Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lepo9rD7lpm8L6MP9JPXbLD1o8g.roa
File: Lepo9rD7lpm8L6MP9JPXbLD1o8g.roa (raw, json)
Hash identifier: uMBO0AfEVNom1WtD/+1bKiqEygIMCd1y55U2nOag/ro=
Subject key identifier: 2D:EA:68:F6:B0:FB:96:99:BC:2F:A3:0F:F4:93:D7:6C:B0:F5:A3:C8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E19E857BD781E7B40CBD43734D48DD2EB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lepo9rD7lpm8L6MP9JPXbLD1o8g.roa
Signing time: Thu 07 Mar 2024 17:14:00 +0000
ROA not before: Thu 07 Mar 2024 17:14:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:e8:57:bd:78:1e:7b:40:cb:d4:37:34:d4:8d:d2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 17:14:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dea68f6b0fb9699bc2fa30ff493d76cb0f5a3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d0:de:a0:63:cb:87:5f:cc:b9:99:7e:50:3d:
95:6d:9f:dd:6a:8e:a9:d2:17:a7:aa:27:27:f8:82:
37:ab:e7:60:5a:5b:0d:ea:d1:05:a5:b0:8f:e5:eb:
42:98:ff:b3:d5:ae:71:ca:21:5b:9d:95:cf:2e:b7:
e5:9e:65:ca:47:08:2d:3e:75:55:71:ce:3a:01:4d:
f7:b0:76:96:d9:c7:42:d8:b7:6a:82:9d:67:26:13:
24:b6:18:a1:77:f3:ca:0c:8c:bc:c3:df:b7:c5:b4:
6d:c9:33:f2:e5:0a:79:a1:af:98:15:a0:b3:fe:76:
41:cc:b2:f7:e1:53:d3:79:55:b9:2d:21:66:43:59:
b5:3b:6f:86:fd:36:94:b4:d1:c6:56:9e:fc:9f:19:
a3:06:0f:dd:7f:10:7e:9a:89:ac:95:a0:b8:79:a8:
27:86:4f:b7:c5:83:d4:bc:4f:1b:6b:ad:de:11:07:
e9:ce:b5:0b:ad:a9:b5:14:fe:13:69:a8:16:ef:2a:
9a:70:be:ab:14:06:f8:76:ff:5b:c9:af:c0:8e:4a:
01:1c:9f:a9:1e:7c:19:8d:8b:73:67:a3:84:a3:25:
52:6f:e6:b3:d5:2f:fe:af:f5:42:18:b2:74:7e:4d:
54:e3:dd:74:23:38:d5:0b:3e:bf:a3:71:5c:ef:bc:
26:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EA:68:F6:B0:FB:96:99:BC:2F:A3:0F:F4:93:D7:6C:B0:F5:A3:C8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lepo9rD7lpm8L6MP9JPXbLD1o8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:eb:32:5c:80:28:fb:b8:00:bc:74:60:a6:fc:64:d9:e9:37:
af:39:89:c2:73:6c:e9:ca:a5:89:85:99:35:d9:55:89:95:fe:
a8:b6:c3:e1:59:d0:d7:19:cb:6f:82:33:bc:9d:c5:1e:c7:4e:
9a:6f:c0:8e:72:89:56:c9:9c:77:33:14:87:b0:33:cb:22:a0:
4d:05:aa:52:4e:a1:b2:91:69:c2:5b:e7:83:c6:cb:78:2f:12:
92:92:51:a0:44:88:a0:91:72:5d:0c:2e:c6:b6:8b:77:7c:d7:
e8:d9:59:e0:09:18:b3:b5:39:04:49:9b:50:50:eb:78:6e:f6:
fe:d4:97:d3:e9:91:7e:20:46:98:14:94:39:3f:02:ad:59:77:
76:63:df:8b:d1:d7:ca:84:7b:47:bc:ed:0e:c2:f4:0d:ed:f1:
d2:0a:e3:2a:2f:21:df:23:71:d4:55:3c:76:2e:ae:0f:f5:50:
a1:52:d4:af:5c:87:1f:56:58:64:f9:a6:c7:a7:37:70:41:11:
46:3e:16:82:70:6c:af:10:3f:d9:20:e6:6b:05:d4:f9:7d:65:
a3:f8:01:f9:6d:b6:69:a1:6d:7e:f0:0d:4e:a5:7b:de:1d:06:
e3:5e:cd:4c:dc:05:1e:22:a3:a4:b6:c9:0d:77:a7:5f:49:bf:
d2:bf:ae:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Z6Fe9eB57QMvUNzTUjdLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MTcxNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGVhNjhmNmIwZmI5Njk5YmMyZmEzMGZmNDkzZDc2Y2IwZjVhM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9DeoGPLh1/MuZl+UD2VbZ/dao6p
0henqicn+II3q+dgWlsN6tEFpbCP5etCmP+z1a5xyiFbnZXPLrflnmXKRwgtPnVV
cc46AU33sHaW2cdC2Ldqgp1nJhMkthihd/PKDIy8w9+3xbRtyTPy5Qp5oa+YFaCz
/nZBzLL34VPTeVW5LSFmQ1m1O2+G/TaUtNHGVp78nxmjBg/dfxB+momslaC4eagn
hk+3xYPUvE8ba63eEQfpzrULram1FP4TaagW7yqacL6rFAb4dv9bya/AjkoBHJ+p
HnwZjYtzZ6OEoyVSb+az1S/+r/VCGLJ0fk1U4910IzjVCz6/o3Fc77wmVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC3qaPaw+5aZvC+jD/ST12yw9aPIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTGVwbzlyRDdscG04TDZNUDlKUFhiTEQxbzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFnrMlyAKPu4ALx0YKb8
ZNnpN685icJzbOnKpYmFmTXZVYmV/qi2w+FZ0NcZy2+CM7ydxR7HTppvwI5yiVbJ
nHczFIewM8sioE0FqlJOobKRacJb54PGy3gvEpKSUaBEiKCRcl0MLsa2i3d81+jZ
WeAJGLO1OQRJm1BQ63hu9v7Ul9PpkX4gRpgUlDk/Aq1Zd3Zj34vR18qEe0e87Q7C
9A3t8dIK4yovId8jcdRVPHYurg/1UKFS1K9chx9WWGT5psenN3BBEUY+FoJwbK8Q
P9kg5msF1Pl9ZaP4AflttmmhbX7wDU6le94dBuNezUzcBR4io6S2yQ13p19Jv9K/
rjo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:15:20 2025 by rpki-client