Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1br1Hm-mloNoKf2mS863z7ganYM.roa
File: 1br1Hm-mloNoKf2mS863z7ganYM.roa (raw, json)
Hash identifier: D1BUh/+KIl9kqswSuNEl1qqciYDc7FRlafGUgPKNWvI=
Subject key identifier: D5:BA:F5:1E:6F:A6:96:83:68:29:FD:A6:4B:CE:B7:CF:B8:1A:9D:83
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019074DD9AD20DD19948A96300611CDC3D6A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1br1Hm-mloNoKf2mS863z7ganYM.roa
Signing time: Tue 02 Jul 2024 19:13:18 +0000
ROA not before: Tue 02 Jul 2024 19:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:dd:9a:d2:0d:d1:99:48:a9:63:00:61:1c:dc:3d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 19:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5baf51e6fa696836829fda64bceb7cfb81a9d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:09:97:2b:ac:9d:d3:f5:0c:bc:e8:84:86:4b:
54:58:fd:54:cb:01:c4:f0:82:18:cc:14:20:3d:a8:
3e:22:3c:b2:d0:50:d2:25:78:a4:96:79:85:e9:19:
77:9a:ef:93:02:e1:bd:ad:fd:c3:39:51:73:80:c5:
83:1f:9c:d7:a8:09:a0:a8:18:44:70:48:36:54:83:
c7:b6:0c:98:c3:58:ba:e4:fd:cf:b8:9a:15:1d:40:
91:89:05:b4:e0:cb:8a:d0:d2:b5:b1:10:70:2f:c8:
10:81:1d:13:0b:e3:02:f1:9e:43:f1:59:96:f6:7c:
8d:d4:9e:03:9c:cd:00:d3:ec:2b:82:80:65:a2:f1:
af:16:de:06:e4:06:68:2d:ef:a4:57:8b:5d:ea:3d:
00:fd:26:42:29:97:62:58:f1:4d:7a:cb:58:52:c3:
be:e4:19:ca:42:4d:75:1b:ac:ea:c4:8b:28:66:41:
81:04:e0:15:19:cf:8d:66:14:80:4a:5d:79:57:64:
f6:4c:13:51:92:d0:dc:61:94:65:a9:c2:a9:cf:a7:
d7:9a:bf:4f:ba:65:76:c2:bb:c6:09:96:b4:19:c8:
39:4e:37:d0:e7:58:56:c4:9e:b8:db:62:9c:3f:24:
88:7d:29:ae:c1:c3:67:25:9a:2a:78:87:a6:1f:20:
33:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BA:F5:1E:6F:A6:96:83:68:29:FD:A6:4B:CE:B7:CF:B8:1A:9D:83
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1br1Hm-mloNoKf2mS863z7ganYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:db:16:28:56:96:71:85:eb:df:bf:22:de:43:da:a1:ee:64:
d0:85:b6:b0:5c:85:06:67:bb:3a:9a:2a:ec:33:05:ee:77:f5:
aa:f9:dd:e0:82:97:0f:30:79:f4:a6:97:de:7a:fb:aa:48:43:
ab:c9:f6:33:4c:41:0f:1d:44:64:ef:13:b8:c8:9a:a2:1f:8e:
74:92:37:75:4c:72:d4:35:56:12:86:83:ce:69:3c:ca:11:89:
8a:6a:22:8f:e7:0e:db:89:90:d8:57:f0:77:a9:b6:0b:45:d7:
51:82:89:57:f8:51:97:59:f8:28:20:b0:68:a8:70:9d:c1:f1:
ed:64:ec:6f:9e:94:49:2d:72:43:50:80:80:27:ae:72:f1:d8:
ac:08:e1:6e:c2:7c:cd:78:57:8c:1a:63:2e:b3:27:ef:02:3e:
36:24:26:1e:75:22:17:af:9c:3e:ad:bb:6f:21:b5:7e:79:b5:
43:15:f3:eb:a5:63:7e:36:bc:90:5d:89:08:8f:fe:11:09:3d:
30:93:a0:37:5b:74:ca:37:3b:ba:ca:d2:cf:df:c0:e7:f1:62:
e0:3a:32:59:d8:68:ae:99:23:94:a7:44:5d:91:55:92:59:fb:
c8:84:e0:57:f3:fa:79:5e:6d:ca:38:81:90:5f:e1:ed:48:e7:
d6:45:e9:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB03ZrSDdGZSKljAGEc3D1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMTkxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJhZjUxZTZmYTY5NjgzNjgyOWZkYTY0YmNlYjdjZmI4MWE5ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQmXK6yd0/UMvOiEhktUWP1UywHE
8IIYzBQgPag+Ijyy0FDSJXiklnmF6Rl3mu+TAuG9rf3DOVFzgMWDH5zXqAmgqBhE
cEg2VIPHtgyYw1i65P3PuJoVHUCRiQW04MuK0NK1sRBwL8gQgR0TC+MC8Z5D8VmW
9nyN1J4DnM0A0+wrgoBlovGvFt4G5AZoLe+kV4td6j0A/SZCKZdiWPFNestYUsO+
5BnKQk11G6zqxIsoZkGBBOAVGc+NZhSASl15V2T2TBNRktDcYZRlqcKpz6fXmr9P
umV2wrvGCZa0Gcg5TjfQ51hWxJ6422KcPySIfSmuwcNnJZoqeIemHyAzzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNW69R5vppaDaCn9pkvOt8+4Gp2DMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMWJyMUhtLW1sb05vS2YybVM4NjN6N2dhbllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD7bFihWlnGF69+/It5D
2qHuZNCFtrBchQZnuzqaKuwzBe539ar53eCClw8wefSml956+6pIQ6vJ9jNMQQ8d
RGTvE7jImqIfjnSSN3VMctQ1VhKGg85pPMoRiYpqIo/nDtuJkNhX8HeptgtF11GC
iVf4UZdZ+CggsGiocJ3B8e1k7G+elEktckNQgIAnrnLx2KwI4W7CfM14V4waYy6z
J+8CPjYkJh51IhevnD6tu28htX55tUMV8+ulY342vJBdiQiP/hEJPTCToDdbdMo3
O7rK0s/fwOfxYuA6MlnYaK6ZI5SnRF2RVZJZ+8iE4Ffz+nlebco4gZBf4e1I59ZF
6Xs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:48 2025 by rpki-client