Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uFePOF82FOWtbUGrch554fbdIE0.roa
File: uFePOF82FOWtbUGrch554fbdIE0.roa (raw, json)
Hash identifier: PIi/ySPEt8l64msEWG99/JM847/a+TTRry4Ky+EdSNw=
Subject key identifier: B8:57:8F:38:5F:36:14:E5:AD:6D:41:AB:72:1E:79:E1:F6:DD:20:4D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFD2AA97FC783F2F81A0734BA83B377DC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uFePOF82FOWtbUGrch554fbdIE0.roa
Signing time: Fri 12 Jan 2024 10:14:40 +0000
ROA not before: Fri 12 Jan 2024 10:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:2a:a9:7f:c7:83:f2:f8:1a:07:34:ba:83:b3:77:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 10:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8578f385f3614e5ad6d41ab721e79e1f6dd204d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8a:49:3e:35:32:9a:78:e1:32:a6:4c:23:75:
96:0f:c6:21:a0:44:ea:82:fb:5a:39:a7:0d:f8:1a:
6b:f8:4b:f2:60:54:1d:cf:a3:81:5d:01:de:1b:d3:
eb:5b:55:4e:98:e5:4a:cc:25:90:65:bf:86:e5:14:
60:61:b7:0b:4a:dc:81:70:36:22:0b:52:bc:12:2e:
32:52:4e:73:2f:0a:ff:d5:df:ec:de:2f:0b:32:52:
ba:b2:c5:cf:bd:29:1b:57:0a:54:8d:50:7e:4a:34:
6c:b5:bf:8d:90:5c:1b:0f:d1:e4:a1:06:e9:d3:57:
22:71:2b:d7:50:08:23:f2:f5:34:7c:26:c7:85:52:
c4:8e:11:64:66:0f:3d:4c:d4:bc:24:75:ce:45:29:
f7:b4:c6:2d:67:02:58:a7:f6:37:91:5c:f8:94:bf:
74:09:4a:46:1e:3a:53:27:9c:76:87:27:f5:de:c1:
ee:e9:5d:73:5f:48:29:dd:2b:a4:9f:38:91:e1:54:
c2:df:68:c7:da:93:76:f2:0a:91:d7:4a:15:89:2a:
ec:b7:da:5a:2b:dc:1f:1f:69:fe:f4:9f:08:b3:f5:
b2:61:63:aa:ba:b6:21:7a:a0:55:30:fd:da:96:bc:
f4:8d:42:2e:c2:b5:69:7b:13:49:02:29:d6:2d:98:
d4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:8F:38:5F:36:14:E5:AD:6D:41:AB:72:1E:79:E1:F6:DD:20:4D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uFePOF82FOWtbUGrch554fbdIE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:a2:a2:41:71:b8:fb:8b:35:6e:b2:0f:08:aa:34:4b:c4:36:
68:0a:77:93:3b:2b:71:aa:7b:b8:80:c2:fb:95:6f:ee:d8:62:
02:cf:2c:fe:f5:3f:51:9d:ee:be:5a:0e:dc:5a:bd:13:2c:14:
fc:38:48:93:a0:83:8f:cc:43:5d:66:15:9c:1e:07:c5:b8:c7:
e1:af:da:d1:95:f6:ea:c2:8b:f5:35:08:1b:2e:09:cc:55:f9:
d5:6a:4c:e5:15:35:ba:52:86:2d:bb:3c:40:23:4d:0a:a3:dc:
b0:94:28:52:45:d7:28:79:3c:49:2b:d9:e1:d0:e9:fa:65:1f:
5e:99:2d:71:9f:ea:9e:a0:ee:2c:6b:f8:f0:0c:ec:8b:41:ed:
64:15:dd:31:c1:eb:26:43:85:a1:8b:e4:1e:4d:d7:84:85:bc:
41:7b:b2:3d:8c:6d:72:df:3f:23:47:9b:1a:34:0c:ab:dd:87:
7f:44:36:1e:a5:9f:40:c3:3f:1f:97:a6:60:35:f7:cb:4b:47:
6e:b7:32:08:bd:d9:81:ad:30:98:c7:93:1e:73:85:6c:e7:8f:
a9:63:6f:1a:14:56:cf:45:20:75:4b:04:24:43:95:87:da:7b:
62:09:b9:af:38:53:a5:64:a0:6a:0e:d2:82:44:34:8a:95:a6:
66:19:71:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz9Kql/x4Py+BoHNLqDs3fcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMTAxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU3OGYzODVmMzYxNGU1YWQ2ZDQxYWI3MjFlNzllMWY2ZGQyMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIpJPjUymnjhMqZMI3WWD8YhoETq
gvtaOacN+Bpr+EvyYFQdz6OBXQHeG9PrW1VOmOVKzCWQZb+G5RRgYbcLStyBcDYi
C1K8Ei4yUk5zLwr/1d/s3i8LMlK6ssXPvSkbVwpUjVB+SjRstb+NkFwbD9HkoQbp
01cicSvXUAgj8vU0fCbHhVLEjhFkZg89TNS8JHXORSn3tMYtZwJYp/Y3kVz4lL90
CUpGHjpTJ5x2hyf13sHu6V1zX0gp3SuknziR4VTC32jH2pN28gqR10oViSrst9pa
K9wfH2n+9J8Is/WyYWOqurYheqBVMP3alrz0jUIuwrVpexNJAinWLZjUZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLhXjzhfNhTlrW1Bq3IeeeH23SBNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdUZlUE9GODJGT1d0YlVHcmNoNTU0ZmJkSUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiiokFxuPuLNW6yDwiq
NEvENmgKd5M7K3Gqe7iAwvuVb+7YYgLPLP71P1Gd7r5aDtxavRMsFPw4SJOgg4/M
Q11mFZweB8W4x+Gv2tGV9urCi/U1CBsuCcxV+dVqTOUVNbpShi27PEAjTQqj3LCU
KFJF1yh5PEkr2eHQ6fplH16ZLXGf6p6g7ixr+PAM7ItB7WQV3THB6yZDhaGL5B5N
14SFvEF7sj2MbXLfPyNHmxo0DKvdh39ENh6ln0DDPx+XpmA198tLR263Mgi92YGt
MJjHkx5zhWznj6ljbxoUVs9FIHVLBCRDlYfae2IJua84U6VkoGoO0oJENIqVpmYZ
cco=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:26:35 2025 by rpki-client