Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d7e7uoPhPa31-ua93kPq5I79610.roa
File: d7e7uoPhPa31-ua93kPq5I79610.roa (raw, json)
Hash identifier: NHJbGAh/cAksAXjExDF5dYIj3AGEkgAjLGHfVOOy0qg=
Subject key identifier: 77:B7:BB:BA:83:E1:3D:AD:F5:FA:E6:BD:DE:43:EA:E4:8E:FD:EB:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB546FFDA48ACD80E5C041CD8DE9576D8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d7e7uoPhPa31-ua93kPq5I79610.roa
Signing time: Fri 29 Dec 2023 11:12:58 +0000
ROA not before: Fri 29 Dec 2023 11:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:46:ff:da:48:ac:d8:0e:5c:04:1c:d8:de:95:76:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 29 11:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77b7bbba83e13dadf5fae6bdde43eae48efdeb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:50:79:f2:11:8a:fa:51:55:7f:03:f1:d3:11:
19:4b:a6:d1:04:46:49:d2:0f:d7:da:76:c1:66:c7:
5f:c7:d7:9b:5e:81:15:0f:a1:ad:84:c0:1a:47:56:
be:f2:91:a7:3b:46:9b:29:8e:44:1d:59:da:b4:7c:
16:c4:56:be:dd:fd:07:5c:39:c7:c7:e4:67:9c:fb:
13:7a:af:41:34:ee:cb:6a:59:90:82:f9:07:ac:86:
3f:f6:19:4d:ea:c0:b5:e4:77:77:a1:44:3f:b1:a5:
a6:be:5e:42:8b:1c:07:f3:55:6e:de:29:04:98:8d:
62:65:9f:43:5d:fe:63:b9:d6:4f:7c:0e:5f:ff:77:
81:8e:46:0d:91:a7:ca:79:b0:71:5f:ed:66:87:04:
14:d0:82:84:4c:35:61:6b:6b:2a:61:25:bc:4f:48:
8d:a7:33:a5:c1:12:fe:8a:81:22:79:5b:99:2e:97:
59:58:c0:58:5f:30:a4:c5:bd:67:4f:f2:3c:7a:66:
9f:26:c7:dc:0e:09:00:b2:86:29:d9:d2:4e:d6:6e:
bc:8f:fb:7b:bc:f6:63:91:d6:50:de:c1:33:9b:a2:
75:19:31:4b:ed:84:4c:d5:28:43:a0:20:f4:b7:f4:
dc:eb:91:6c:ab:49:6d:4b:07:19:41:aa:85:c4:41:
5e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B7:BB:BA:83:E1:3D:AD:F5:FA:E6:BD:DE:43:EA:E4:8E:FD:EB:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d7e7uoPhPa31-ua93kPq5I79610.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:7e:88:d2:65:ca:68:4f:7f:37:e6:39:a3:43:9e:98:af:74:
a3:6b:e5:cc:3d:3a:13:6a:92:af:d5:04:5d:af:92:d2:a2:01:
6a:23:b7:82:27:54:4a:c4:94:f7:3f:94:38:ad:6b:de:37:45:
8e:37:2d:6f:a0:ff:23:5e:0b:26:a9:5a:40:5d:f9:e9:55:b0:
e7:67:d1:19:60:7e:4c:50:bc:b0:37:f6:0e:00:27:bf:11:ea:
5d:c8:6d:e1:96:4f:c4:3a:9d:cb:b3:19:d9:04:94:33:b7:c0:
4c:95:3d:84:e5:92:30:b2:03:26:57:31:d9:9f:e9:dc:d9:8b:
57:60:d3:de:e1:b5:1c:98:fe:75:ad:37:fd:1a:99:95:5b:65:
82:b7:17:56:d8:b3:28:54:dc:17:11:10:18:62:d1:e3:e5:e6:
3e:83:a6:4f:b8:c9:93:0d:fc:b1:57:eb:87:36:65:82:15:3e:
cd:3b:f9:12:a1:4b:50:4b:ef:5c:f2:a0:c3:16:ac:01:00:22:
c3:23:07:90:15:24:6d:1f:a3:d9:f5:f6:6b:bc:bf:03:4b:43:
64:3d:2d:2e:33:25:18:60:27:6f:54:f5:96:4e:a2:f7:c8:68:
c2:15:47:b4:e3:92:3f:72:16:9a:1a:ea:89:35:7c:89:be:cd:
19:e5:a2:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy1Rv/aSKzYDlwEHNjelXbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI5MTExMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2I3YmJiYTgzZTEzZGFkZjVmYWU2YmRkZTQzZWFlNDhlZmRlYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VB58hGK+lFVfwPx0xEZS6bRBEZJ
0g/X2nbBZsdfx9ebXoEVD6GthMAaR1a+8pGnO0abKY5EHVnatHwWxFa+3f0HXDnH
x+RnnPsTeq9BNO7LalmQgvkHrIY/9hlN6sC15Hd3oUQ/saWmvl5CixwH81Vu3ikE
mI1iZZ9DXf5judZPfA5f/3eBjkYNkafKebBxX+1mhwQU0IKETDVha2sqYSW8T0iN
pzOlwRL+ioEieVuZLpdZWMBYXzCkxb1nT/I8emafJsfcDgkAsoYp2dJO1m68j/t7
vPZjkdZQ3sEzm6J1GTFL7YRM1ShDoCD0t/Tc65Fsq0ltSwcZQaqFxEFemwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHe3u7qD4T2t9frmvd5D6uSO/etdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZDdlN3VvUGhQYTMxLXVhOTNrUHE1STc5NjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGB+iNJlymhPfzfmOaND
npivdKNr5cw9OhNqkq/VBF2vktKiAWojt4InVErElPc/lDita943RY43LW+g/yNe
CyapWkBd+elVsOdn0RlgfkxQvLA39g4AJ78R6l3IbeGWT8Q6ncuzGdkElDO3wEyV
PYTlkjCyAyZXMdmf6dzZi1dg097htRyY/nWtN/0amZVbZYK3F1bYsyhU3BcREBhi
0ePl5j6Dpk+4yZMN/LFX64c2ZYIVPs07+RKhS1BL71zyoMMWrAEAIsMjB5AVJG0f
o9n19mu8vwNLQ2Q9LS4zJRhgJ29U9ZZOovfIaMIVR7Tjkj9yFpoa6ok1fIm+zRnl
ooU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:57 2025 by rpki-client