Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v6UkmYW7SOrF76U0FgEyldHbqQQ.roa
File: v6UkmYW7SOrF76U0FgEyldHbqQQ.roa (raw, json)
Hash identifier: zc0X3b/PoIKo4sJJBLgdWYOuU+bc3XQHzoex6tW+D0w=
Subject key identifier: BF:A5:24:99:85:BB:48:EA:C5:EF:A5:34:16:01:32:95:D1:DB:A9:04
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBA38422A6A5AF43ED9E7ADAD3CBE107E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v6UkmYW7SOrF76U0FgEyldHbqQQ.roa
Signing time: Sat 30 Dec 2023 10:14:58 +0000
ROA not before: Sat 30 Dec 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:38:42:2a:6a:5a:f4:3e:d9:e7:ad:ad:3c:be:10:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfa5249985bb48eac5efa53416013295d1dba904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:43:2a:99:b6:bb:8c:e1:74:4c:6f:9c:bf:a4:
ee:61:b9:74:26:5f:e5:0d:89:93:87:9e:2c:6b:78:
cb:e7:2c:6b:d5:34:8a:39:6f:dd:6a:86:b8:1c:19:
e0:94:0f:df:c6:05:3f:ce:3d:49:48:97:83:f5:21:
c1:1b:95:57:b6:3a:61:cb:56:96:db:56:25:8a:61:
66:c4:6b:42:fa:42:20:9d:33:59:04:8e:10:23:54:
c6:a1:ea:fa:22:e4:36:25:45:53:5c:0f:d5:ad:96:
aa:32:91:e9:d9:6a:ba:f1:28:bc:e6:0a:85:75:fb:
28:5f:5f:0b:bd:f0:04:78:79:70:d2:34:a2:61:a0:
b3:0b:c7:b9:29:c0:8e:ea:0b:cb:5e:e3:11:ab:c8:
33:bb:bc:3b:67:75:6f:62:3e:e1:89:23:a6:d9:3d:
16:8a:c7:c9:53:ca:6f:81:2e:cd:67:05:51:5e:17:
74:d8:68:5e:57:6d:57:0c:5f:c9:99:25:26:08:d0:
7b:e8:d8:7d:d0:f7:30:3d:0a:14:dc:92:b4:1b:65:
24:ac:03:ab:e5:4b:b2:75:9c:2d:c9:03:2c:a5:ff:
3c:c0:f8:01:0a:c4:7a:b0:57:79:87:63:78:76:0f:
7b:7f:f7:1a:72:b4:8f:5c:fc:1b:49:53:61:8e:f8:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A5:24:99:85:BB:48:EA:C5:EF:A5:34:16:01:32:95:D1:DB:A9:04
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v6UkmYW7SOrF76U0FgEyldHbqQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:eb:e6:e1:f3:bb:51:39:2b:96:c3:61:96:2a:05:dd:81:ce:
52:d5:33:18:c7:a0:59:61:5d:36:e5:26:c8:25:97:e2:56:e8:
d2:30:20:36:ae:1c:4f:20:24:ee:a1:4b:27:9f:6e:bb:5a:8e:
32:3c:6d:b0:36:c3:20:d0:54:44:3d:7e:4d:3e:c3:d3:be:48:
a2:5c:87:b4:12:bb:a2:17:ce:78:43:3d:69:69:73:33:a4:52:
cf:26:b4:f3:77:29:21:dd:c8:a5:fe:86:d9:49:43:86:eb:80:
ba:ff:46:7f:8d:61:20:1a:99:28:b9:51:71:8f:37:76:64:ca:
df:38:e4:b0:43:ae:9b:0b:0a:ae:c9:80:bc:8b:c2:37:fe:00:
43:df:00:64:43:d5:f4:bc:5f:9a:a3:5a:39:f8:73:a7:fa:2d:
b1:92:77:87:6c:ed:c0:70:3c:f9:b9:25:38:f0:2b:69:28:3b:
54:50:fb:64:df:55:93:d6:8a:85:a3:05:87:2b:6f:ee:e3:86:
39:81:61:38:05:ea:b9:15:f5:f2:2e:b8:b9:8f:49:36:a3:59:
d0:7f:05:e8:42:67:76:0e:9e:18:ac:4f:14:14:5c:d9:88:3e:
2e:09:4d:33:41:fd:4f:d5:7f:8d:d8:bf:dc:7d:b2:b7:4e:22:
5c:d4:c5:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy6OEIqalr0Ptnnra08vhB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmE1MjQ5OTg1YmI0OGVhYzVlZmE1MzQxNjAxMzI5NWQxZGJhOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Mqmba7jOF0TG+cv6TuYbl0Jl/l
DYmTh54sa3jL5yxr1TSKOW/daoa4HBnglA/fxgU/zj1JSJeD9SHBG5VXtjphy1aW
21YlimFmxGtC+kIgnTNZBI4QI1TGoer6IuQ2JUVTXA/VrZaqMpHp2Wq68Si85gqF
dfsoX18LvfAEeHlw0jSiYaCzC8e5KcCO6gvLXuMRq8gzu7w7Z3VvYj7hiSOm2T0W
isfJU8pvgS7NZwVRXhd02GheV21XDF/JmSUmCNB76Nh90PcwPQoU3JK0G2UkrAOr
5UuydZwtyQMspf88wPgBCsR6sFd5h2N4dg97f/cacrSPXPwbSVNhjvh48QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL+lJJmFu0jqxe+lNBYBMpXR26kEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdjZVa21ZVzdTT3JGNzZVMEZnRXlsZEhicVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACjr5uHzu1E5K5bDYZYq
Bd2BzlLVMxjHoFlhXTblJsgll+JW6NIwIDauHE8gJO6hSyefbrtajjI8bbA2wyDQ
VEQ9fk0+w9O+SKJch7QSu6IXznhDPWlpczOkUs8mtPN3KSHdyKX+htlJQ4brgLr/
Rn+NYSAamSi5UXGPN3Zkyt845LBDrpsLCq7JgLyLwjf+AEPfAGRD1fS8X5qjWjn4
c6f6LbGSd4ds7cBwPPm5JTjwK2koO1RQ+2TfVZPWioWjBYcrb+7jhjmBYTgF6rkV
9fIuuLmPSTajWdB/BehCZ3YOnhisTxQUXNmIPi4JTTNB/U/Vf43Yv9x9srdOIlzU
xWs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:32:20 2025 by rpki-client