Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BLcW5kjF3dU3-udy3RnqbApC_I4.roa
File: BLcW5kjF3dU3-udy3RnqbApC_I4.roa (raw, json)
Hash identifier: tq4Efu0TWPbrqMyvZC4Jw5x9Hn78xyBuezhtqT/xXHY=
Subject key identifier: 04:B7:16:E6:48:C5:DD:D5:37:FA:E7:72:DD:19:EA:6C:0A:42:FC:8E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01904DCD8A93D95CFAA85D42D453D27DAEB2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BLcW5kjF3dU3-udy3RnqbApC_I4.roa
Signing time: Tue 25 Jun 2024 05:10:34 +0000
ROA not before: Tue 25 Jun 2024 05:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4d:cd:8a:93:d9:5c:fa:a8:5d:42:d4:53:d2:7d:ae:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 25 05:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04b716e648c5ddd537fae772dd19ea6c0a42fc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:23:aa:1e:d3:cb:3f:eb:dc:b0:e9:7d:e6:dc:
2d:b4:4a:c3:7f:49:cd:62:0a:6a:4c:11:a7:b2:70:
4f:63:da:78:a2:85:5a:c7:29:16:86:de:bb:a3:f4:
07:f3:ec:e2:09:db:f0:2a:fe:12:d3:8e:e6:5a:ca:
fa:46:ba:70:d9:93:d2:10:45:be:0a:cc:cb:14:d2:
fd:60:19:1a:31:89:53:c0:5c:22:6d:9d:df:45:eb:
ac:c6:28:eb:60:07:3a:36:69:9e:66:e8:a1:16:91:
59:a7:f6:3d:09:4c:81:4b:10:d4:c4:21:33:19:28:
9c:c2:be:b6:2b:f1:57:aa:15:60:2d:6a:64:4f:f4:
f7:e9:37:1f:2d:1a:5f:31:40:32:c4:23:36:24:59:
41:1d:21:69:5f:82:56:c9:09:3f:1c:08:74:5b:36:
02:b3:54:e3:9a:67:0b:4c:12:b9:c8:d8:e7:e1:e9:
3b:7f:dc:1c:6f:e5:f1:a7:50:17:d3:e2:4a:b8:1e:
fb:f2:b0:2d:5b:fd:75:d7:a9:43:b1:7f:0c:6c:00:
4e:4b:37:f9:a2:bb:a0:81:f9:4b:e0:6f:a9:47:ce:
cd:02:01:f4:17:47:06:f2:97:ca:e5:85:70:d1:0c:
4b:e9:14:59:41:9e:e3:5c:2a:27:1e:69:53:c0:9b:
1a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:16:E6:48:C5:DD:D5:37:FA:E7:72:DD:19:EA:6C:0A:42:FC:8E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BLcW5kjF3dU3-udy3RnqbApC_I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:9c:a5:55:74:08:2d:e7:86:f9:75:9a:9e:d0:c0:2f:b9:8b:
e1:fd:8e:de:b5:3f:33:37:6e:78:55:1d:3d:12:57:5d:6d:98:
bc:44:70:cf:51:67:b0:47:e1:93:cf:02:62:02:ce:69:7f:0a:
f3:69:fe:a5:86:ab:00:b1:07:81:19:81:43:a1:ee:12:11:16:
30:98:79:49:b5:5b:f5:57:8d:18:c4:d7:28:36:ec:6a:81:70:
4a:da:d5:05:1c:31:19:9b:88:0d:0f:ff:ac:9f:39:0c:1e:dc:
8a:3a:c2:65:6c:2b:44:48:4e:87:c6:f4:f6:56:a8:01:8f:83:
23:e2:d4:9e:5a:76:f5:15:58:69:95:ad:40:5a:83:42:9d:fb:
ee:a3:dc:43:03:1b:bb:5e:f5:f7:8f:17:25:ed:46:09:41:16:
db:9c:cf:69:f8:41:2c:8f:b7:6c:01:fe:c1:07:d2:26:08:b7:
49:78:86:9c:37:c5:20:8a:d4:b1:a3:11:67:bc:be:20:9f:3a:
79:ba:27:29:7f:c4:ae:9a:60:8e:4e:48:58:42:97:a4:f8:9f:
10:43:a2:31:62:62:3b:09:68:d0:fa:d7:63:1e:c2:85:28:12:
16:da:51:e4:2a:f4:d0:ab:dc:8a:23:d2:c6:71:52:86:b2:3e:
77:b3:af:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBNzYqT2Vz6qF1C1FPSfa6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI1MDUxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI3MTZlNjQ4YzVkZGQ1MzdmYWU3NzJkZDE5ZWE2YzBhNDJmYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriOqHtPLP+vcsOl95twttErDf0nN
YgpqTBGnsnBPY9p4ooVaxykWht67o/QH8+ziCdvwKv4S047mWsr6Rrpw2ZPSEEW+
CszLFNL9YBkaMYlTwFwibZ3fReusxijrYAc6NmmeZuihFpFZp/Y9CUyBSxDUxCEz
GSicwr62K/FXqhVgLWpkT/T36TcfLRpfMUAyxCM2JFlBHSFpX4JWyQk/HAh0WzYC
s1TjmmcLTBK5yNjn4ek7f9wcb+Xxp1AX0+JKuB778rAtW/1116lDsX8MbABOSzf5
oruggflL4G+pR87NAgH0F0cG8pfK5YVw0QxL6RRZQZ7jXConHmlTwJsajwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAS3FuZIxd3VN/rnct0Z6mwKQvyOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQkxjVzVrakYzZFUzLXVkeTNSbnFiQXBDX0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACucpVV0CC3nhvl1mp7Q
wC+5i+H9jt61PzM3bnhVHT0SV11tmLxEcM9RZ7BH4ZPPAmICzml/CvNp/qWGqwCx
B4EZgUOh7hIRFjCYeUm1W/VXjRjE1yg27GqBcEra1QUcMRmbiA0P/6yfOQwe3Io6
wmVsK0RITofG9PZWqAGPgyPi1J5advUVWGmVrUBag0Kd++6j3EMDG7te9fePFyXt
RglBFtucz2n4QSyPt2wB/sEH0iYIt0l4hpw3xSCK1LGjEWe8viCfOnm6Jyl/xK6a
YI5OSFhCl6T4nxBDojFiYjsJaND612MewoUoEhbaUeQq9NCr3Ioj0sZxUoayPnez
r3I=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:02:58 2025 by rpki-client