Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EhGTDGyuk2LtnhLNcus99HzoOQs.roa
File: EhGTDGyuk2LtnhLNcus99HzoOQs.roa (raw, json)
Hash identifier: mqWC9v+Tmb1e9LZVjx8bRPmDHZJ6uB8FIEu186Ci6ZE=
Subject key identifier: 12:11:93:0C:6C:AE:93:62:ED:9E:12:CD:72:EB:3D:F4:7C:E8:39:0B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019095448631483F194E4F83720C3D21DBBC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EhGTDGyuk2LtnhLNcus99HzoOQs.roa
Signing time: Tue 09 Jul 2024 02:13:34 +0000
ROA not before: Tue 09 Jul 2024 02:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:95:44:86:31:48:3f:19:4e:4f:83:72:0c:3d:21:db:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 02:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1211930c6cae9362ed9e12cd72eb3df47ce8390b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:03:e5:07:91:7d:3b:c5:b9:b9:fb:ef:a9:0f:
c0:1b:6c:d6:1c:9b:d0:02:f8:dd:e9:7e:0a:a7:cb:
6d:b4:39:a3:84:6f:06:47:27:de:ca:70:bd:17:dd:
6f:41:25:14:a3:26:24:33:44:72:8e:c2:53:ce:34:
65:d6:05:23:01:ab:6b:ff:c9:96:49:a4:5b:4e:f4:
6d:e4:30:a5:41:7e:a4:61:f2:64:60:d8:67:40:00:
99:b0:0f:8c:55:8a:cc:ec:11:1b:4e:90:dd:32:0e:
39:0b:f2:14:c1:5f:e2:30:a2:29:4b:67:d3:3f:16:
ae:39:ce:72:8d:85:ac:9a:4c:e1:14:c2:20:cf:31:
55:c0:a1:bb:b6:69:42:68:48:8e:8f:ab:b8:ac:01:
51:c6:6e:f1:89:ce:bb:e7:2d:41:c9:c8:5b:27:e5:
59:16:7b:e8:11:13:0a:c4:d0:88:58:40:59:87:28:
a8:04:14:d8:94:a1:4d:8d:05:24:38:20:e0:b6:6c:
82:ab:b0:22:19:7e:32:e9:a6:a6:a2:7e:56:ab:09:
9e:e7:ba:d8:a6:8f:fa:be:0b:a9:54:34:98:80:03:
52:1f:59:5b:a2:f3:9d:8d:39:1a:22:3c:70:4c:e9:
ec:2c:d1:35:41:ed:d8:39:77:d4:a1:6b:71:3c:44:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:11:93:0C:6C:AE:93:62:ED:9E:12:CD:72:EB:3D:F4:7C:E8:39:0B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EhGTDGyuk2LtnhLNcus99HzoOQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:25:1d:db:99:38:6f:7a:62:4c:5e:b6:6d:b8:0f:c4:0c:40:
70:d1:ca:37:17:e0:46:3f:60:12:fc:d7:70:82:43:32:cc:fe:
8c:d1:27:65:5e:47:df:08:9a:9a:24:e2:8e:79:5b:3f:30:8b:
30:38:11:b9:68:f4:35:ce:94:a9:cb:6e:7d:33:99:70:70:07:
cf:d9:87:c1:54:01:39:8f:84:a3:c0:c4:2a:16:88:2b:69:13:
e4:d5:78:3f:ee:b3:db:2f:ef:3c:d8:e6:42:c6:fe:0b:e1:ed:
df:59:96:98:e1:9a:7c:93:7f:ca:16:ea:a3:5e:9e:28:6d:8a:
4c:a1:2c:a6:36:0f:26:11:b7:dc:ba:d2:e5:ff:10:c3:29:a5:
a6:09:4a:f6:b0:c5:3c:c3:98:d0:95:11:d1:19:76:80:fd:af:
a9:e3:93:9e:a5:32:6a:ce:5a:d4:02:30:23:40:9d:d4:d8:41:
d7:7e:ce:ec:af:80:49:21:64:46:88:dc:25:76:b4:73:0d:0b:
f5:75:de:67:fb:12:73:03:82:e7:ff:7b:fa:a3:78:6e:d6:6d:
4f:11:d3:6d:2f:f0:4b:ed:47:ba:99:c1:bd:1a:25:02:74:86:
50:ba:62:a6:c0:f3:1d:a6:f0:da:bf:95:bc:5d:7a:96:e3:48:
e9:ba:17:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCVRIYxSD8ZTk+Dcgw9Idu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MDIxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjExOTMwYzZjYWU5MzYyZWQ5ZTEyY2Q3MmViM2RmNDdjZTgzOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QPlB5F9O8W5ufvvqQ/AG2zWHJvQ
Avjd6X4Kp8tttDmjhG8GRyfeynC9F91vQSUUoyYkM0RyjsJTzjRl1gUjAatr/8mW
SaRbTvRt5DClQX6kYfJkYNhnQACZsA+MVYrM7BEbTpDdMg45C/IUwV/iMKIpS2fT
PxauOc5yjYWsmkzhFMIgzzFVwKG7tmlCaEiOj6u4rAFRxm7xic675y1BychbJ+VZ
FnvoERMKxNCIWEBZhyioBBTYlKFNjQUkOCDgtmyCq7AiGX4y6aamon5Wqwme57rY
po/6vgupVDSYgANSH1lbovOdjTkaIjxwTOnsLNE1Qe3YOXfUoWtxPER/hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBIRkwxsrpNi7Z4SzXLrPfR86DkLMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRWhHVERHeXVrMkx0bmhMTmN1czk5SHpvT1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMlHduZOG96Ykxetm24
D8QMQHDRyjcX4EY/YBL813CCQzLM/ozRJ2VeR98Impok4o55Wz8wizA4Eblo9DXO
lKnLbn0zmXBwB8/Zh8FUATmPhKPAxCoWiCtpE+TVeD/us9sv7zzY5kLG/gvh7d9Z
lpjhmnyTf8oW6qNenihtikyhLKY2DyYRt9y60uX/EMMppaYJSvawxTzDmNCVEdEZ
doD9r6njk56lMmrOWtQCMCNAndTYQdd+zuyvgEkhZEaI3CV2tHMNC/V13mf7EnMD
guf/e/qjeG7WbU8R020v8EvtR7qZwb0aJQJ0hlC6YqbA8x2m8Nq/lbxdepbjSOm6
F2U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:13 2025 by rpki-client