Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xCSvF3agVan6CAFx7nO1ouncNv8.roa
File: xCSvF3agVan6CAFx7nO1ouncNv8.roa (raw, json)
Hash identifier: fvZy2zEeKGkDAekhQDBr/7C5gko2rk227QBEO3eTMk8=
Subject key identifier: C4:24:AF:17:76:A0:55:A9:FA:08:01:71:EE:73:B5:A2:E9:DC:36:FF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB3F61573D5B3D1B93872FDA5FE79A24B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xCSvF3agVan6CAFx7nO1ouncNv8.roa
Signing time: Fri 29 Dec 2023 05:04:58 +0000
ROA not before: Fri 29 Dec 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:b3f5:594e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b3:f6:15:73:d5:b3:d1:b9:38:72:fd:a5:fe:79:a2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 29 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c424af1776a055a9fa080171ee73b5a2e9dc36ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:54:d3:40:05:6a:8b:84:a2:72:43:d7:36:17:
44:95:26:db:e8:52:ab:f1:b5:b4:78:26:80:d7:34:
9c:c8:f2:cb:d7:06:96:f0:a8:3e:c8:0e:8e:f3:60:
e7:75:af:f7:f0:c6:17:94:81:45:9c:2b:ed:9f:68:
5e:ef:e6:83:27:80:64:d9:a4:aa:bc:15:2c:f4:f2:
88:ed:49:88:57:7b:94:57:41:a5:c1:d2:c7:11:a1:
81:b9:89:a3:94:80:6b:ae:11:eb:c1:dc:d3:c5:67:
f5:3e:d1:d6:51:8a:c8:f6:23:58:18:29:c3:fd:25:
2b:2c:eb:ae:4e:28:b3:ca:8c:e2:cf:4e:6d:56:fe:
43:d8:f0:2a:aa:e6:30:0b:3c:68:43:6a:f3:a9:05:
65:0c:73:a8:7d:c3:a3:e1:05:3b:fc:5b:d5:e8:eb:
09:c3:48:c8:e4:37:8b:12:fb:08:14:68:aa:70:5b:
aa:e1:cb:fc:3d:b6:35:e9:20:3e:a3:a4:0e:7f:c3:
f8:b9:24:e0:03:96:19:8f:c8:ac:a8:a0:84:14:fa:
14:9e:b1:a2:b8:51:bb:e7:40:64:08:6e:a8:87:f2:
60:22:d2:21:be:70:b5:5b:eb:fd:e1:ea:8a:fd:f0:
08:6a:2e:54:44:b4:d7:13:cd:0d:24:53:04:71:6e:
ce:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:24:AF:17:76:A0:55:A9:FA:08:01:71:EE:73:B5:A2:E9:DC:36:FF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xCSvF3agVan6CAFx7nO1ouncNv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:f6:08:8c:98:1f:97:ec:93:2f:0a:1a:d6:e4:a1:19:a1:9c:
c2:3f:c2:f4:7a:4e:ec:13:3f:76:00:17:3d:4b:70:d6:cb:4c:
5d:62:17:59:9a:ea:34:fc:ee:30:f2:9a:7e:d6:d6:bc:19:7b:
ed:55:ef:8d:19:36:a3:c0:3a:8f:af:5c:8b:4b:00:3c:c3:e8:
54:19:61:a2:b7:1d:ca:f4:b0:59:37:64:6d:26:bb:6a:d9:ba:
fa:8b:03:0b:f9:e3:ac:32:b9:ba:e8:27:7a:78:ce:14:aa:62:
db:75:88:7c:de:4a:9c:16:24:69:69:1d:08:03:14:df:e3:44:
4a:be:11:c0:2d:ef:f0:27:5a:cf:7d:b8:df:45:2f:f6:0c:2f:
d9:a9:55:57:11:b5:1c:da:df:72:9c:18:34:9e:cf:b2:4c:24:
14:01:4a:b3:64:50:30:3f:d2:4c:f0:61:33:dd:22:93:08:7f:
d5:11:e4:18:82:a6:83:94:cc:7b:ba:8a:83:9e:5f:09:0c:de:
79:c1:e1:61:79:b2:68:1c:68:10:8b:eb:db:11:b1:00:5c:33:
df:c3:a0:07:88:27:94:ca:b4:fa:ae:3a:96:f9:b6:ca:ac:eb:
b8:a4:0f:04:8c:9a:17:ae:65:96:6b:91:30:d9:45:eb:47:bf:
de:e6:d4:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyz9hVz1bPRuThy/aX+eaJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI5MDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI0YWYxNzc2YTA1NWE5ZmEwODAxNzFlZTczYjVhMmU5ZGMzNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1TTQAVqi4SickPXNhdElSbb6FKr
8bW0eCaA1zScyPLL1waW8Kg+yA6O82Dnda/38MYXlIFFnCvtn2he7+aDJ4Bk2aSq
vBUs9PKI7UmIV3uUV0GlwdLHEaGBuYmjlIBrrhHrwdzTxWf1PtHWUYrI9iNYGCnD
/SUrLOuuTiizyoziz05tVv5D2PAqquYwCzxoQ2rzqQVlDHOofcOj4QU7/FvV6OsJ
w0jI5DeLEvsIFGiqcFuq4cv8PbY16SA+o6QOf8P4uSTgA5YZj8isqKCEFPoUnrGi
uFG750BkCG6oh/JgItIhvnC1W+v94eqK/fAIai5URLTXE80NJFMEcW7OCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQkrxd2oFWp+ggBce5ztaLp3Db/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveENTdkYzYWdWYW42Q0FGeDduTzFvdW5jTnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIL2CIyYH5fsky8KGtbk
oRmhnMI/wvR6TuwTP3YAFz1LcNbLTF1iF1ma6jT87jDymn7W1rwZe+1V740ZNqPA
Oo+vXItLADzD6FQZYaK3Hcr0sFk3ZG0mu2rZuvqLAwv546wyubroJ3p4zhSqYtt1
iHzeSpwWJGlpHQgDFN/jREq+EcAt7/AnWs99uN9FL/YML9mpVVcRtRza33KcGDSe
z7JMJBQBSrNkUDA/0kzwYTPdIpMIf9UR5BiCpoOUzHu6ioOeXwkM3nnB4WF5smgc
aBCL69sRsQBcM9/DoAeIJ5TKtPquOpb5tsqs67ikDwSMmheuZZZrkTDZRetHv97m
1Ds=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:22:31 2025 by rpki-client