Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1H6UjP-4-eySmIKu3Rujq-M17Yc.roa
File: 1H6UjP-4-eySmIKu3Rujq-M17Yc.roa (raw, json)
Hash identifier: JE4EYdYuB3TJz/hyIYIxitgK0WOjfG52i0nDuU4G4BQ=
Subject key identifier: D4:7E:94:8C:FF:B8:F9:EC:92:98:82:AE:DD:1B:A3:AB:E3:35:ED:87
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190ADE96C90A8453CAB7010E39B24790A87
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1H6UjP-4-eySmIKu3Rujq-M17Yc.roa
Signing time: Sat 13 Jul 2024 21:04:34 +0000
ROA not before: Sat 13 Jul 2024 21:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:ade9:2eb6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ad:e9:6c:90:a8:45:3c:ab:70:10:e3:9b:24:79:0a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 21:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d47e948cffb8f9ec929882aedd1ba3abe335ed87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:51:71:19:32:5e:f1:01:af:8c:02:9d:c6:
89:7b:46:94:2b:bd:21:5a:53:31:87:36:c9:c3:10:
78:74:ad:49:68:08:9e:ad:d6:6f:f5:be:58:9f:a6:
4b:96:a1:8a:e0:4a:c0:77:70:46:ed:4e:79:ae:ce:
00:9e:91:e3:3a:ee:a3:8c:c3:cb:b1:53:f4:2e:1e:
cb:b5:14:f6:fe:08:da:40:64:65:f0:4b:cb:f3:c6:
f5:0c:f8:17:ef:a8:2e:c7:6b:32:f9:2e:98:52:e2:
70:5d:16:a1:12:7b:e5:1a:94:77:57:5c:ba:2d:4a:
1d:59:00:c1:e7:b4:91:ee:06:93:31:d9:b5:5d:6c:
b3:d8:5a:a0:32:d8:4f:80:c8:1b:58:c2:1b:95:6e:
d7:09:f1:2e:55:a3:e2:b6:47:cc:b8:47:02:83:7c:
d9:ef:e0:cf:22:43:7d:75:9d:2d:ad:13:9a:d5:eb:
46:65:1d:8c:9f:8c:d1:13:3f:20:b9:de:30:93:61:
65:a8:90:be:65:f6:f5:92:bb:9a:28:e7:89:1e:84:
ed:35:80:65:76:6a:bb:35:8e:76:83:d6:74:ea:82:
01:33:0e:39:fa:d7:b7:06:f3:ea:1e:66:c8:13:55:
47:96:6f:e9:10:51:c1:ed:ae:00:c5:a0:aa:dd:d3:
4e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7E:94:8C:FF:B8:F9:EC:92:98:82:AE:DD:1B:A3:AB:E3:35:ED:87
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1H6UjP-4-eySmIKu3Rujq-M17Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:a1:f9:80:db:98:9b:04:f3:c7:fd:7e:4b:1f:b7:ca:e7:61:
63:05:b9:c0:b8:60:51:9d:38:4b:78:15:dd:f2:c4:4e:67:74:
fb:a4:e1:c0:83:7b:5c:78:cb:ae:e9:43:8e:11:6f:e4:30:e7:
f1:56:de:2d:9b:e2:3b:e4:a9:99:5d:d1:8b:6e:77:71:63:3c:
4e:ab:2a:21:30:8d:01:21:5c:cb:5b:12:84:c5:6a:90:cc:41:
26:12:f0:4c:da:0b:16:4a:8a:ef:93:bd:41:ea:97:25:61:61:
0d:db:b6:05:f2:95:c8:1c:11:f1:64:2e:59:c8:23:a1:6a:b9:
0e:3e:c5:48:fe:c6:77:a0:27:f0:0e:7d:c1:bd:ef:b8:12:a5:
23:bc:10:73:fe:13:ca:f6:ca:dc:f5:e3:d6:d1:73:9b:a2:35:
95:2f:f2:27:f4:1e:73:15:4b:d8:65:e6:69:62:38:57:06:ea:
c7:e2:09:43:d8:d5:8f:72:4e:33:34:ee:bc:1c:80:8b:db:85:
2b:fa:14:f3:fa:e0:3e:69:db:df:d4:9c:00:2d:3a:bc:c8:43:
06:d8:de:de:9b:ee:65:60:b0:a5:08:09:4c:53:ee:70:0a:6d:
d5:dd:49:9a:6f:df:08:56:82:bd:29:90:cd:60:34:ec:48:2e:
0a:cd:88:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCt6WyQqEU8q3AQ45skeQqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMjEwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdlOTQ4Y2ZmYjhmOWVjOTI5ODgyYWVkZDFiYTNhYmUzMzVlZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPlRcRkyXvEBr4wCncaJe0aUK70h
WlMxhzbJwxB4dK1JaAierdZv9b5Yn6ZLlqGK4ErAd3BG7U55rs4AnpHjOu6jjMPL
sVP0Lh7LtRT2/gjaQGRl8EvL88b1DPgX76gux2sy+S6YUuJwXRahEnvlGpR3V1y6
LUodWQDB57SR7gaTMdm1XWyz2FqgMthPgMgbWMIblW7XCfEuVaPitkfMuEcCg3zZ
7+DPIkN9dZ0trROa1etGZR2Mn4zREz8gud4wk2FlqJC+Zfb1kruaKOeJHoTtNYBl
dmq7NY52g9Z06oIBMw45+te3BvPqHmbIE1VHlm/pEFHB7a4AxaCq3dNO5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNR+lIz/uPnskpiCrt0bo6vjNe2HMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMUg2VWpQLTQtZXlTbUlLdTNSdWpxLU0xN1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFeh+YDbmJsE88f9fksf
t8rnYWMFucC4YFGdOEt4Fd3yxE5ndPuk4cCDe1x4y67pQ44Rb+Qw5/FW3i2b4jvk
qZld0Ytud3FjPE6rKiEwjQEhXMtbEoTFapDMQSYS8EzaCxZKiu+TvUHqlyVhYQ3b
tgXylcgcEfFkLlnII6FquQ4+xUj+xnegJ/AOfcG977gSpSO8EHP+E8r2ytz149bR
c5uiNZUv8if0HnMVS9hl5mliOFcG6sfiCUPY1Y9yTjM07rwcgIvbhSv6FPP64D5p
29/UnAAtOrzIQwbY3t6b7mVgsKUICUxT7nAKbdXdSZpv3whWgr0pkM1gNOxILgrN
iPk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:17:00 2025 by rpki-client