Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eiH-Kuz33ZhFKq0sXYC95UUJHEY.roa
File: eiH-Kuz33ZhFKq0sXYC95UUJHEY.roa (raw, json)
Hash identifier: /jnDKxBlXDSJezvrnvtxvbuDm7QM1yihslpyeBxyXxc=
Subject key identifier: 7A:21:FE:2A:EC:F7:DD:98:45:2A:AD:2C:5D:80:BD:E5:45:09:1C:46
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8C49AF116C39DBD8EE76C11CE50FBE30
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eiH-Kuz33ZhFKq0sXYC95UUJHEY.roa
Signing time: Fri 09 Feb 2024 05:14:15 +0000
ROA not before: Fri 09 Feb 2024 05:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:49:af:11:6c:39:db:d8:ee:76:c1:1c:e5:0f:be:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 05:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a21fe2aecf7dd98452aad2c5d80bde545091c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:82:35:88:47:6f:63:e1:7c:5e:1c:c2:5c:03:
fe:a5:28:ac:e4:64:48:4b:34:07:4c:2b:57:19:bf:
a6:a5:39:2c:3d:87:9e:98:12:f6:81:2d:78:9d:70:
cd:6f:90:17:7a:c8:53:0d:05:5c:41:ff:67:70:a0:
be:51:d8:29:5f:18:e7:3d:e8:77:ec:78:da:48:26:
64:2d:2a:0c:f0:38:ca:d2:df:14:a8:1b:d0:1a:3e:
2a:9e:cd:2b:c8:18:cc:bf:6c:e5:7e:58:d5:86:58:
58:3f:99:10:57:c2:c1:31:1f:34:66:16:70:09:8c:
0e:51:b4:1d:ca:76:78:c4:3b:a2:22:cb:ca:f6:a4:
b2:44:c2:5e:36:ac:d8:04:e5:77:e6:57:5b:f2:45:
b2:d5:fb:ce:7a:cb:e0:8b:21:73:c9:48:0c:51:d1:
77:fa:21:3a:e8:5e:c2:33:8c:fb:1e:4a:17:52:5a:
e4:33:4f:6e:f3:f7:06:ae:b8:84:a9:64:c4:5b:06:
4c:c0:f4:c8:5b:b2:da:68:3d:6c:ee:f4:c5:e8:6b:
66:4d:57:b3:6e:bb:77:de:7f:7a:7d:30:c9:12:87:
e8:36:1f:c5:94:8e:34:0c:e3:2f:b9:83:94:11:85:
fa:3a:18:01:26:c0:84:78:e3:26:df:03:83:2f:91:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:21:FE:2A:EC:F7:DD:98:45:2A:AD:2C:5D:80:BD:E5:45:09:1C:46
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eiH-Kuz33ZhFKq0sXYC95UUJHEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:22:e5:a7:03:6f:32:7b:3b:b5:2b:00:06:9d:4b:7d:34:32:
06:0a:0e:99:f0:53:4c:78:2f:5b:50:72:9e:7f:c2:a5:9f:de:
f2:cd:ef:bc:b6:93:db:1b:24:37:74:99:e4:d3:50:c6:ca:f3:
e8:38:95:48:37:29:5f:69:20:b6:97:08:43:b9:5b:e0:80:d9:
e3:9d:80:8d:7b:b3:7c:eb:ab:60:f6:0e:5d:f1:37:bb:15:ea:
aa:05:52:6e:f8:2b:8c:98:dd:2f:f5:ca:24:fc:c4:e2:ca:46:
b8:32:0e:e6:20:76:aa:b0:f6:df:86:e6:cb:40:c8:5c:f8:71:
42:b5:d8:52:a5:14:e6:37:d3:a8:4c:1f:89:ca:79:5f:c7:95:
bf:39:e3:e7:70:6a:91:ec:55:6f:0b:bb:77:0a:08:a3:85:64:
74:20:83:83:43:56:d0:a6:7d:5e:29:ea:41:67:a8:7a:42:10:
c9:39:33:b5:99:d3:b8:88:79:01:fe:ca:d5:76:e4:44:33:38:
d8:56:8b:60:7e:b0:1a:07:41:e8:f1:17:ec:11:4c:d6:35:73:
e8:7e:ad:a2:44:38:60:53:bb:af:b3:fc:cb:74:9c:1a:e5:9c:
14:f4:45:b2:17:fa:6c:95:37:ba:df:4e:9b:7b:89:3e:13:97:
56:3f:ac:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2MSa8RbDnb2O52wRzlD74wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MDUxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTIxZmUyYWVjZjdkZDk4NDUyYWFkMmM1ZDgwYmRlNTQ1MDkxYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4I1iEdvY+F8XhzCXAP+pSis5GRI
SzQHTCtXGb+mpTksPYeemBL2gS14nXDNb5AXeshTDQVcQf9ncKC+UdgpXxjnPeh3
7HjaSCZkLSoM8DjK0t8UqBvQGj4qns0ryBjMv2zlfljVhlhYP5kQV8LBMR80ZhZw
CYwOUbQdynZ4xDuiIsvK9qSyRMJeNqzYBOV35ldb8kWy1fvOesvgiyFzyUgMUdF3
+iE66F7CM4z7HkoXUlrkM09u8/cGrriEqWTEWwZMwPTIW7LaaD1s7vTF6GtmTVez
brt33n96fTDJEofoNh/FlI40DOMvuYOUEYX6OhgBJsCEeOMm3wODL5GFHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHoh/irs992YRSqtLF2AveVFCRxGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZWlILUt1ejMzWmhGS3Ewc1hZQzk1VVVKSEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIIi5acDbzJ7O7UrAAad
S300MgYKDpnwU0x4L1tQcp5/wqWf3vLN77y2k9sbJDd0meTTUMbK8+g4lUg3KV9p
ILaXCEO5W+CA2eOdgI17s3zrq2D2Dl3xN7sV6qoFUm74K4yY3S/1yiT8xOLKRrgy
DuYgdqqw9t+G5stAyFz4cUK12FKlFOY306hMH4nKeV/Hlb854+dwapHsVW8Lu3cK
CKOFZHQgg4NDVtCmfV4p6kFnqHpCEMk5M7WZ07iIeQH+ytV25EQzONhWi2B+sBoH
QejxF+wRTNY1c+h+raJEOGBTu6+z/Mt0nBrlnBT0RbIX+myVN7rfTpt7iT4Tl1Y/
rME=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:49:51 2025 by rpki-client