Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AUaQWiaxxm3cbfklAIy1HjdUHX0.roa
File: AUaQWiaxxm3cbfklAIy1HjdUHX0.roa (raw, json)
Hash identifier: AXmcUU9xJE6bMIL2Lv2Tg7ak+vY17fYxuzc/N7PRB50=
Subject key identifier: 01:46:90:5A:26:B1:C6:6D:DC:6D:F9:25:00:8C:B5:1E:37:54:1D:7D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAF3B30E2A42D3C707CF46BBC8E981C21
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AUaQWiaxxm3cbfklAIy1HjdUHX0.roa
Signing time: Sat 25 May 2024 10:10:42 +0000
ROA not before: Sat 25 May 2024 10:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:3b:30:e2:a4:2d:3c:70:7c:f4:6b:bc:8e:98:1c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 10:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0146905a26b1c66ddc6df925008cb51e37541d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5f:04:7b:d7:ae:6f:33:66:32:17:03:df:72:
16:94:b6:f8:75:a1:7b:5e:ac:9e:1b:93:a8:47:07:
81:65:a5:4b:0b:8d:37:ad:d7:18:53:5d:03:4f:73:
02:07:a8:81:83:7d:f0:ea:57:89:59:a8:c3:99:7c:
f3:99:bc:82:cd:ee:b4:8b:25:49:f4:47:e5:98:ab:
17:c1:a8:91:3f:7e:a4:1d:76:ea:ed:3b:32:c1:7d:
74:98:a4:9b:00:a4:61:68:5a:c7:dc:e2:11:01:17:
72:30:c3:27:b7:95:ef:fa:26:39:b6:72:9a:0e:13:
4a:f9:02:e0:fe:e0:05:27:bf:ed:97:8d:d2:46:40:
77:f8:f6:d6:1d:cb:87:43:10:d3:08:aa:b2:45:11:
dd:fd:b4:6c:37:fd:aa:9a:fc:a6:ce:ca:cd:d8:75:
af:5f:07:cc:0b:4d:ab:95:09:6b:04:c8:33:3d:2f:
18:b8:49:c5:dd:7a:0c:75:75:f3:48:71:e6:b3:51:
e4:5d:fb:f2:c0:78:de:8f:a7:55:4f:58:ca:e1:1b:
af:41:fd:ac:62:d0:d4:3a:2f:42:c7:da:3b:54:1c:
0c:e1:ae:45:45:bb:e9:20:7b:99:8c:12:1e:45:e9:
89:1e:f5:49:7d:db:e1:ca:22:19:b1:f0:c1:73:9e:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:46:90:5A:26:B1:C6:6D:DC:6D:F9:25:00:8C:B5:1E:37:54:1D:7D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AUaQWiaxxm3cbfklAIy1HjdUHX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:64:cb:a0:e1:89:e5:94:d9:a3:90:1c:29:12:3c:fc:c7:51:
49:9f:4a:69:7f:c9:89:ad:d3:a8:b4:2d:dd:5c:fb:0c:5d:1d:
85:b3:0c:e2:60:04:5f:ff:df:60:38:33:ed:50:95:75:03:34:
94:68:14:27:27:82:62:ab:c1:b0:43:7e:0c:cc:5f:a7:ee:d1:
7b:40:bb:f5:ee:63:60:5d:8c:a9:2d:89:ef:37:3d:e5:3c:ad:
63:ec:59:3d:cc:15:fd:3a:f5:56:69:fd:59:5e:e2:a4:bc:d8:
c5:bd:f9:e2:36:2b:48:bb:e3:82:b6:8b:51:70:e0:89:10:a5:
b8:80:17:63:7a:f2:a9:1e:12:f5:ff:be:98:66:54:4b:61:0e:
8d:2d:e1:c6:91:cf:3b:26:dd:94:99:02:b0:d5:aa:37:7b:41:
ae:53:fe:22:b3:cb:c6:8b:a5:b9:67:db:1b:72:ae:ab:2e:27:
b7:31:22:e1:30:b1:7d:e9:02:de:e0:50:5b:a0:7f:c1:af:8b:
05:f3:e4:dd:2d:af:c5:ac:84:cc:53:75:47:7c:c0:c1:57:2b:
1a:98:db:b6:9f:b2:de:59:51:80:1c:f4:5c:10:cb:5d:29:4e:
f4:a2:4f:81:8a:bf:27:57:4e:f1:1a:95:77:eb:90:b7:b9:d2:
48:c8:c1:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+vOzDipC08cHz0a7yOmBwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MTAxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQ2OTA1YTI2YjFjNjZkZGM2ZGY5MjUwMDhjYjUxZTM3NTQxZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV8Ee9eubzNmMhcD33IWlLb4daF7
XqyeG5OoRweBZaVLC403rdcYU10DT3MCB6iBg33w6leJWajDmXzzmbyCze60iyVJ
9EflmKsXwaiRP36kHXbq7TsywX10mKSbAKRhaFrH3OIRARdyMMMnt5Xv+iY5tnKa
DhNK+QLg/uAFJ7/tl43SRkB3+PbWHcuHQxDTCKqyRRHd/bRsN/2qmvymzsrN2HWv
XwfMC02rlQlrBMgzPS8YuEnF3XoMdXXzSHHms1HkXfvywHjej6dVT1jK4RuvQf2s
YtDUOi9Cx9o7VBwM4a5FRbvpIHuZjBIeRemJHvVJfdvhyiIZsfDBc56UdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAFGkFomscZt3G35JQCMtR43VB19MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQVVhUVdpYXh4bTNjYmZrbEFJeTFIamRVSFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJky6DhieWU2aOQHCkS
PPzHUUmfSml/yYmt06i0Ld1c+wxdHYWzDOJgBF//32A4M+1QlXUDNJRoFCcngmKr
wbBDfgzMX6fu0XtAu/XuY2BdjKktie83PeU8rWPsWT3MFf069VZp/Vle4qS82MW9
+eI2K0i744K2i1Fw4IkQpbiAF2N68qkeEvX/vphmVEthDo0t4caRzzsm3ZSZArDV
qjd7Qa5T/iKzy8aLpbln2xtyrqsuJ7cxIuEwsX3pAt7gUFugf8GviwXz5N0tr8Ws
hMxTdUd8wMFXKxqY27afst5ZUYAc9FwQy10pTvSiT4GKvydXTvEalXfrkLe50kjI
wTA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:18:15 2025 by rpki-client