Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/02VVCuSHi5S6OdwyXTAG0no4Xcc.roa
File: 02VVCuSHi5S6OdwyXTAG0no4Xcc.roa (raw, json)
Hash identifier: DgXqYfBiibrqs2AN20ZZOCP9v93VcHB2yw4cKz9dMYk=
Subject key identifier: D3:65:55:0A:E4:87:8B:94:BA:39:DC:32:5D:30:06:D2:7A:38:5D:C7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01908E2CCA8375352B7B5ED036795CC6A583
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/02VVCuSHi5S6OdwyXTAG0no4Xcc.roa
Signing time: Sun 07 Jul 2024 17:10:18 +0000
ROA not before: Sun 07 Jul 2024 17:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8e:2c:ca:83:75:35:2b:7b:5e:d0:36:79:5c:c6:a5:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 7 17:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d365550ae4878b94ba39dc325d3006d27a385dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:62:cf:91:1b:df:bc:b0:51:4c:7a:72:48:
de:00:ad:b8:b8:a0:4f:33:55:10:65:0a:0b:dd:b9:
68:86:34:76:30:ee:df:47:23:b4:1f:60:61:80:fb:
20:5c:ea:d0:6b:6c:a3:26:21:58:84:ab:d2:01:3d:
bc:c4:d7:f6:57:1d:e1:83:0e:bb:d3:e6:86:f3:9d:
ed:60:52:c9:25:25:5c:3e:03:12:63:65:f1:61:f8:
80:80:ae:9a:b2:34:4c:a4:29:fd:61:21:86:f6:77:
fd:13:09:8f:dc:c1:a7:a4:80:d8:b8:9a:c0:a1:36:
7d:b7:bf:d8:e6:fd:e0:73:cc:61:94:83:98:3b:4e:
61:7f:67:db:5b:d4:55:3f:ab:ca:c6:78:f1:9d:b0:
ff:2e:db:f6:b5:52:ef:b9:b6:c4:8d:78:58:7c:28:
0f:92:16:57:e8:74:0b:2d:21:18:e4:5d:6a:c8:79:
f8:ae:c2:22:70:9e:b8:c6:55:d8:4c:f2:01:d0:e8:
83:55:60:19:37:ca:84:8d:90:25:d0:db:b8:aa:84:
b9:a2:82:d2:c8:6e:31:8c:0d:ec:f1:03:4b:e1:54:
00:3e:20:35:9f:ab:b7:d4:a9:24:ca:c7:55:c2:39:
66:da:5f:e3:06:e4:2d:39:f9:d2:81:b8:d0:58:45:
ed:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:65:55:0A:E4:87:8B:94:BA:39:DC:32:5D:30:06:D2:7A:38:5D:C7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/02VVCuSHi5S6OdwyXTAG0no4Xcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:c5:8a:b4:54:d2:29:a0:01:fe:f0:1f:1d:64:fb:28:f5:06:
4d:6b:4f:a3:21:3b:c0:95:31:ec:aa:bc:21:04:38:c4:7a:ab:
02:54:34:97:df:e0:dd:da:a9:2d:ed:ed:3b:c4:f4:ec:76:8e:
37:10:dd:f7:73:5a:96:6a:8a:07:fa:59:34:e5:93:84:2d:64:
a4:72:45:cd:0a:0d:86:c9:60:76:33:fe:15:52:13:11:cb:e1:
39:86:2a:7c:75:78:31:fd:39:b0:97:8c:06:ff:a1:c4:8f:d4:
36:1d:df:79:e6:37:a2:f1:13:6f:45:ea:5e:d5:71:21:a7:59:
77:83:b5:1b:b6:9c:46:dd:d6:c2:4c:5b:89:a3:f1:31:cf:e2:
5e:35:f7:29:72:b4:d2:51:87:9b:4a:9b:e5:41:13:db:f1:5f:
eb:ea:37:eb:b1:cd:58:79:ec:73:a5:9e:84:2f:c0:9c:94:a1:
5d:7b:c8:9b:52:b6:a3:8e:13:0e:d0:b9:9e:28:06:16:4d:9e:
3b:e8:0e:09:33:34:24:f2:ae:ad:b9:a5:d6:24:1a:c6:a1:99:
76:8f:52:03:7f:39:b1:15:c2:cd:1b:31:5e:34:dd:1c:fc:f0:
b8:39:0b:80:2f:9c:e4:1c:de:7d:6e:c6:32:bf:b0:60:37:99:
01:74:4f:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCOLMqDdTUre17QNnlcxqWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA3MTcxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY1NTUwYWU0ODc4Yjk0YmEzOWRjMzI1ZDMwMDZkMjdhMzg1ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q9iz5Eb37ywUUx6ckjeAK24uKBP
M1UQZQoL3blohjR2MO7fRyO0H2BhgPsgXOrQa2yjJiFYhKvSAT28xNf2Vx3hgw67
0+aG853tYFLJJSVcPgMSY2XxYfiAgK6asjRMpCn9YSGG9nf9EwmP3MGnpIDYuJrA
oTZ9t7/Y5v3gc8xhlIOYO05hf2fbW9RVP6vKxnjxnbD/Ltv2tVLvubbEjXhYfCgP
khZX6HQLLSEY5F1qyHn4rsIicJ64xlXYTPIB0OiDVWAZN8qEjZAl0Nu4qoS5ooLS
yG4xjA3s8QNL4VQAPiA1n6u31KkkysdVwjlm2l/jBuQtOfnSgbjQWEXttwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNNlVQrkh4uUujncMl0wBtJ6OF3HMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMDJWVkN1U0hpNVM2T2R3eVhUQUcwbm80WGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG/FirRU0imgAf7wHx1k
+yj1Bk1rT6MhO8CVMeyqvCEEOMR6qwJUNJff4N3aqS3t7TvE9Ox2jjcQ3fdzWpZq
igf6WTTlk4QtZKRyRc0KDYbJYHYz/hVSExHL4TmGKnx1eDH9ObCXjAb/ocSP1DYd
33nmN6LxE29F6l7VcSGnWXeDtRu2nEbd1sJMW4mj8THP4l419ylytNJRh5tKm+VB
E9vxX+vqN+uxzVh57HOlnoQvwJyUoV17yJtStqOOEw7QuZ4oBhZNnjvoDgkzNCTy
rq25pdYkGsahmXaPUgN/ObEVws0bMV403Rz88Lg5C4AvnOQc3n1uxjK/sGA3mQF0
T7s=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:05:49 2025 by rpki-client