Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rI7y1vfsKXqIO8cSiHumyCgOaos.roa
File: rI7y1vfsKXqIO8cSiHumyCgOaos.roa (raw, json)
Hash identifier: IjSHVDfIeAT/kZPsNE2NkONbFNvdV9IefXVurULKrmU=
Subject key identifier: AC:8E:F2:D6:F7:EC:29:7A:88:3B:C7:12:88:7B:A6:C8:28:0E:6A:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8E9AACE83AB6E0202D2341F73E27EB27
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rI7y1vfsKXqIO8cSiHumyCgOaos.roa
Signing time: Sat 30 Mar 2024 09:04:45 +0000
ROA not before: Sat 30 Mar 2024 09:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:8e9a:39b0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8e:9a:ac:e8:3a:b6:e0:20:2d:23:41:f7:3e:27:eb:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 09:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac8ef2d6f7ec297a883bc712887ba6c8280e6a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ee:9e:01:ca:5c:0b:7d:dd:af:98:69:75:18:
60:9f:08:47:8c:e9:ed:c4:41:b3:fa:11:87:54:46:
b0:1b:bb:a7:fc:2b:67:87:c3:1a:08:74:c1:8b:c5:
e4:cc:05:04:62:d7:41:9a:4e:7d:b9:d4:33:3e:71:
7c:59:6c:77:2e:16:48:c5:8a:d5:11:19:aa:c7:16:
43:2c:e8:80:61:a7:e5:91:49:97:f2:fd:6f:df:71:
56:4c:9a:e4:ee:c2:9e:50:25:f6:04:6a:17:e0:2e:
85:67:84:b7:21:33:50:69:48:db:43:8a:4a:c5:f1:
7f:a3:c2:bf:7e:a5:c4:6f:79:9b:10:5e:c2:ce:7e:
99:37:4f:f5:80:3c:6a:a1:e8:5a:72:65:d5:bc:3d:
10:99:76:c6:89:db:c6:8b:26:04:cd:ae:a9:54:9d:
65:e8:05:a4:73:25:b6:a2:32:ca:fa:8e:12:dd:32:
65:12:44:60:6c:5e:af:1d:9c:31:3e:02:97:4a:39:
8e:2d:61:17:c9:f3:fb:9f:76:6f:25:5e:7b:3a:43:
0b:77:a9:3c:e7:12:a7:b1:28:ff:98:b2:c2:f0:10:
e8:fd:f4:f9:13:bf:d0:6b:ed:dc:32:76:c2:5b:65:
d2:46:59:e4:66:ee:17:68:b8:be:34:0a:54:bf:2e:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8E:F2:D6:F7:EC:29:7A:88:3B:C7:12:88:7B:A6:C8:28:0E:6A:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rI7y1vfsKXqIO8cSiHumyCgOaos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:01:ce:e0:c6:d1:21:c8:48:e2:34:51:31:2d:4d:1f:27:60:
b8:c4:34:39:3b:f3:92:8f:a5:92:f9:8f:b4:4d:9a:7f:cd:02:
57:c2:12:f0:71:5a:2c:1c:d3:d9:14:d8:a8:eb:52:50:e9:fb:
10:57:d8:fb:54:0a:51:3b:f9:a9:61:7c:cf:a2:22:f3:50:f8:
99:d2:ad:9a:53:ca:d6:ed:4e:8d:cc:ed:14:5b:5c:89:29:7e:
7d:df:bc:08:df:84:45:0e:8e:38:23:81:f9:fd:9b:60:57:e6:
85:e3:7c:45:94:48:e7:e0:0f:95:bb:bd:51:5c:ac:66:d2:a1:
10:84:e3:dd:97:50:e3:fb:8a:6f:90:42:e4:5e:8c:60:a4:c6:
fc:2d:ba:75:68:31:45:7f:f6:d9:0f:0e:c5:9a:39:7d:68:b2:
0c:8a:e5:e1:08:80:48:69:d1:08:a3:0f:db:4e:fc:af:a0:32:
b2:66:fc:60:ed:1e:9e:61:0d:fd:17:39:b4:7c:a6:a2:72:3c:
51:fa:ad:a2:3f:3f:bc:7c:b7:77:8c:46:3d:d4:50:75:1e:97:
db:4e:f9:96:37:44:43:3d:82:8d:4b:f5:2a:6e:05:d0:91:44:
a9:35:d3:50:64:fe:cc:a5:ba:3a:3c:93:d3:35:ab:fd:90:5e:
58:ee:12:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6OmqzoOrbgIC0jQfc+J+snMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMDkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhlZjJkNmY3ZWMyOTdhODgzYmM3MTI4ODdiYTZjODI4MGU2YThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+6eAcpcC33dr5hpdRhgnwhHjOnt
xEGz+hGHVEawG7un/Ctnh8MaCHTBi8XkzAUEYtdBmk59udQzPnF8WWx3LhZIxYrV
ERmqxxZDLOiAYaflkUmX8v1v33FWTJrk7sKeUCX2BGoX4C6FZ4S3ITNQaUjbQ4pK
xfF/o8K/fqXEb3mbEF7Czn6ZN0/1gDxqoehacmXVvD0QmXbGidvGiyYEza6pVJ1l
6AWkcyW2ojLK+o4S3TJlEkRgbF6vHZwxPgKXSjmOLWEXyfP7n3ZvJV57OkMLd6k8
5xKnsSj/mLLC8BDo/fT5E7/Qa+3cMnbCW2XSRlnkZu4XaLi+NApUvy5M5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKyO8tb37Cl6iDvHEoh7psgoDmqLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvckk3eTF2ZnNLWHFJTzhjU2lIdW15Q2dPYW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFwBzuDG0SHISOI0UTEt
TR8nYLjENDk785KPpZL5j7RNmn/NAlfCEvBxWiwc09kU2KjrUlDp+xBX2PtUClE7
+alhfM+iIvNQ+JnSrZpTytbtTo3M7RRbXIkpfn3fvAjfhEUOjjgjgfn9m2BX5oXj
fEWUSOfgD5W7vVFcrGbSoRCE492XUOP7im+QQuRejGCkxvwtunVoMUV/9tkPDsWa
OX1osgyK5eEIgEhp0QijD9tO/K+gMrJm/GDtHp5hDf0XObR8pqJyPFH6raI/P7x8
t3eMRj3UUHUel9tO+ZY3REM9go1L9SpuBdCRRKk101Bk/sylujo8k9M1q/2QXlju
Eg4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:07:55 2025 by rpki-client