Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rox1UISb0voaL20cy8OpGQfHsSM.roa
File: rox1UISb0voaL20cy8OpGQfHsSM.roa (raw, json)
Hash identifier: Fue7pMT62c/5aijT7U/xXId+irTVkfUYx5TA4MTuuHU=
Subject key identifier: AE:8C:75:50:84:9B:D2:FA:1A:2F:6D:1C:CB:C3:A9:19:07:C7:B1:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB31E935F0BA49EA9D34661F572E9DB72
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rox1UISb0voaL20cy8OpGQfHsSM.roa
Signing time: Fri 16 Feb 2024 18:12:21 +0000
ROA not before: Fri 16 Feb 2024 18:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:1e:93:5f:0b:a4:9e:a9:d3:46:61:f5:72:e9:db:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 18:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae8c7550849bd2fa1a2f6d1ccbc3a91907c7b123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ce:8a:eb:d7:04:b8:42:95:07:97:37:5a:3d:
68:62:e5:bf:08:8c:b3:4e:8c:9a:d2:b4:3f:72:40:
ad:7a:35:85:4f:fe:b1:d7:80:5c:6e:e6:4e:7d:ed:
b6:43:05:61:c9:4b:07:65:ba:7e:8e:35:9c:dc:cf:
39:8d:11:23:89:17:38:2e:79:06:57:aa:d2:8d:5a:
a4:04:cf:d8:c2:8d:b6:74:fc:bc:ad:f4:4d:90:d5:
ce:30:b8:f9:61:78:d3:fa:5e:91:0a:7b:10:1b:70:
bd:3b:11:c2:de:8e:b3:5f:cd:b0:7f:94:0a:ab:24:
12:29:38:f4:18:ba:4f:c0:4a:f8:fc:4b:ed:a5:ce:
ab:56:ba:fa:17:6a:c6:78:ca:d3:b8:15:8f:9c:a0:
b8:56:14:16:ab:05:48:12:ee:53:24:19:4b:94:4d:
1e:9e:14:36:ee:5c:f4:84:5d:b0:da:c9:50:cc:0e:
ca:f6:8d:cb:a7:f0:fc:5f:2e:fa:1c:0e:2c:f6:ab:
7e:ab:dd:5c:14:ab:f2:3a:da:fb:e6:73:04:b3:46:
b1:6f:86:e5:c1:ff:98:cf:ab:e2:d2:ab:04:64:a4:
b6:9a:c2:b5:8c:26:29:aa:7d:38:23:d2:9d:f9:89:
b3:05:8d:82:6d:de:d4:da:e0:ce:34:db:e0:76:67:
97:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8C:75:50:84:9B:D2:FA:1A:2F:6D:1C:CB:C3:A9:19:07:C7:B1:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rox1UISb0voaL20cy8OpGQfHsSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:53:d9:63:4f:ea:a8:5a:34:e4:5e:23:dd:9c:1a:7a:e6:d7:
b3:aa:b5:4c:cd:97:1a:f9:86:13:1f:2d:73:82:a3:c0:01:80:
9f:f7:1c:45:6d:bf:dd:99:74:d5:5a:de:95:d3:51:b1:ed:0c:
db:8d:d2:37:79:7e:c5:73:11:96:9a:15:3a:f2:98:da:c5:61:
50:b3:fc:ab:00:0e:09:bb:21:1f:04:4f:b0:9b:7f:b8:dc:05:
c6:26:60:0a:7d:23:1a:13:49:15:ff:01:e6:04:c6:ea:4b:32:
f7:54:e5:57:cb:cb:27:6a:b1:20:26:ca:ca:ed:62:a6:ff:7e:
b0:51:a9:e7:b8:4e:90:81:6c:89:65:87:14:b5:85:21:a6:5a:
1b:18:c5:66:bf:2a:e2:2b:b0:71:76:1d:dc:fa:fe:8f:6e:51:
b5:e8:5a:b3:53:cd:4f:a8:ac:b5:11:79:7d:de:1d:89:fd:b9:
2e:da:90:0d:15:8e:e4:54:24:d9:10:3e:37:c7:3c:ee:45:eb:
c6:22:e4:fa:62:5a:d6:0d:c5:d2:fb:ce:09:4c:ab:ac:59:ab:
9f:ac:e5:65:28:f8:30:86:52:8c:23:a7:69:b8:da:54:a6:6d:
be:4b:56:34:b9:91:fe:bd:5d:9c:c8:f1:32:8e:06:57:8a:46:
a1:37:5d:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2zHpNfC6SeqdNGYfVy6dtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MTgxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThjNzU1MDg0OWJkMmZhMWEyZjZkMWNjYmMzYTkxOTA3YzdiMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM6K69cEuEKVB5c3Wj1oYuW/CIyz
Toya0rQ/ckCtejWFT/6x14BcbuZOfe22QwVhyUsHZbp+jjWc3M85jREjiRc4LnkG
V6rSjVqkBM/Ywo22dPy8rfRNkNXOMLj5YXjT+l6RCnsQG3C9OxHC3o6zX82wf5QK
qyQSKTj0GLpPwEr4/Evtpc6rVrr6F2rGeMrTuBWPnKC4VhQWqwVIEu5TJBlLlE0e
nhQ27lz0hF2w2slQzA7K9o3Lp/D8Xy76HA4s9qt+q91cFKvyOtr75nMEs0axb4bl
wf+Yz6vi0qsEZKS2msK1jCYpqn04I9Kd+YmzBY2Cbd7U2uDONNvgdmeXAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK6MdVCEm9L6Gi9tHMvDqRkHx7EjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcm94MVVJU2Iwdm9hTDIwY3k4T3BHUWZIc1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA9T2WNP6qhaNOReI92c
Gnrm17OqtUzNlxr5hhMfLXOCo8ABgJ/3HEVtv92ZdNVa3pXTUbHtDNuN0jd5fsVz
EZaaFTrymNrFYVCz/KsADgm7IR8ET7Cbf7jcBcYmYAp9IxoTSRX/AeYExupLMvdU
5VfLyydqsSAmysrtYqb/frBRqee4TpCBbIllhxS1hSGmWhsYxWa/KuIrsHF2Hdz6
/o9uUbXoWrNTzU+orLUReX3eHYn9uS7akA0VjuRUJNkQPjfHPO5F68Yi5PpiWtYN
xdL7zglMq6xZq5+s5WUo+DCGUowjp2m42lSmbb5LVjS5kf69XZzI8TKOBleKRqE3
XTE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:47:50 2025 by rpki-client