Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sOm-84qIBjgsRPQU1mmxMRSOPs.roa
File: 4sOm-84qIBjgsRPQU1mmxMRSOPs.roa (raw, json)
Hash identifier: 0wI4toPcfKPpr1NhGs96rfvqwyPQWpvMgsTnQA4QY0Y=
Subject key identifier: E2:C3:A6:FB:CE:2A:20:18:E0:B1:13:D0:53:59:A6:C4:C4:52:38:FB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF33F5EC6054F5FA0CCB7519DCAF26F1E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sOm-84qIBjgsRPQU1mmxMRSOPs.roa
Signing time: Fri 07 Jun 2024 15:09:27 +0000
ROA not before: Fri 07 Jun 2024 15:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:3f:5e:c6:05:4f:5f:a0:cc:b7:51:9d:ca:f2:6f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 7 15:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c3a6fbce2a2018e0b113d05359a6c4c45238fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:9a:37:a7:a1:32:c0:d6:eb:46:3d:52:ef:
8f:89:47:fb:7c:83:7c:94:f5:f3:00:05:6f:25:d9:
4c:f4:28:60:97:f9:c0:05:b0:58:ac:cc:b1:d6:9c:
87:62:51:01:0b:16:06:de:d2:b7:fa:98:32:42:e9:
bf:fc:de:66:6e:be:dc:41:e4:f6:e1:38:3b:87:0e:
6d:74:00:4c:28:ba:bc:53:47:4b:16:bd:16:cc:de:
25:b2:50:9f:66:97:c8:06:39:cf:93:1c:d7:5e:37:
d7:39:ce:5f:1f:1d:a8:6e:d1:76:b7:f6:77:fa:79:
e9:55:f8:11:95:93:1c:54:9f:93:31:a7:d7:fd:e8:
09:b2:1a:49:bf:bc:c1:84:b5:02:bd:0f:0f:29:14:
9e:2c:35:77:58:a2:53:90:02:fe:2d:f7:9c:6d:16:
7c:3b:f8:d7:f0:b6:41:29:20:06:0a:67:e1:9a:05:
75:dc:f5:0a:7c:c6:d1:de:8e:45:22:c6:31:f2:e8:
bb:0a:39:3b:c3:fd:d7:74:19:8d:ac:ec:64:24:0e:
96:e4:df:57:37:d7:6b:08:73:0e:63:eb:b5:56:ba:
e0:63:46:dd:04:7e:d4:dd:47:66:88:67:b9:1d:97:
d8:d6:41:31:7d:87:d3:3c:b0:b6:57:92:9c:8a:ee:
00:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C3:A6:FB:CE:2A:20:18:E0:B1:13:D0:53:59:A6:C4:C4:52:38:FB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4sOm-84qIBjgsRPQU1mmxMRSOPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:32:16:0a:dc:d0:97:b4:66:89:25:67:c6:2c:80:d9:a0:d3:
3c:c9:de:d6:14:a4:d3:72:2c:2b:98:55:ed:2b:59:c9:0c:8b:
a2:e5:a4:8a:2f:65:c9:25:c0:15:04:1e:71:4e:cd:9a:6f:5c:
92:09:30:be:9b:dc:e5:a7:a9:a8:bf:91:48:8c:75:f3:a2:71:
97:b2:d6:66:be:ff:cd:61:3a:18:58:96:2c:3b:69:d4:45:9b:
fa:dc:70:d5:86:74:02:b0:8c:d8:5d:52:a8:56:b2:ea:62:68:
33:10:6b:27:6e:e0:c6:f0:09:c1:de:98:01:b2:1d:32:af:3c:
3d:4c:ef:71:d3:56:92:eb:ed:0b:6a:0a:18:f3:5b:5a:77:11:
e0:0a:fa:b7:94:90:79:c1:50:53:11:17:10:e8:1e:7a:1b:d6:
aa:c7:37:1c:5c:de:bf:6c:4b:4a:2f:12:22:53:65:b3:f1:fb:
d3:76:b2:4f:b9:5b:09:2e:1d:7c:33:15:17:69:f7:e4:b7:30:
08:91:26:29:34:cc:d5:6b:61:5b:9e:15:b8:6b:1f:48:e1:45:
10:a3:0c:e6:52:bd:b9:d0:cb:e7:c6:29:34:9d:f6:fa:88:6f:
df:72:1d:41:36:73:79:5d:f1:61:78:b0:f8:d1:80:17:f4:c5:
e4:02:b4:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/zP17GBU9foMy3UZ3K8m8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA3MTUwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMzYTZmYmNlMmEyMDE4ZTBiMTEzZDA1MzU5YTZjNGM0NTIzOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxCaN6ehMsDW60Y9Uu+PiUf7fIN8
lPXzAAVvJdlM9Chgl/nABbBYrMyx1pyHYlEBCxYG3tK3+pgyQum//N5mbr7cQeT2
4Tg7hw5tdABMKLq8U0dLFr0WzN4lslCfZpfIBjnPkxzXXjfXOc5fHx2obtF2t/Z3
+nnpVfgRlZMcVJ+TMafX/egJshpJv7zBhLUCvQ8PKRSeLDV3WKJTkAL+LfecbRZ8
O/jX8LZBKSAGCmfhmgV13PUKfMbR3o5FIsYx8ui7Cjk7w/3XdBmNrOxkJA6W5N9X
N9drCHMOY+u1VrrgY0bdBH7U3UdmiGe5HZfY1kExfYfTPLC2V5Kciu4AFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLDpvvOKiAY4LET0FNZpsTEUjj7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHNPbS04NHFJQmpnc1JQUVUxbW14TVJTT1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwyFgrc0Je0ZoklZ8Ys
gNmg0zzJ3tYUpNNyLCuYVe0rWckMi6LlpIovZcklwBUEHnFOzZpvXJIJML6b3OWn
qai/kUiMdfOicZey1ma+/81hOhhYliw7adRFm/rccNWGdAKwjNhdUqhWsupiaDMQ
aydu4MbwCcHemAGyHTKvPD1M73HTVpLr7QtqChjzW1p3EeAK+reUkHnBUFMRFxDo
Hnob1qrHNxxc3r9sS0ovEiJTZbPx+9N2sk+5WwkuHXwzFRdp9+S3MAiRJik0zNVr
YVueFbhrH0jhRRCjDOZSvbnQy+fGKTSd9vqIb99yHUE2c3ld8WF4sPjRgBf0xeQC
tGI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:26:31 2025 by rpki-client