Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/587WejAoH7E5DYtulJ0BFuYgkcU.roa
File: 587WejAoH7E5DYtulJ0BFuYgkcU.roa (raw, json)
Hash identifier: RkqbnQS0sHAQsa7+Mr8iWIEYPs47oy4dX4hoqd5v+qA=
Subject key identifier: E7:CE:D6:7A:30:28:1F:B1:39:0D:8B:6E:94:9D:01:16:E6:20:91:C5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE699CD5B2151A736815E3EDD1F0792D6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/587WejAoH7E5DYtulJ0BFuYgkcU.roa
Signing time: Mon 08 Jan 2024 01:04:48 +0000
ROA not before: Mon 08 Jan 2024 01:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:e699:a2ce/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e6:99:cd:5b:21:51:a7:36:81:5e:3e:dd:1f:07:92:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 8 01:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7ced67a30281fb1390d8b6e949d0116e62091c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:44:93:17:4c:30:af:6e:aa:b4:39:bf:4f:64:
03:eb:26:82:ed:b7:41:62:a8:b2:2d:70:1d:8b:ac:
e5:72:a7:5c:3e:f7:1f:b8:a6:89:3e:8b:1f:ab:58:
4e:5c:5b:22:92:b3:d3:1d:c5:4c:d1:b3:07:01:35:
22:06:9b:a1:15:24:78:aa:9b:d9:da:7e:32:dd:89:
5f:4b:ec:17:5a:cb:12:62:f1:68:d2:bd:83:76:1d:
5f:7b:dd:ec:bb:92:1d:a5:45:60:3b:e8:b4:4a:db:
d6:81:f0:f8:e9:4c:bc:5a:0b:f3:22:da:49:89:5b:
57:65:86:aa:37:19:4f:36:e8:07:d3:7d:78:f9:4a:
97:bb:f4:54:03:36:58:98:51:18:bd:a0:c0:58:95:
88:29:17:de:02:8d:30:46:1b:99:e1:08:f1:8c:af:
52:2c:db:95:1d:fc:c0:91:af:e5:66:91:3d:86:b7:
8d:e7:67:73:cc:35:8e:cd:da:b7:8c:96:05:06:27:
fb:de:17:35:f9:cd:27:37:ad:9c:7a:f3:75:51:e3:
66:88:e0:0c:d7:c6:6e:92:b8:8f:30:f5:ab:db:20:
f0:4d:ec:ac:4f:8c:a4:20:a3:b2:a8:dc:2b:c0:1b:
79:c9:7c:d1:12:20:a8:52:84:1a:a6:8e:b0:41:c6:
f6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CE:D6:7A:30:28:1F:B1:39:0D:8B:6E:94:9D:01:16:E6:20:91:C5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/587WejAoH7E5DYtulJ0BFuYgkcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:37:ad:19:b0:17:2a:48:62:37:af:7f:79:9b:82:3e:18:b9:
2a:b4:10:50:4d:a7:39:0f:cd:8b:ef:f5:69:5e:93:12:4a:1a:
5e:c0:89:fb:30:b1:c7:d3:92:70:1c:bf:41:95:15:29:14:3b:
27:9c:05:88:69:23:3b:22:2a:13:e6:18:9a:ac:bd:ef:28:91:
54:94:39:23:7d:e9:1d:e9:b2:5f:23:6e:ba:e5:9d:74:e6:4f:
4e:20:31:44:d1:bb:70:0b:c1:c9:9a:9e:6e:7c:a7:2f:ac:48:
68:18:69:b1:7e:d3:31:93:2e:36:7a:19:7d:8c:fc:9f:10:04:
6f:5b:74:57:3f:30:d5:47:52:28:dd:60:a1:b6:22:3c:13:52:
1d:eb:a7:dd:ba:ef:90:4c:12:e5:7f:cf:21:f5:f5:ac:7c:7b:
6f:74:19:e2:dd:5e:e8:f2:81:02:b8:dc:46:c9:41:81:fd:26:
4b:1f:00:5d:64:f5:48:20:99:08:5d:de:e8:2c:75:a9:99:12:
2c:aa:8e:d7:b0:00:b9:2b:0c:e2:b3:ff:5a:5a:0a:56:24:d4:
6d:d0:6c:a6:4d:49:2f:0c:b6:76:c3:9f:ec:70:3a:c8:7f:6b:
4a:92:e2:f2:09:3e:f3:d6:0c:95:51:cd:53:4b:75:41:d5:83:
70:f4:d1:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzmmc1bIVGnNoFePt0fB5LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA4MDEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NlZDY3YTMwMjgxZmIxMzkwZDhiNmU5NDlkMDExNmU2MjA5MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvESTF0wwr26qtDm/T2QD6yaC7bdB
YqiyLXAdi6zlcqdcPvcfuKaJPosfq1hOXFsikrPTHcVM0bMHATUiBpuhFSR4qpvZ
2n4y3YlfS+wXWssSYvFo0r2Ddh1fe93su5IdpUVgO+i0StvWgfD46Uy8WgvzItpJ
iVtXZYaqNxlPNugH0314+UqXu/RUAzZYmFEYvaDAWJWIKRfeAo0wRhuZ4QjxjK9S
LNuVHfzAka/lZpE9hreN52dzzDWOzdq3jJYFBif73hc1+c0nN62cevN1UeNmiOAM
18ZukriPMPWr2yDwTeysT4ykIKOyqNwrwBt5yXzREiCoUoQapo6wQcb2jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOfO1nowKB+xOQ2LbpSdARbmIJHFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNTg3V2VqQW9IN0U1RFl0dWxKMEJGdVlna2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJE3rRmwFypIYjevf3mb
gj4YuSq0EFBNpzkPzYvv9WlekxJKGl7AifswscfTknAcv0GVFSkUOyecBYhpIzsi
KhPmGJqsve8okVSUOSN96R3psl8jbrrlnXTmT04gMUTRu3ALwcmanm58py+sSGgY
abF+0zGTLjZ6GX2M/J8QBG9bdFc/MNVHUijdYKG2IjwTUh3rp92675BMEuV/zyH1
9ax8e290GeLdXujygQK43EbJQYH9JksfAF1k9UggmQhd3ugsdamZEiyqjtewALkr
DOKz/1paClYk1G3QbKZNSS8MtnbDn+xwOsh/a0qS4vIJPvPWDJVRzVNLdUHVg3D0
0V4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:16:15 2025 by rpki-client