Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2RVttI70x0Yn6OvXKjfBAzxaUWg.roa
File: 2RVttI70x0Yn6OvXKjfBAzxaUWg.roa (raw, json)
Hash identifier: /4kXbEDCy+9aSsTDJ+Dx4Dbw4v9IO9OmeugsrP3pTg4=
Subject key identifier: D9:15:6D:B4:8E:F4:C7:46:27:E8:EB:D7:2A:37:C1:03:3C:5A:51:68
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A63560E8BE953ADEB1AD18004D0A1032
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2RVttI70x0Yn6OvXKjfBAzxaUWg.roa
Signing time: Fri 12 Jul 2024 09:10:34 +0000
ROA not before: Fri 12 Jul 2024 09:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:35:60:e8:be:95:3a:de:b1:ad:18:00:4d:0a:10:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 09:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9156db48ef4c74627e8ebd72a37c1033c5a5168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cb:72:ce:a3:39:d1:be:ec:fb:79:f2:71:dd:
77:72:42:2c:48:fc:f8:b4:5d:8c:f7:1a:b5:d0:03:
e3:ec:b1:de:63:b5:3b:68:45:31:f7:e0:95:29:eb:
23:54:f6:ad:d8:42:f7:69:c2:00:b0:4a:85:8e:4f:
26:c5:b6:4d:83:aa:b4:68:8d:98:dc:a9:a7:48:04:
be:df:fa:9d:53:cb:d8:04:ac:7b:16:5d:a5:44:17:
8d:92:1a:13:04:16:de:22:8c:49:30:74:93:95:b0:
78:8d:01:3a:f0:4b:3a:c4:0f:25:2a:12:27:4d:be:
a5:ea:8b:2f:d4:55:77:12:c0:d7:36:b6:47:c2:e9:
cf:13:5a:5d:48:e7:ef:26:24:39:75:b7:e1:12:9e:
c3:f5:4a:c9:5c:02:c7:7d:ed:e6:50:c1:c1:b9:da:
a5:c5:61:cc:8f:69:d2:83:7e:1f:8d:30:46:d1:0d:
0b:0c:09:fe:35:01:59:b0:9d:49:da:6a:dc:5f:fd:
0a:c8:57:d4:f8:3a:1b:ef:17:ce:09:84:a1:a2:b2:
c9:fc:dc:8e:16:66:b2:99:b3:71:ee:87:b2:8e:f2:
e3:e7:7e:c1:0a:42:2e:3d:6c:2a:58:d5:8f:ba:68:
96:c6:85:0b:9b:c6:ce:2a:c8:af:2a:73:6c:62:e5:
09:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:15:6D:B4:8E:F4:C7:46:27:E8:EB:D7:2A:37:C1:03:3C:5A:51:68
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2RVttI70x0Yn6OvXKjfBAzxaUWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:4d:26:8f:6d:6d:4d:ab:24:fd:29:f3:5e:07:d7:16:7e:ee:
d0:04:84:53:09:72:81:22:9b:b9:8f:02:28:fb:d6:7c:43:50:
03:fc:06:92:fb:39:b6:23:5b:c0:f9:b8:5f:5c:e6:83:f4:6d:
0a:43:e1:cf:96:e3:51:fe:18:25:b1:5f:6b:54:5b:70:46:8c:
a4:26:3d:3d:5f:2d:72:55:d7:35:4c:a5:96:21:3a:42:e5:53:
74:c4:43:1f:13:d9:c8:0c:30:2f:83:d3:53:63:b3:45:1f:7c:
a1:75:39:77:80:92:c3:43:ed:a8:ac:01:fc:d9:9a:39:e6:cc:
4f:6b:77:03:36:9d:8a:9f:8d:27:00:ea:45:28:6d:01:0f:07:
43:cc:3e:47:e5:1e:a3:c7:4c:18:9b:d2:08:92:bb:e1:f9:eb:
f5:32:f3:a9:a9:d6:3a:02:15:6b:8d:46:03:d3:e0:3a:21:cf:
8e:76:db:62:21:83:4a:7a:1d:80:bd:5b:38:8e:6b:9c:a9:b0:
39:a5:23:5f:ed:58:43:8d:3b:30:0d:63:7b:7e:b7:7b:08:e2:
f3:59:25:75:90:2a:10:d8:74:a4:4b:4f:da:77:b8:a7:15:43:
c9:36:83:e2:6b:71:03:05:b2:58:50:34:21:0f:77:18:31:49:
9b:1c:df:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCmNWDovpU63rGtGABNChAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMDkxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE1NmRiNDhlZjRjNzQ2MjdlOGViZDcyYTM3YzEwMzNjNWE1MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqctyzqM50b7s+3nycd13ckIsSPz4
tF2M9xq10APj7LHeY7U7aEUx9+CVKesjVPat2EL3acIAsEqFjk8mxbZNg6q0aI2Y
3KmnSAS+3/qdU8vYBKx7Fl2lRBeNkhoTBBbeIoxJMHSTlbB4jQE68Es6xA8lKhIn
Tb6l6osv1FV3EsDXNrZHwunPE1pdSOfvJiQ5dbfhEp7D9UrJXALHfe3mUMHBudql
xWHMj2nSg34fjTBG0Q0LDAn+NQFZsJ1J2mrcX/0KyFfU+Dob7xfOCYShorLJ/NyO
FmaymbNx7oeyjvLj537BCkIuPWwqWNWPumiWxoULm8bOKsivKnNsYuUJ/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNkVbbSO9MdGJ+jr1yo3wQM8WlFoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMlJWdHRJNzB4MFluNk92WEtqZkJBenhhVVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAdNJo9tbU2rJP0p814H
1xZ+7tAEhFMJcoEim7mPAij71nxDUAP8BpL7ObYjW8D5uF9c5oP0bQpD4c+W41H+
GCWxX2tUW3BGjKQmPT1fLXJV1zVMpZYhOkLlU3TEQx8T2cgMMC+D01Njs0UffKF1
OXeAksND7aisAfzZmjnmzE9rdwM2nYqfjScA6kUobQEPB0PMPkflHqPHTBib0giS
u+H56/Uy86mp1joCFWuNRgPT4Dohz45222Ihg0p6HYC9WziOa5ypsDmlI1/tWEON
OzANY3t+t3sI4vNZJXWQKhDYdKRLT9p3uKcVQ8k2g+JrcQMFslhQNCEPdxgxSZsc
3x0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:25:03 2025 by rpki-client