:5c:bf:e0:
dd:f6:e1:3b:0f:f9:5d:42:3d:95:b6:91:34:71:67:8d:a7:df:
ed:f3:b9:7f:c4:bd:ae:7f:b1:2c:03:5c:db:04:e1:a1:53:74:
40:41:cc:18:74:11:51:ae:07:63:87:ca:33:22:8c:a3:ed:2a:
c7:78:4f:98:09:c3:9a:e1:36:1e:27:e2:fe:53:04:2f:01:ae:
88:4e:f7:70:9b:d2:42:1f:5c:2b:92:fa:97:e3:85:fd:70:f5:
38:6d:14:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4kNh8blGaEe047nWv8e7heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MTcxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc1NWI5NGI4Y2FmNDIwMTc5MmNkZWYxOWRhZGNmMmQ0ODJiNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJLiGFQ6X4Z71L+vsil18gOzsy7h
6aigyZPbdkJuWPSJs9fOuqy5KT9lrpXKQ3EepS9m5Om+s+QWP9QMXtSu8um6JJwK
cKaH8uVCcHxRwheEbPDJKAbJGmFgJfkHIBvT64PX3PjvXaOz2VbSiMsZjsAglZ+N
GizAii1fNIZ1UOe1XJqdZSTlv48uJOlF1Dvl3/hNVNAjFKYi3oozDSQp6mQIuNWr
EvcYnwSvB5YFxnii+UCFlDsxqvUIG872jrOyuHtvZf2srN6gCoNXcG+nSW+rqzzL
n5xmxvYhyhLa8pmNnuhItnMeF4hwjmL/+5U/HBf4NYSXXEh/U7EZeNPuPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK91W5S4yvQgF5LN7xna3PLUgrbRMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcjNWYmxMaks5Q0FYa3MzdkdkcmM4dFNDdHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAArHIUWJymbTi+qnlr63
2dc993vhwVwHzdVQ/p31HWVY6kBmmgtf3doE/hvYWr38YtQALSH+4vlLo8iZtjXZ
epvInrUhelKSHS/DSEwKhvLO5HfzHH3s6q8zsaUpwn8ZmcMRaiYKmvhMcL526TiF
FuUBFzQsrZV5dXUE57j+PL2a3nDC/ugumX3tu0VAcKr1Xc4IRgBbDLQJrM8axkuL
LFy/4N324TsP+V1CPZW2kTRxZ42n3+3zuX/Eva5/sSwDXNsE4aFTdEBBzBh0EVGu
B2OHyjMijKPtKsd4T5gJw5rhNh4n4v5TBC8BrohO93Cb0kIfXCuS+pfjhf1w9Tht
FP4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:00:03 2025 by rpki-client