Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5EzLTwrv1_1TK2EWiU8ncuGBtHc.roa
File: 5EzLTwrv1_1TK2EWiU8ncuGBtHc.roa (raw, json)
Hash identifier: Xu/hoW4DoDzF0KHB39Fz2N3Ruy0HCoisWm9sK6Tj0NY=
Subject key identifier: E4:4C:CB:4F:0A:EF:D7:FD:53:2B:61:16:89:4F:27:72:E1:81:B4:77
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB244AD67D137DA99B0A30101081B888C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5EzLTwrv1_1TK2EWiU8ncuGBtHc.roa
Signing time: Fri 16 Feb 2024 14:14:21 +0000
ROA not before: Fri 16 Feb 2024 14:14:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:44:ad:67:d1:37:da:99:b0:a3:01:01:08:1b:88:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 14:14:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e44ccb4f0aefd7fd532b6116894f2772e181b477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d8:6b:5b:7b:36:00:0c:45:fa:99:44:20:68:
42:43:0c:9f:7f:48:df:1e:bf:0f:1b:74:f0:82:1f:
f7:a6:af:0b:3a:71:db:76:10:81:6e:93:9d:18:48:
37:25:64:d3:2c:e9:22:63:b9:36:c8:da:22:4b:74:
b0:15:1b:b4:c4:25:c2:7d:4e:2d:b0:1d:9d:42:2c:
c2:87:75:2a:e3:07:7c:ed:63:c7:ca:4e:89:2d:86:
e7:1b:74:c7:10:93:81:6c:e9:fe:0f:1c:95:09:bb:
a9:b2:f7:cc:64:41:27:35:9d:5a:f7:56:9a:28:08:
36:df:6f:c9:72:4a:8e:09:b3:08:3f:36:27:40:e7:
40:c1:fa:97:c6:e3:e3:6c:56:8a:13:eb:b7:23:ee:
39:7a:d8:cf:99:7e:1b:87:d3:5e:28:59:c1:cc:dd:
dd:3b:39:a6:62:e1:49:ac:20:c3:13:13:02:1f:db:
ba:a0:36:4a:6c:0d:e8:4f:75:e2:68:52:27:b6:3d:
3b:a7:49:60:ac:de:e2:3c:4d:2a:32:e0:a2:a4:a4:
09:19:0f:bd:de:e7:41:68:58:1f:ce:16:fd:8f:d9:
ba:da:51:da:fd:36:24:f9:32:a9:35:3a:1a:84:de:
a3:73:33:5a:5f:25:a5:5d:69:fc:ac:d5:06:0a:e1:
21:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4C:CB:4F:0A:EF:D7:FD:53:2B:61:16:89:4F:27:72:E1:81:B4:77
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5EzLTwrv1_1TK2EWiU8ncuGBtHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:48:cc:b3:b1:d7:55:88:73:0d:1a:de:5d:8c:75:4f:d4:12:
25:69:81:56:86:3b:4e:24:5f:92:6e:08:f8:85:5e:47:02:2a:
ec:71:ca:0f:15:9f:48:9d:38:c7:71:41:bf:a4:b5:24:50:7d:
4a:63:3a:66:a8:b0:8b:cc:e3:e2:42:be:a8:cd:d7:60:3e:f9:
24:e6:be:0d:5f:a5:75:7d:6f:df:6c:89:d3:db:64:84:52:5b:
17:7a:e2:f6:c5:7f:82:be:51:ce:88:41:ce:9c:d8:72:6f:91:
5e:d2:4a:18:0a:15:3d:5f:3b:db:ae:18:03:11:32:12:14:1e:
74:e8:07:74:ab:d5:71:6b:c6:22:8e:4a:b8:59:f4:9c:f1:45:
e0:57:8d:cd:46:c2:d5:6d:f5:5f:7c:8e:4c:c2:78:7c:12:1c:
5e:ed:96:84:a6:2d:f6:bf:71:30:57:3f:f0:48:7b:d4:08:97:
01:06:f2:42:39:c8:af:ca:89:f0:05:66:18:3b:38:81:ed:e5:
08:45:fd:ee:ce:07:99:52:6d:fb:7b:ce:1d:9a:fa:ab:69:ea:
b8:53:1a:88:57:ea:ba:04:fa:7c:2f:e2:6d:59:eb:d8:f0:35:
72:b1:be:09:5e:6f:c9:c0:cb:7f:d0:82:55:aa:d9:f3:f5:39:
b6:14:f4:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2yRK1n0TfambCjAQEIG4iMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MTQxNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDRjY2I0ZjBhZWZkN2ZkNTMyYjYxMTY4OTRmMjc3MmUxODFiNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19hrW3s2AAxF+plEIGhCQwyff0jf
Hr8PG3Twgh/3pq8LOnHbdhCBbpOdGEg3JWTTLOkiY7k2yNoiS3SwFRu0xCXCfU4t
sB2dQizCh3Uq4wd87WPHyk6JLYbnG3THEJOBbOn+DxyVCbupsvfMZEEnNZ1a91aa
KAg232/JckqOCbMIPzYnQOdAwfqXxuPjbFaKE+u3I+45etjPmX4bh9NeKFnBzN3d
OzmmYuFJrCDDExMCH9u6oDZKbA3oT3XiaFIntj07p0lgrN7iPE0qMuCipKQJGQ+9
3udBaFgfzhb9j9m62lHa/TYk+TKpNToahN6jczNaXyWlXWn8rNUGCuEh+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFORMy08K79f9UythFolPJ3LhgbR3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNUV6TFR3cnYxXzFUSzJFV2lVOG5jdUdCdEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVIzLOx11WIcw0a3l2M
dU/UEiVpgVaGO04kX5JuCPiFXkcCKuxxyg8Vn0idOMdxQb+ktSRQfUpjOmaosIvM
4+JCvqjN12A++STmvg1fpXV9b99sidPbZIRSWxd64vbFf4K+Uc6IQc6c2HJvkV7S
ShgKFT1fO9uuGAMRMhIUHnToB3Sr1XFrxiKOSrhZ9JzxReBXjc1GwtVt9V98jkzC
eHwSHF7tloSmLfa/cTBXP/BIe9QIlwEG8kI5yK/KifAFZhg7OIHt5QhF/e7OB5lS
bft7zh2a+qtp6rhTGohX6roE+nwv4m1Z69jwNXKxvgleb8nAy3/QglWq2fP1ObYU
9EQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:16 2025 by rpki-client