Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M4br2vE-hEEhu9WZlILMwOaycGs.roa
File: M4br2vE-hEEhu9WZlILMwOaycGs.roa (raw, json)
Hash identifier: McHnNULfxigp6W+oh68crvPUbxIZ37tDd3DA/T+4vdM=
Subject key identifier: 33:86:EB:DA:F1:3E:84:41:21:BB:D5:99:94:82:CC:C0:E6:B2:70:6B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D897F9173BA0552812EE107348869ECDE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M4br2vE-hEEhu9WZlILMwOaycGs.roa
Signing time: Thu 08 Feb 2024 16:14:15 +0000
ROA not before: Thu 08 Feb 2024 16:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:7f:91:73:ba:05:52:81:2e:e1:07:34:88:69:ec:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 8 16:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3386ebdaf13e844121bbd5999482ccc0e6b2706b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:78:69:8a:67:3b:72:92:e2:f3:29:f3:5a:1c:
78:a7:5c:25:a1:43:e5:f9:bb:d9:02:bf:f0:6f:0f:
c1:37:46:ca:f5:3c:b9:bb:a5:0e:b4:b8:e4:12:31:
74:09:7e:2e:02:c9:2f:aa:7a:81:5c:cc:e1:5d:14:
9b:76:59:6b:fb:c8:d3:e0:77:99:9f:cd:84:ec:e7:
ae:52:2f:8f:54:82:eb:e8:0f:9c:a6:51:e7:58:13:
e7:b6:04:06:6d:aa:59:44:95:75:3b:92:70:88:fb:
49:f1:e4:dc:05:5c:2e:62:29:ab:68:f7:97:11:fc:
46:6f:a2:20:06:aa:e8:54:b2:20:04:e0:7f:9b:d7:
70:73:dc:c6:d1:32:a4:ba:71:66:d6:a9:2f:ff:a7:
2f:2a:5c:39:2f:3e:79:73:48:47:9e:65:77:4e:bb:
be:20:a7:5e:19:11:9a:db:5b:89:05:69:20:84:9f:
d0:d3:e8:3c:2e:1c:33:48:c8:a2:6c:0f:f4:b1:38:
ee:5a:50:5d:ac:4f:1f:93:58:d8:2e:e9:82:20:20:
2d:fc:e4:61:16:01:9b:02:a6:1c:f4:a9:f1:50:51:
20:e0:92:bf:0a:d2:13:25:ff:0d:05:56:bb:53:cd:
36:8b:4a:8e:14:35:cd:e7:e6:b7:23:4a:0a:8b:1d:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:86:EB:DA:F1:3E:84:41:21:BB:D5:99:94:82:CC:C0:E6:B2:70:6B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M4br2vE-hEEhu9WZlILMwOaycGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:f0:16:c9:e0:ff:c9:e5:92:64:c0:35:56:cb:25:b8:95:d8:
93:8f:43:c7:ea:30:19:50:c5:04:ae:2c:2a:29:19:57:82:3e:
17:5b:0b:63:fe:00:60:59:e0:f0:b9:52:c0:16:d3:d1:2c:60:
bc:77:1c:be:3e:48:ae:11:8f:55:af:24:21:9c:1d:c0:bc:4e:
b9:7d:e9:e4:71:d8:42:b4:dc:f2:c7:c6:ce:5a:08:12:bd:64:
d9:c6:0a:82:d1:16:f7:be:89:58:a0:f7:0a:1f:aa:50:e4:6e:
87:d6:9e:1c:ff:22:66:3c:a1:80:5f:7b:aa:7e:93:cf:d8:37:
55:ea:9e:96:73:9d:fd:3c:51:34:49:97:1f:00:27:d3:45:38:
f9:cb:0c:1e:19:a0:02:a9:05:51:b3:b3:9b:bd:3a:f1:73:18:
ae:07:b1:cd:6c:dc:d8:98:e2:72:e8:a4:95:8e:26:73:9a:21:
fc:51:fa:fe:7d:98:77:7d:47:21:24:4b:bc:6b:19:95:b0:63:
d3:da:b5:06:00:79:f3:cb:cb:58:a7:ed:28:89:19:ce:3e:7d:
a4:97:cd:74:cb:44:ca:b3:05:b9:87:ef:8f:b0:4a:04:ca:17:
75:d9:00:f3:65:df:fd:1b:0a:af:ab:aa:c4:37:78:2f:2b:56:
24:6e:f5:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2Jf5FzugVSgS7hBzSIaezeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA4MTYxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzg2ZWJkYWYxM2U4NDQxMjFiYmQ1OTk5NDgyY2NjMGU2YjI3MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23hpimc7cpLi8ynzWhx4p1wloUPl
+bvZAr/wbw/BN0bK9Ty5u6UOtLjkEjF0CX4uAskvqnqBXMzhXRSbdllr+8jT4HeZ
n82E7OeuUi+PVILr6A+cplHnWBPntgQGbapZRJV1O5JwiPtJ8eTcBVwuYimraPeX
EfxGb6IgBqroVLIgBOB/m9dwc9zG0TKkunFm1qkv/6cvKlw5Lz55c0hHnmV3Tru+
IKdeGRGa21uJBWkghJ/Q0+g8LhwzSMiibA/0sTjuWlBdrE8fk1jYLumCICAt/ORh
FgGbAqYc9KnxUFEg4JK/CtITJf8NBVa7U802i0qOFDXN5+a3I0oKix0amwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDOG69rxPoRBIbvVmZSCzMDmsnBrMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTTRicjJ2RS1oRUVodTlXWmxJTE13T2F5Y0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABPwFsng/8nlkmTANVbL
JbiV2JOPQ8fqMBlQxQSuLCopGVeCPhdbC2P+AGBZ4PC5UsAW09EsYLx3HL4+SK4R
j1WvJCGcHcC8Trl96eRx2EK03PLHxs5aCBK9ZNnGCoLRFve+iVig9wofqlDkbofW
nhz/ImY8oYBfe6p+k8/YN1XqnpZznf08UTRJlx8AJ9NFOPnLDB4ZoAKpBVGzs5u9
OvFzGK4Hsc1s3NiY4nLopJWOJnOaIfxR+v59mHd9RyEkS7xrGZWwY9PatQYAefPL
y1in7SiJGc4+faSXzXTLRMqzBbmH74+wSgTKF3XZAPNl3/0bCq+rqsQ3eC8rViRu
9b4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:55:11 2025 by rpki-client