Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uND6MSm2XE3K2Iml1Sax1fT770M.roa
File: uND6MSm2XE3K2Iml1Sax1fT770M.roa (raw, json)
Hash identifier: nafMQUo1L/T63MzN0TzKLorR9CzTIL9YnZ9KsIsgc2U=
Subject key identifier: B8:D0:FA:31:29:B6:5C:4D:CA:D8:89:A5:D5:26:B1:D5:F4:FB:EF:43
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DBC933AA78598A07831C4EE428B4EF959
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uND6MSm2XE3K2Iml1Sax1fT770M.roa
Signing time: Sun 18 Feb 2024 14:16:21 +0000
ROA not before: Sun 18 Feb 2024 14:16:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bc:93:3a:a7:85:98:a0:78:31:c4:ee:42:8b:4e:f9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 18 14:16:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d0fa3129b65c4dcad889a5d526b1d5f4fbef43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:b2:b1:de:14:46:40:86:0f:b2:36:c5:97:
82:8b:89:49:6c:61:13:b1:12:77:22:2a:94:61:7e:
2b:78:7a:54:fa:74:a2:13:f6:00:f1:e8:d0:5b:ce:
3c:26:44:7f:c6:3e:5b:16:df:e5:1a:94:10:37:5d:
82:9f:f3:95:0e:20:8a:2e:ac:44:0e:8f:ff:5c:63:
dc:82:b1:29:6b:a2:5b:fe:92:5c:31:35:9c:a3:46:
23:93:24:b4:5f:fe:ef:a0:ee:ed:3d:6d:8d:29:0a:
7a:78:51:5b:fd:0c:76:be:b6:58:6d:54:19:3f:e0:
53:66:ba:e4:fa:a4:91:9c:26:31:df:dc:d4:3b:03:
ad:b7:4b:9b:e6:4e:73:75:63:dd:41:f7:6d:54:73:
61:d3:66:35:5e:23:2c:a0:7d:0c:17:4e:35:88:ad:
29:49:9f:2d:ee:5b:f7:e2:66:2f:68:38:35:cb:a5:
94:79:56:44:7a:6f:3a:3a:7b:67:ca:cf:22:ab:59:
ed:eb:92:90:9e:cd:0b:ca:8f:09:47:fa:70:64:3c:
5e:e5:4f:90:89:93:8e:0e:84:5d:84:87:d1:36:0c:
e4:23:be:09:9e:ae:89:58:22:8f:4a:a7:e4:41:d4:
95:d1:56:22:69:8c:95:41:a6:ab:92:59:05:ad:6a:
9a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D0:FA:31:29:B6:5C:4D:CA:D8:89:A5:D5:26:B1:D5:F4:FB:EF:43
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uND6MSm2XE3K2Iml1Sax1fT770M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:48:3e:48:19:cd:6e:ad:ed:73:2e:48:4a:03:79:89:18:46:
ce:43:97:76:17:e4:9c:6f:4d:66:72:a3:a8:79:01:4e:84:99:
d6:f0:c3:0c:46:48:a0:99:db:48:1a:3a:52:62:b8:35:37:ed:
73:c0:42:9e:34:57:14:18:ec:41:bc:18:a6:05:92:bd:57:c2:
dd:f8:31:d3:43:d3:94:b8:1b:52:38:ab:89:ba:d2:d9:c5:86:
19:60:29:92:f0:85:95:26:39:b7:90:eb:80:bd:91:26:8a:6e:
6a:08:92:2c:aa:2f:c9:06:11:f7:7f:35:af:9d:e4:0c:71:8d:
df:4a:9a:3e:33:b9:d9:06:27:f7:3c:1b:2e:f8:e8:19:07:b0:
dd:43:97:13:7e:18:19:ff:9d:22:a6:f4:ab:ec:17:f0:e3:e1:
f4:48:06:d6:a9:aa:b6:09:ee:f2:c5:6f:81:62:e2:a5:c7:1d:
1a:41:33:1d:2f:2f:2b:69:8a:57:58:ef:be:8f:c1:b6:85:63:
6c:e3:0d:47:47:9a:06:4f:fb:cb:a6:c2:be:13:e2:b0:6d:e3:
aa:dd:1c:56:68:02:0f:01:d2:9c:ba:6b:bc:f5:f5:a4:cf:b4:
4a:d0:60:bd:43:86:26:7f:b7:02:74:b9:7f:35:01:f7:7e:09:
36:13:3e:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY28kzqnhZigeDHE7kKLTvlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE4MTQxNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQwZmEzMTI5YjY1YzRkY2FkODg5YTVkNTI2YjFkNWY0ZmJlZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc6ysd4URkCGD7I2xZeCi4lJbGET
sRJ3IiqUYX4reHpU+nSiE/YA8ejQW848JkR/xj5bFt/lGpQQN12Cn/OVDiCKLqxE
Do//XGPcgrEpa6Jb/pJcMTWco0YjkyS0X/7voO7tPW2NKQp6eFFb/Qx2vrZYbVQZ
P+BTZrrk+qSRnCYx39zUOwOtt0ub5k5zdWPdQfdtVHNh02Y1XiMsoH0MF041iK0p
SZ8t7lv34mYvaDg1y6WUeVZEem86Ontnys8iq1nt65KQns0Lyo8JR/pwZDxe5U+Q
iZOODoRdhIfRNgzkI74Jnq6JWCKPSqfkQdSV0VYiaYyVQaarklkFrWqanwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLjQ+jEptlxNytiJpdUmsdX0++9DMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdU5ENk1TbTJYRTNLMkltbDFTYXgxZlQ3NzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKFIPkgZzW6t7XMuSEoD
eYkYRs5Dl3YX5JxvTWZyo6h5AU6EmdbwwwxGSKCZ20gaOlJiuDU37XPAQp40VxQY
7EG8GKYFkr1Xwt34MdND05S4G1I4q4m60tnFhhlgKZLwhZUmObeQ64C9kSaKbmoI
kiyqL8kGEfd/Na+d5Axxjd9Kmj4zudkGJ/c8Gy746BkHsN1DlxN+GBn/nSKm9Kvs
F/Dj4fRIBtapqrYJ7vLFb4Fi4qXHHRpBMx0vLytpildY776PwbaFY2zjDUdHmgZP
+8umwr4T4rBt46rdHFZoAg8B0py6a7z19aTPtErQYL1DhiZ/twJ0uX81Afd+CTYT
Ptw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:00:59 2025 by rpki-client