Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EnMBtlx9wJlczL0Po7iZBv2AObo.roa
File: EnMBtlx9wJlczL0Po7iZBv2AObo.roa (raw, json)
Hash identifier: TI4Tsa2rLjfQ9jjL/Zd+3UKJr4kGyh2pbS9ARM+KZAo=
Subject key identifier: 12:73:01:B6:5C:7D:C0:99:5C:CC:BD:0F:A3:B8:99:06:FD:80:39:BA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D774264A377480E8F831A2DE606ED29BB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EnMBtlx9wJlczL0Po7iZBv2AObo.roa
Signing time: Mon 05 Feb 2024 03:14:16 +0000
ROA not before: Mon 05 Feb 2024 03:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:42:64:a3:77:48:0e:8f:83:1a:2d:e6:06:ed:29:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 03:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=127301b65c7dc0995cccbd0fa3b89906fd8039ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:15:40:30:49:2f:19:bb:55:9e:bc:2f:82:
1c:6a:33:8b:e8:be:2d:16:e2:a9:d5:a7:74:83:33:
02:a2:2e:62:a0:28:80:8c:1f:e9:da:9c:b6:73:a4:
1e:77:09:0c:d3:6d:57:eb:7c:67:37:08:5d:90:d1:
c4:75:1c:aa:36:bc:a8:d3:6a:fd:90:66:aa:7e:84:
0f:a0:fb:f1:89:3d:dc:6c:32:c9:f6:34:8b:74:f9:
d1:6f:6d:86:1a:d0:b3:d2:c9:b1:c0:ee:d4:4b:ad:
30:a1:d5:dd:a3:a9:81:64:a2:14:e8:d3:cb:85:10:
4a:46:00:cb:a4:18:ce:00:19:de:26:32:d0:db:ba:
ad:d6:39:14:51:c8:9c:b2:c7:42:f4:c7:83:cb:0b:
16:5b:c2:10:76:a5:b3:83:5e:61:8b:56:1d:21:8a:
e4:91:5c:d5:37:0d:ea:e0:33:6a:2d:41:84:22:6d:
e0:24:0f:b3:4b:16:94:29:87:38:2f:79:56:0e:34:
cb:ff:ab:d5:8d:d7:72:95:23:d6:07:bb:4e:b0:25:
81:4b:cc:76:13:61:29:e1:44:05:3d:75:a5:e6:21:
64:0f:02:a7:be:22:3d:a4:a1:45:fa:f8:c3:3f:8b:
bd:c6:ac:f1:5b:19:af:30:b5:eb:4e:ab:84:c3:45:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:73:01:B6:5C:7D:C0:99:5C:CC:BD:0F:A3:B8:99:06:FD:80:39:BA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EnMBtlx9wJlczL0Po7iZBv2AObo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:d1:6b:27:2f:e0:09:5e:03:76:e2:06:52:84:6c:2b:1c:d0:
cf:45:22:23:91:84:5a:86:ef:c3:4c:5b:af:e5:31:ba:b1:21:
6f:ae:ca:35:b8:48:e9:12:64:22:45:ac:73:4a:21:6a:2c:d9:
8f:5c:cf:81:e1:91:ce:e2:6d:ec:8d:76:94:a3:68:c0:1a:f4:
01:9a:37:2f:e9:6b:56:1c:e7:0f:d2:77:79:34:2e:6b:99:4a:
ca:90:97:a7:1c:c8:13:e7:a2:39:08:73:82:12:76:e3:6b:e0:
0a:b9:18:a0:77:d7:9c:49:bb:10:c8:14:b5:2a:75:87:ff:24:
22:a7:ee:29:11:72:ca:99:00:b5:7f:5d:be:ab:15:1f:25:12:
3a:80:77:90:57:3c:2e:7d:61:b4:dd:53:6c:13:4f:9a:3f:bc:
d2:a7:5d:cb:8f:fd:e9:f6:37:29:dc:d3:dd:34:6a:5a:7d:ef:
09:87:4e:8f:c6:b0:a7:70:c4:d4:0d:a8:1d:c0:7e:db:5c:be:
79:e2:c1:c5:69:7d:53:a3:84:7a:15:24:f1:3e:a1:ed:6d:31:
2e:19:84:ef:fa:03:39:bc:d7:14:14:41:76:d1:98:22:9e:13:
95:24:45:fd:d4:83:7a:44:27:93:1e:c4:d8:e9:d9:44:a7:9e:
fd:36:df:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY13QmSjd0gOj4MaLeYG7Sm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDMxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjczMDFiNjVjN2RjMDk5NWNjY2JkMGZhM2I4OTkwNmZkODAzOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldMVQDBJLxm7VZ68L4IcajOL6L4t
FuKp1ad0gzMCoi5ioCiAjB/p2py2c6QedwkM021X63xnNwhdkNHEdRyqNryo02r9
kGaqfoQPoPvxiT3cbDLJ9jSLdPnRb22GGtCz0smxwO7US60wodXdo6mBZKIU6NPL
hRBKRgDLpBjOABneJjLQ27qt1jkUUcicssdC9MeDywsWW8IQdqWzg15hi1YdIYrk
kVzVNw3q4DNqLUGEIm3gJA+zSxaUKYc4L3lWDjTL/6vVjddylSPWB7tOsCWBS8x2
E2Ep4UQFPXWl5iFkDwKnviI9pKFF+vjDP4u9xqzxWxmvMLXrTquEw0UBHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBJzAbZcfcCZXMy9D6O4mQb9gDm6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRW5NQnRseDl3SmxjekwwUG83aVpCdjJBT2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKXRaycv4AleA3biBlKE
bCsc0M9FIiORhFqG78NMW6/lMbqxIW+uyjW4SOkSZCJFrHNKIWos2Y9cz4Hhkc7i
beyNdpSjaMAa9AGaNy/pa1Yc5w/Sd3k0LmuZSsqQl6ccyBPnojkIc4ISduNr4Aq5
GKB315xJuxDIFLUqdYf/JCKn7ikRcsqZALV/Xb6rFR8lEjqAd5BXPC59YbTdU2wT
T5o/vNKnXcuP/en2Nync0900alp97wmHTo/GsKdwxNQNqB3AfttcvnniwcVpfVOj
hHoVJPE+oe1tMS4ZhO/6Azm81xQUQXbRmCKeE5UkRf3Ug3pEJ5MexNjp2USnnv02
3xk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:43:52 2025 by rpki-client