Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u-x68iBvUbBulV5_XXgUGFEsXog.roa
File: u-x68iBvUbBulV5_XXgUGFEsXog.roa (raw, json)
Hash identifier: +tjf50BD0vlyTub6CVFO66D2CMhhGsD/SJTvz/VHtOs=
Subject key identifier: BB:EC:7A:F2:20:6F:51:B0:6E:95:5E:7F:5D:78:14:18:51:2C:5E:88
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E442BCD8C22FEDD924E8F43968871F354
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u-x68iBvUbBulV5_XXgUGFEsXog.roa
Signing time: Fri 15 Mar 2024 22:11:45 +0000
ROA not before: Fri 15 Mar 2024 22:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:44:2b:cd:8c:22:fe:dd:92:4e:8f:43:96:88:71:f3:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 15 22:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbec7af2206f51b06e955e7f5d781418512c5e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5d:55:ef:87:c5:2d:e0:60:eb:1c:44:39:35:
73:c7:e4:0c:ba:4f:42:b2:f6:b8:f7:88:e2:10:2a:
c7:d1:d3:e2:f0:95:f1:ae:22:44:a8:07:a4:58:a4:
42:03:4d:73:47:bd:a4:a9:11:a5:16:b3:81:2f:01:
55:32:89:1d:af:45:46:7a:72:f6:9d:35:75:8b:e0:
f3:44:3e:b4:fe:70:ed:5e:ce:c2:92:87:35:08:60:
44:df:ad:90:b2:45:be:90:2a:d6:e2:a9:09:d4:b8:
e8:fc:d9:1a:46:d0:f1:d5:80:6d:32:12:dc:0a:3e:
db:a6:04:b7:44:2d:e2:0b:22:1d:2f:6b:12:4e:ca:
43:5e:3c:78:a1:ca:a8:eb:dc:0d:89:ce:5e:91:52:
55:55:22:8e:e6:45:1d:42:1f:03:d2:71:58:f9:75:
57:58:8e:74:d5:e3:2f:fc:50:eb:5c:3a:9a:d9:ad:
6b:dc:78:a5:bd:b3:b3:4e:99:8a:55:22:bd:5f:26:
5e:24:45:85:3d:d2:81:94:3c:68:12:13:72:77:ba:
42:83:9b:bb:db:63:c4:d1:6a:31:53:6a:de:81:90:
01:ff:7d:e0:b9:7d:95:6b:16:0d:e7:04:6e:60:b5:
67:b6:7b:47:29:70:7e:b3:91:4f:66:0f:6d:ad:78:
7c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EC:7A:F2:20:6F:51:B0:6E:95:5E:7F:5D:78:14:18:51:2C:5E:88
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u-x68iBvUbBulV5_XXgUGFEsXog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:ee:74:b8:bf:86:14:97:fb:c2:c6:a0:92:32:9d:37:dc:1c:
4c:18:07:7b:8d:4a:0e:1f:38:8f:00:a5:7a:7f:52:05:8c:e3:
e3:9d:8a:61:f5:a8:2b:43:8c:be:2f:98:33:4c:f9:2c:48:64:
04:fa:cc:c6:12:f5:7d:8f:44:17:b3:fd:89:08:2d:70:05:33:
c1:0a:ed:3a:1c:71:ce:cc:ff:db:52:16:4c:27:c3:f3:0f:64:
9d:41:0a:1e:89:de:cb:85:c4:8f:39:fc:34:b5:8d:9d:1f:ad:
38:90:05:08:c6:e8:00:49:26:71:33:0a:77:ff:6a:a6:5b:75:
c5:a8:b4:08:dd:eb:b6:c1:3f:56:da:dc:d4:c1:84:65:93:a1:
2a:30:0c:fa:3d:0a:53:21:62:19:c9:b2:a4:47:8e:9d:12:03:
21:cc:2a:b5:ce:7f:1d:12:79:e8:0a:f9:6c:37:3b:99:b8:ca:
c3:1c:ea:01:7a:11:41:61:46:f0:35:c8:cb:0d:ff:a4:2f:b9:
53:e0:b4:52:e9:d6:06:17:6d:6e:f7:fb:c6:97:69:49:3f:df:
b3:00:0b:ef:11:e4:c8:d7:21:72:26:fc:c2:8f:08:d4:07:9b:
c5:e8:2a:d4:e9:30:04:13:14:44:fd:50:d9:e3:53:07:af:b0:
28:38:66:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5EK82MIv7dkk6PQ5aIcfNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE1MjIxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVjN2FmMjIwNmY1MWIwNmU5NTVlN2Y1ZDc4MTQxODUxMmM1ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV1V74fFLeBg6xxEOTVzx+QMuk9C
sva494jiECrH0dPi8JXxriJEqAekWKRCA01zR72kqRGlFrOBLwFVMokdr0VGenL2
nTV1i+DzRD60/nDtXs7Ckoc1CGBE362QskW+kCrW4qkJ1Ljo/NkaRtDx1YBtMhLc
Cj7bpgS3RC3iCyIdL2sSTspDXjx4ocqo69wNic5ekVJVVSKO5kUdQh8D0nFY+XVX
WI501eMv/FDrXDqa2a1r3HilvbOzTpmKVSK9XyZeJEWFPdKBlDxoEhNyd7pCg5u7
22PE0WoxU2regZAB/33guX2VaxYN5wRuYLVntntHKXB+s5FPZg9trXh8UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLvsevIgb1GwbpVef114FBhRLF6IMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdS14NjhpQnZVYkJ1bFY1X1hYZ1VHRkVzWG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTudLi/hhSX+8LGoJIy
nTfcHEwYB3uNSg4fOI8ApXp/UgWM4+OdimH1qCtDjL4vmDNM+SxIZAT6zMYS9X2P
RBez/YkILXAFM8EK7Toccc7M/9tSFkwnw/MPZJ1BCh6J3suFxI85/DS1jZ0frTiQ
BQjG6ABJJnEzCnf/aqZbdcWotAjd67bBP1ba3NTBhGWToSowDPo9ClMhYhnJsqRH
jp0SAyHMKrXOfx0SeegK+Ww3O5m4ysMc6gF6EUFhRvA1yMsN/6QvuVPgtFLp1gYX
bW73+8aXaUk/37MAC+8R5MjXIXIm/MKPCNQHm8XoKtTpMAQTFET9UNnjUwevsCg4
ZoQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:16:45 2025 by rpki-client