Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/41jGry7k5aH-MDmVIJByrQYpvD4.roa
File: 41jGry7k5aH-MDmVIJByrQYpvD4.roa (raw, json)
Hash identifier: M/f5SSbrIrHSbqD+CM3v4S/eK3cPkDIZvrYbjOssRxk=
Subject key identifier: E3:58:C6:AF:2E:E4:E5:A1:FE:30:39:95:20:90:72:AD:06:29:BC:3E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909EB2C5EE76EA5C7DD033CD91C2B2B0EB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/41jGry7k5aH-MDmVIJByrQYpvD4.roa
Signing time: Wed 10 Jul 2024 22:10:34 +0000
ROA not before: Wed 10 Jul 2024 22:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:b2:c5:ee:76:ea:5c:7d:d0:33:cd:91:c2:b2:b0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 22:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e358c6af2ee4e5a1fe303995209072ad0629bc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6b:5e:e4:0c:b9:1e:91:68:ab:59:3d:fe:7c:
44:13:fa:1f:c3:c2:d7:61:84:1a:38:fa:a3:d0:0e:
00:e9:63:94:22:ea:bd:1a:ea:18:59:12:a6:ec:f4:
56:cd:5c:b7:e7:97:3e:d1:b3:3b:54:35:18:f5:2e:
54:6f:b1:de:80:c1:ba:c0:8f:a9:b1:2b:d0:26:1d:
4f:19:e9:bf:b1:20:dc:5a:cf:d4:b6:1d:8a:27:44:
c7:ba:48:6f:66:ef:aa:43:75:66:ad:a5:e1:8b:4b:
19:c2:cd:aa:dd:d3:50:24:e3:84:eb:f1:55:08:05:
3b:01:68:d3:4b:d9:35:ce:49:51:1c:a9:7d:15:c9:
f2:07:e4:5c:e5:4c:22:1f:5d:3a:25:1f:cb:4e:60:
ed:65:cd:b4:dd:54:2c:21:db:5f:97:3e:fd:b4:a7:
1b:e2:98:b7:97:dd:94:de:19:6f:85:39:ad:e6:9d:
cc:ff:d3:1d:2d:4e:1a:33:39:88:3f:f2:03:2c:9a:
45:fa:65:5f:25:4e:0f:02:9f:d1:c4:30:0e:73:41:
f8:91:97:8d:e2:98:55:43:e5:43:97:f1:84:2d:21:
b0:78:6e:4d:3b:cf:20:9f:19:e2:87:37:57:8d:a2:
a5:a2:19:85:05:bd:16:14:66:30:57:87:c5:f0:e2:
36:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:58:C6:AF:2E:E4:E5:A1:FE:30:39:95:20:90:72:AD:06:29:BC:3E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/41jGry7k5aH-MDmVIJByrQYpvD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:d1:db:dc:bb:2a:dc:11:00:1b:be:7f:91:11:51:52:cf:b5:
4f:79:56:f1:f2:2d:b8:3d:62:e1:80:9b:1e:ff:16:ca:02:b6:
12:c7:38:72:23:82:8d:f3:d2:c7:5b:3e:5f:51:eb:16:73:4b:
92:6a:67:ce:56:5b:03:d3:74:e7:28:8b:00:7f:bf:53:b1:ab:
d7:22:71:ce:7a:46:35:e3:3e:a4:77:5e:41:84:d3:cf:09:e9:
d2:23:7f:47:f4:39:f0:47:42:dd:90:9b:04:b7:a7:74:96:71:
f7:c9:5c:5e:db:ca:07:41:74:8d:87:95:24:ba:3f:f3:07:0b:
26:aa:36:92:8c:71:ef:e5:bd:5e:6d:9e:30:30:2b:5f:11:ba:
d5:6b:e5:58:18:85:55:2a:6b:3a:bc:09:cb:65:65:92:7f:7f:
04:f3:8e:38:2c:eb:f7:65:54:6b:3a:6b:f4:4d:01:8c:75:f5:
f9:25:bb:d0:01:f0:e1:0d:2a:ce:f3:0a:01:0f:93:29:86:11:
3c:56:4d:e9:87:f0:23:20:5d:f0:3b:dc:38:41:50:83:c9:c5:
05:e8:6f:65:b4:e2:fc:c7:34:13:9d:b4:ae:07:a4:a5:b0:3b:
bc:fa:55:54:2f:da:3a:49:c9:bf:7c:45:cb:be:88:79:05:13:
e8:6c:71:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCessXudupcfdAzzZHCsrDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMjIxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU4YzZhZjJlZTRlNWExZmUzMDM5OTUyMDkwNzJhZDA2MjliYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmte5Ay5HpFoq1k9/nxEE/ofw8LX
YYQaOPqj0A4A6WOUIuq9GuoYWRKm7PRWzVy355c+0bM7VDUY9S5Ub7HegMG6wI+p
sSvQJh1PGem/sSDcWs/Uth2KJ0THukhvZu+qQ3VmraXhi0sZws2q3dNQJOOE6/FV
CAU7AWjTS9k1zklRHKl9FcnyB+Rc5UwiH106JR/LTmDtZc203VQsIdtflz79tKcb
4pi3l92U3hlvhTmt5p3M/9MdLU4aMzmIP/IDLJpF+mVfJU4PAp/RxDAOc0H4kZeN
4phVQ+VDl/GELSGweG5NO88gnxnihzdXjaKlohmFBb0WFGYwV4fF8OI29QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONYxq8u5OWh/jA5lSCQcq0GKbw+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNDFqR3J5N2s1YUgtTURtVklKQnlyUVlwdkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3R29y7KtwRABu+f5ER
UVLPtU95VvHyLbg9YuGAmx7/FsoCthLHOHIjgo3z0sdbPl9R6xZzS5JqZ85WWwPT
dOcoiwB/v1Oxq9cicc56RjXjPqR3XkGE088J6dIjf0f0OfBHQt2QmwS3p3SWcffJ
XF7bygdBdI2HlSS6P/MHCyaqNpKMce/lvV5tnjAwK18RutVr5VgYhVUqazq8Cctl
ZZJ/fwTzjjgs6/dlVGs6a/RNAYx19fklu9AB8OENKs7zCgEPkymGETxWTemH8CMg
XfA73DhBUIPJxQXob2W04vzHNBOdtK4HpKWwO7z6VVQv2jpJyb98Rcu+iHkFE+hs
cR4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:17:04 2025 by rpki-client