Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/epYrjZg3Bdl70396Qbq8tNZjsLY.roa
File: epYrjZg3Bdl70396Qbq8tNZjsLY.roa (raw, json)
Hash identifier: LMcVybsCNBPKkZzdoyxJDWh7x/tmRcyt6OBUNF+n348=
Subject key identifier: 7A:96:2B:8D:98:37:05:D9:7B:D3:7F:7A:41:BA:BC:B4:D6:63:B0:B6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB194AAA07B0DE3388EE89E46D91CBBD1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/epYrjZg3Bdl70396Qbq8tNZjsLY.roa
Signing time: Sat 06 Apr 2024 04:04:54 +0000
ROA not before: Sat 06 Apr 2024 04:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:b194:314e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b1:94:aa:a0:7b:0d:e3:38:8e:e8:9e:46:d9:1c:bb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 04:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a962b8d983705d97bd37f7a41babcb4d663b0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d2:36:56:b7:a7:96:57:3e:7b:d8:a7:d5:06:
05:2c:16:60:50:ee:66:10:0c:f4:cb:93:8f:7f:7c:
70:72:69:68:12:f1:f1:c7:03:a8:7b:b7:56:35:61:
65:44:48:d8:23:51:e6:88:be:51:d0:59:d3:e6:9c:
10:98:2a:5c:a7:71:ec:6f:16:41:41:fa:8a:43:d8:
95:26:c4:cd:4d:04:d4:fd:53:17:ff:fb:92:14:ee:
1a:2b:83:f2:72:50:cc:42:d4:09:62:82:70:8a:ee:
f0:6c:f9:c0:0f:f4:1a:23:eb:db:a3:45:2c:e4:38:
91:ca:62:1d:e1:d7:51:48:96:2e:a8:45:04:5d:24:
b6:e8:0e:50:f1:84:53:ce:37:7e:5d:ef:92:79:5b:
af:33:57:f3:ed:ca:e5:7c:d2:cf:d9:98:de:bb:d4:
b2:76:30:67:03:f0:b8:4f:38:43:21:c7:b3:fa:30:
fc:f5:9e:4a:1e:95:44:96:41:f1:2a:f5:13:b4:a5:
d3:04:ef:d7:7e:3d:37:86:97:45:37:70:be:ce:98:
ce:49:a1:bd:c7:17:5e:49:6f:71:cf:bc:b8:53:94:
18:41:a4:41:3e:99:f5:bf:ef:06:f3:b4:77:b1:04:
9e:41:d7:e5:7c:63:38:3d:2d:e3:a9:4f:d4:37:08:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:96:2B:8D:98:37:05:D9:7B:D3:7F:7A:41:BA:BC:B4:D6:63:B0:B6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/epYrjZg3Bdl70396Qbq8tNZjsLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:fc:8a:79:8a:b9:38:63:2c:a1:c5:a9:58:12:4c:bc:6f:0a:
ac:77:c8:39:dd:ed:f9:12:87:e7:fc:86:73:67:6d:94:f8:bd:
18:60:90:3b:33:c9:7c:b6:e3:a0:63:27:ad:a0:76:58:fd:83:
16:2b:50:ba:53:88:7c:be:65:41:59:6d:86:de:71:fd:cc:04:
60:8f:b7:16:33:9c:af:eb:27:73:59:00:e0:9e:8b:15:a6:d8:
d4:94:d9:7f:d3:0a:17:5b:9c:43:d9:c7:ea:5f:db:d1:21:5b:
f6:a7:9e:12:e5:c1:49:5a:eb:66:32:2d:02:df:66:56:24:ed:
be:64:bb:a0:13:ea:09:f0:e7:ca:14:c1:ca:1a:cf:ee:06:c7:
1d:ca:8d:5b:a8:b0:e1:77:bb:da:9d:5c:bf:6f:b5:f3:7b:f6:
9d:44:25:4a:35:fb:24:ad:00:c2:ba:54:d4:cc:b2:67:9e:c4:
89:ad:6f:49:cc:43:f0:dc:43:74:b3:72:00:de:ab:54:0e:89:
4a:7e:57:45:b8:7c:9f:48:76:63:c1:4e:87:6e:eb:8a:05:bf:
be:07:62:2f:e7:e6:0d:ba:b6:58:b4:a0:d7:a7:51:e2:96:cf:
e1:98:a8:85:95:f8:bf:bd:12:15:9d:82:f6:22:bd:bb:c4:f7:
89:8d:9e:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6xlKqgew3jOI7onkbZHLvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MDQwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk2MmI4ZDk4MzcwNWQ5N2JkMzdmN2E0MWJhYmNiNGQ2NjNiMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9I2Vrenllc+e9in1QYFLBZgUO5m
EAz0y5OPf3xwcmloEvHxxwOoe7dWNWFlREjYI1HmiL5R0FnT5pwQmCpcp3HsbxZB
QfqKQ9iVJsTNTQTU/VMX//uSFO4aK4PyclDMQtQJYoJwiu7wbPnAD/QaI+vbo0Us
5DiRymId4ddRSJYuqEUEXSS26A5Q8YRTzjd+Xe+SeVuvM1fz7crlfNLP2Zjeu9Sy
djBnA/C4TzhDIcez+jD89Z5KHpVElkHxKvUTtKXTBO/Xfj03hpdFN3C+zpjOSaG9
xxdeSW9xz7y4U5QYQaRBPpn1v+8G87R3sQSeQdflfGM4PS3jqU/UNwi8GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHqWK42YNwXZe9N/ekG6vLTWY7C2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZXBZcmpaZzNCZGw3MDM5NlFicTh0Tlpqc0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADb8inmKuThjLKHFqVgS
TLxvCqx3yDnd7fkSh+f8hnNnbZT4vRhgkDszyXy246BjJ62gdlj9gxYrULpTiHy+
ZUFZbYbecf3MBGCPtxYznK/rJ3NZAOCeixWm2NSU2X/TChdbnEPZx+pf29EhW/an
nhLlwUla62YyLQLfZlYk7b5ku6AT6gnw58oUwcoaz+4Gxx3KjVuosOF3u9qdXL9v
tfN79p1EJUo1+yStAMK6VNTMsmeexImtb0nMQ/DcQ3SzcgDeq1QOiUp+V0W4fJ9I
dmPBTodu64oFv74HYi/n5g26tli0oNenUeKWz+GYqIWV+L+9EhWdgvYivbvE94mN
nrs=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:09:58 2025 by rpki-client