Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HFmslx8lZBIx9JR11XCywMXBj9U.roa
File: HFmslx8lZBIx9JR11XCywMXBj9U.roa (raw, json)
Hash identifier: HVtoYZbJW8DdpUeWhMcW+XkQFOaxNOx52C9hdDRkJo8=
Subject key identifier: 1C:59:AC:97:1F:25:64:12:31:F4:94:75:D5:70:B2:C0:C5:C1:8F:D5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A0D9000656536F0F1F0AD85A8EDDF793
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HFmslx8lZBIx9JR11XCywMXBj9U.roa
Signing time: Thu 11 Jul 2024 08:11:34 +0000
ROA not before: Thu 11 Jul 2024 08:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a0:d9:00:06:56:53:6f:0f:1f:0a:d8:5a:8e:dd:f7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 08:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c59ac971f25641231f49475d570b2c0c5c18fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:ac:32:2f:25:6a:08:49:c4:6e:77:51:af:
31:e9:b9:88:88:4f:31:7a:43:60:cc:64:ee:f2:2f:
ca:ae:96:41:27:9c:02:31:b4:4b:87:05:90:3a:49:
54:a2:72:ce:88:5a:7d:e1:80:34:e3:2f:93:00:e5:
de:1c:a7:cb:b5:62:a2:3c:1b:92:9f:e5:6c:f9:e1:
a9:e9:05:c2:26:97:01:69:90:18:ff:83:3f:87:34:
f6:d7:d0:ca:97:a7:93:ab:ac:11:37:fe:53:8c:23:
7b:ec:85:23:0b:8c:45:a7:37:fe:b9:00:9e:61:cf:
a6:47:06:1f:c9:05:78:ff:22:3e:23:f7:41:51:a8:
b8:1f:ad:02:fd:cb:ab:4e:9c:a3:a3:63:8a:02:a3:
50:76:1e:8a:fa:1b:43:0e:4e:54:fe:17:a7:ef:07:
f0:a6:54:a9:dc:8f:f8:78:2e:37:16:08:55:e4:95:
b7:30:4c:1d:fc:35:5e:fd:4a:28:02:cd:d2:03:c8:
26:fd:3c:8b:7b:69:d9:7f:36:8b:11:60:0f:b8:e9:
04:57:ac:b7:cb:54:ef:f8:2f:4d:c9:1b:07:16:bd:
37:a1:93:21:1d:8c:6b:5b:85:47:c0:e6:19:4c:09:
a0:b9:24:5e:b0:23:65:89:2e:df:ab:de:69:fb:bb:
82:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:59:AC:97:1F:25:64:12:31:F4:94:75:D5:70:B2:C0:C5:C1:8F:D5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HFmslx8lZBIx9JR11XCywMXBj9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:dd:53:ca:6a:90:5b:b1:f6:8a:a4:33:b0:b0:11:d4:7d:38:
07:7f:09:40:b2:3b:6b:9d:f5:17:44:e8:40:91:f7:b4:b2:72:
2b:cb:01:4a:10:75:71:da:a3:f9:27:b4:3c:61:31:e3:98:6d:
fc:6d:b4:ed:6c:a6:f5:f9:1b:bf:40:3b:96:5c:2e:bc:0d:e6:
6e:52:56:61:ce:b9:36:4a:7f:6c:39:6f:9d:9b:3c:e8:23:5b:
ec:76:be:d3:36:bc:7f:3c:30:0f:2e:0a:d7:99:30:9b:1a:0b:
41:e9:73:17:9a:f4:31:77:89:2c:36:6d:f7:56:6a:e7:bb:b6:
29:5e:9c:f0:ee:f0:b2:ec:51:1a:c0:8d:b1:57:34:93:89:57:
14:97:c1:14:92:2f:e8:90:88:46:9d:da:86:75:69:21:bb:b1:
c8:71:1b:4d:6e:df:f9:61:97:9e:4f:a4:d1:06:e7:f5:7a:0f:
ce:88:ff:b6:eb:5c:5c:c2:78:07:42:a2:b2:84:92:e2:db:70:
10:c9:89:79:c3:d5:52:3a:6d:f1:3b:45:aa:2f:58:06:02:f3:
cf:38:74:c0:b3:1b:1a:38:29:fd:21:f8:b2:91:fa:c5:bf:8d:
82:bd:e1:36:f1:e1:53:c4:9f:04:19:41:ce:67:05:18:51:85:
bb:63:10:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCg2QAGVlNvDx8K2FqO3feTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMDgxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzU5YWM5NzFmMjU2NDEyMzFmNDk0NzVkNTcwYjJjMGM1YzE4ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaOsMi8laghJxG53Ua8x6bmIiE8x
ekNgzGTu8i/KrpZBJ5wCMbRLhwWQOklUonLOiFp94YA04y+TAOXeHKfLtWKiPBuS
n+Vs+eGp6QXCJpcBaZAY/4M/hzT219DKl6eTq6wRN/5TjCN77IUjC4xFpzf+uQCe
Yc+mRwYfyQV4/yI+I/dBUai4H60C/curTpyjo2OKAqNQdh6K+htDDk5U/hen7wfw
plSp3I/4eC43FghV5JW3MEwd/DVe/UooAs3SA8gm/TyLe2nZfzaLEWAPuOkEV6y3
y1Tv+C9NyRsHFr03oZMhHYxrW4VHwOYZTAmguSResCNliS7fq95p+7uC7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBxZrJcfJWQSMfSUddVwssDFwY/VMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSEZtc2x4OGxaQkl4OUpSMTFYQ3l3TVhCajlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPdU8pqkFux9oqkM7Cw
EdR9OAd/CUCyO2ud9RdE6ECR97SycivLAUoQdXHao/kntDxhMeOYbfxttO1spvX5
G79AO5ZcLrwN5m5SVmHOuTZKf2w5b52bPOgjW+x2vtM2vH88MA8uCteZMJsaC0Hp
cxea9DF3iSw2bfdWaue7tilenPDu8LLsURrAjbFXNJOJVxSXwRSSL+iQiEad2oZ1
aSG7schxG01u3/lhl55PpNEG5/V6D86I/7brXFzCeAdCorKEkuLbcBDJiXnD1VI6
bfE7RaovWAYC8884dMCzGxo4Kf0h+LKR+sW/jYK94Tbx4VPEnwQZQc5nBRhRhbtj
EI8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:52 2025 by rpki-client