Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/t69K3jpDStdnmWYWUi5X2aw8kB4.roa
File: t69K3jpDStdnmWYWUi5X2aw8kB4.roa (raw, json)
Hash identifier: T31CTjxWIWM5k86wUBPVSrbJ1+rZpcAZAWxvPo19sX4=
Subject key identifier: B7:AF:4A:DE:3A:43:4A:D7:67:99:66:16:52:2E:57:D9:AC:3C:90:1E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5D7755509D814A0DE41FDDB822A9F221
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/t69K3jpDStdnmWYWUi5X2aw8kB4.roa
Signing time: Wed 20 Mar 2024 20:04:45 +0000
ROA not before: Wed 20 Mar 2024 20:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5d76:dd32/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:77:55:50:9d:81:4a:0d:e4:1f:dd:b8:22:a9:f2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 20:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7af4ade3a434ad767996616522e57d9ac3c901e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:d2:ac:bd:80:b6:03:9a:af:47:18:7b:ee:
59:94:ce:82:3a:c6:89:a7:f9:28:42:22:53:a2:a1:
49:2b:34:b9:c6:62:f7:d0:c4:4e:37:45:b2:5f:42:
f3:d4:56:31:55:3f:db:a0:96:ba:c0:92:3c:76:39:
2b:ca:f5:33:2d:00:ee:88:22:9a:d8:a0:14:f8:12:
57:b2:86:58:c7:77:14:04:49:ec:e8:a5:d4:95:dc:
b2:cf:e3:64:03:a0:60:0e:93:ec:8c:ab:92:05:ce:
87:80:6f:67:79:cf:a2:44:47:92:b4:92:fc:37:7a:
51:7c:28:d8:ec:dc:22:f0:74:05:fa:c1:5e:f7:59:
aa:a2:8f:ab:88:fb:51:26:22:c6:05:f2:40:89:46:
21:dd:3c:25:f6:d0:95:39:2c:66:b5:7f:67:41:4c:
0c:11:6c:f9:c4:18:34:ca:8f:c5:89:b8:dc:97:4f:
1a:03:5b:56:5b:ad:c0:57:3e:34:4e:1a:55:b8:1d:
92:35:9d:b7:b0:74:fc:50:24:f2:6b:31:f5:c0:da:
6b:00:0b:c3:e1:a1:94:3c:51:74:67:ba:f4:3c:ec:
93:a0:54:63:e6:ff:a1:4c:26:5c:d2:c4:12:11:a6:
27:8c:df:e7:e2:09:9f:7e:d2:da:7d:ae:8c:99:3b:
9e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AF:4A:DE:3A:43:4A:D7:67:99:66:16:52:2E:57:D9:AC:3C:90:1E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/t69K3jpDStdnmWYWUi5X2aw8kB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:00:24:cd:89:99:ae:f8:35:1c:b0:42:0d:8d:bf:f8:27:d2:
78:53:d1:8e:dd:15:55:57:87:b8:de:2f:a7:f0:fc:45:bb:68:
1f:19:bc:64:79:de:25:6d:c8:18:57:e3:15:06:63:a9:b2:49:
e5:39:b6:58:38:aa:fe:ec:c3:5c:cb:49:5e:17:22:5f:43:16:
43:24:ab:bd:f9:a8:2a:03:3b:5e:4c:65:8b:18:bb:45:97:0d:
1b:e2:07:c7:d9:96:36:9b:23:75:0b:56:eb:05:e9:4a:29:34:
40:d3:32:46:6d:83:f5:e3:f8:9d:ec:a9:cd:53:e3:25:61:ee:
77:30:f3:fd:fe:f3:ca:ac:53:8a:c6:6b:d1:ae:8a:e4:8d:7d:
56:7e:7f:cb:9a:c0:de:5c:0a:ef:8b:43:85:18:4b:36:1f:9e:
e0:ea:d3:70:a5:da:51:0e:9e:2f:b1:54:40:78:ce:3d:42:a1:
09:0b:7f:e9:fd:29:db:9f:78:7a:96:5a:60:d7:aa:b2:40:cf:
36:e5:f4:64:5c:c7:47:61:3a:ef:37:51:d3:14:41:1c:9f:e5:
3d:20:a6:bf:b8:af:89:06:56:a3:66:8e:da:94:b1:b4:b4:67:
b3:46:b7:dc:10:f7:f1:9d:b4:28:be:1e:dc:b4:78:3c:d8:7c:
0a:ba:18:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5dd1VQnYFKDeQf3bgiqfIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMjAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FmNGFkZTNhNDM0YWQ3Njc5OTY2MTY1MjJlNTdkOWFjM2M5MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM7SrL2AtgOar0cYe+5ZlM6COsaJ
p/koQiJToqFJKzS5xmL30MRON0WyX0Lz1FYxVT/boJa6wJI8djkryvUzLQDuiCKa
2KAU+BJXsoZYx3cUBEns6KXUldyyz+NkA6BgDpPsjKuSBc6HgG9nec+iREeStJL8
N3pRfCjY7Nwi8HQF+sFe91mqoo+riPtRJiLGBfJAiUYh3Twl9tCVOSxmtX9nQUwM
EWz5xBg0yo/Fibjcl08aA1tWW63AVz40ThpVuB2SNZ23sHT8UCTyazH1wNprAAvD
4aGUPFF0Z7r0POyToFRj5v+hTCZc0sQSEaYnjN/n4gmfftLafa6MmTuewQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLevSt46Q0rXZ5lmFlIuV9msPJAeMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdDY5SzNqcERTdGRubVdZV1VpNVgyYXc4a0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4AJM2Jma74NRywQg2N
v/gn0nhT0Y7dFVVXh7jeL6fw/EW7aB8ZvGR53iVtyBhX4xUGY6mySeU5tlg4qv7s
w1zLSV4XIl9DFkMkq735qCoDO15MZYsYu0WXDRviB8fZljabI3ULVusF6UopNEDT
MkZtg/Xj+J3sqc1T4yVh7ncw8/3+88qsU4rGa9GuiuSNfVZ+f8uawN5cCu+LQ4UY
SzYfnuDq03Cl2lEOni+xVEB4zj1CoQkLf+n9KdufeHqWWmDXqrJAzzbl9GRcx0dh
Ou83UdMUQRyf5T0gpr+4r4kGVqNmjtqUsbS0Z7NGt9wQ9/GdtCi+Hty0eDzYfAq6
GFw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:12:31 2025 by rpki-client