Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0FKhg_is_UTggEW7qPtiuEHwFJ8.roa
File: 0FKhg_is_UTggEW7qPtiuEHwFJ8.roa (raw, json)
Hash identifier: el7C78vHjhw8WYJD8YyMZBwpn2mxOFaijVkXm0Kdogo=
Subject key identifier: D0:52:A1:83:F8:AC:FD:44:E0:80:45:BB:A8:FB:62:B8:41:F0:14:9F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01905887E2466AD82676ABC7EE4993C9720E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0FKhg_is_UTggEW7qPtiuEHwFJ8.roa
Signing time: Thu 27 Jun 2024 07:10:18 +0000
ROA not before: Thu 27 Jun 2024 07:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:87:e2:46:6a:d8:26:76:ab:c7:ee:49:93:c9:72:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 27 07:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d052a183f8acfd44e08045bba8fb62b841f0149f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:a5:c4:5c:e3:4a:b1:fb:1c:92:a2:5f:3f:
55:79:5e:8c:4e:93:c8:a2:3c:a9:73:2b:0b:9a:d7:
6f:09:0c:36:0e:0a:b1:0a:4b:03:e3:7a:db:d0:3a:
d2:94:58:bf:b0:b3:3c:e6:2b:b2:40:cc:d7:1e:9c:
d1:68:d1:8f:cb:06:08:75:f8:42:9a:23:25:95:06:
9e:88:18:69:9c:46:51:f5:94:b3:7b:8c:f9:5c:c7:
50:02:86:07:e5:5c:71:41:73:2e:15:08:1d:72:39:
dd:b2:ff:e0:a8:de:ac:4d:e5:76:7d:2b:6f:95:94:
a8:5b:b7:e7:c4:b2:98:b8:13:11:8d:01:e8:05:e7:
23:3d:0f:5c:69:4a:a9:48:19:a5:e9:50:27:01:1d:
7c:65:37:53:a9:1a:df:11:15:91:2d:68:bf:8a:d6:
fd:92:24:7d:aa:90:8d:4c:0a:9d:86:7c:2f:b9:e8:
89:ad:0f:ff:3e:2b:89:f7:3e:13:cb:16:d9:4f:73:
cf:7f:c0:44:2f:cb:f4:b9:ed:5e:55:44:4f:58:58:
c4:0b:0d:0f:75:fb:62:a1:6e:89:8d:66:c5:bd:11:
ff:bc:cc:bd:3d:44:ed:3f:1d:b7:ae:bc:35:1f:fb:
cb:67:ab:6b:40:76:d6:0e:77:39:48:7c:52:96:e9:
60:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:52:A1:83:F8:AC:FD:44:E0:80:45:BB:A8:FB:62:B8:41:F0:14:9F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0FKhg_is_UTggEW7qPtiuEHwFJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:e9:e4:51:00:ce:c7:d6:ee:56:82:a1:02:9b:8b:73:d2:4c:
78:02:59:bc:a9:18:26:a2:59:1a:0d:b2:4a:a6:75:2f:b3:32:
95:45:4f:23:47:ec:fa:0d:88:94:e8:32:12:24:b9:24:71:00:
3b:23:10:02:39:7e:4b:3d:cc:f3:87:66:66:b3:16:ad:c3:86:
50:5e:b7:f1:ba:57:26:b5:20:81:97:54:62:94:f7:64:f7:39:
6e:a2:81:74:8e:56:8e:db:92:2e:99:bb:00:78:ce:c2:2a:8e:
f2:01:0e:5e:f0:54:d1:c2:24:31:f2:c9:9f:8a:17:5e:76:b5:
a9:b3:59:17:b1:70:01:f2:15:c8:a5:93:27:ee:14:fa:9d:49:
ea:82:65:cf:34:c9:4f:a7:ec:45:88:be:c5:5b:d8:d5:42:96:
96:6f:32:9d:a2:65:44:6e:77:70:2a:ea:9d:5f:6d:f5:49:a1:
7e:27:35:b6:39:86:03:45:71:3c:d7:7e:79:e8:06:b1:50:41:
6c:2d:5f:b0:db:59:c6:ab:19:4c:3f:84:43:d9:ae:06:e2:a6:
90:b3:96:a0:03:73:00:7c:d0:8e:3e:d0:d2:16:38:a5:ab:22:
97:df:1c:84:5f:45:26:00:49:a5:66:e2:af:fe:8d:58:eb:24:
38:c7:62:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBYh+JGatgmdqvH7kmTyXIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI3MDcxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDUyYTE4M2Y4YWNmZDQ0ZTA4MDQ1YmJhOGZiNjJiODQxZjAxNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYSlxFzjSrH7HJKiXz9VeV6MTpPI
ojypcysLmtdvCQw2DgqxCksD43rb0DrSlFi/sLM85iuyQMzXHpzRaNGPywYIdfhC
miMllQaeiBhpnEZR9ZSze4z5XMdQAoYH5VxxQXMuFQgdcjndsv/gqN6sTeV2fStv
lZSoW7fnxLKYuBMRjQHoBecjPQ9caUqpSBml6VAnAR18ZTdTqRrfERWRLWi/itb9
kiR9qpCNTAqdhnwvueiJrQ//PiuJ9z4TyxbZT3PPf8BEL8v0ue1eVURPWFjECw0P
dftioW6JjWbFvRH/vMy9PUTtPx23rrw1H/vLZ6trQHbWDnc5SHxSlulg0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNBSoYP4rP1E4IBFu6j7YrhB8BSfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMEZLaGdfaXNfVVRnZ0VXN3FQdGl1RUh3Rko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIHp5FEAzsfW7laCoQKb
i3PSTHgCWbypGCaiWRoNskqmdS+zMpVFTyNH7PoNiJToMhIkuSRxADsjEAI5fks9
zPOHZmazFq3DhlBet/G6Vya1IIGXVGKU92T3OW6igXSOVo7bki6ZuwB4zsIqjvIB
Dl7wVNHCJDHyyZ+KF152tamzWRexcAHyFcilkyfuFPqdSeqCZc80yU+n7EWIvsVb
2NVClpZvMp2iZURud3Aq6p1fbfVJoX4nNbY5hgNFcTzXfnnoBrFQQWwtX7DbWcar
GUw/hEPZrgbippCzlqADcwB80I4+0NIWOKWrIpffHIRfRSYASaVm4q/+jVjrJDjH
YhI=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:17:08 2025 by rpki-client