Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IBThsFUDc_CCeL3GHjsYw4r7jUY.roa
File: IBThsFUDc_CCeL3GHjsYw4r7jUY.roa (raw, json)
Hash identifier: QFmww+VPXHEY86te6TLns3EfbvOfQVKR0mzsbiDHXwE=
Subject key identifier: 20:14:E1:B0:55:03:73:F0:82:78:BD:C6:1E:3B:18:C3:8A:FB:8D:46
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903B53EDC58C176394CF5813DC0EC743E4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IBThsFUDc_CCeL3GHjsYw4r7jUY.roa
Signing time: Fri 21 Jun 2024 15:04:34 +0000
ROA not before: Fri 21 Jun 2024 15:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:3b53:e927/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:53:ed:c5:8c:17:63:94:cf:58:13:dc:0e:c7:43:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 15:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2014e1b0550373f08278bdc61e3b18c38afb8d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:04:be:17:cb:d2:6a:99:4b:db:4a:1d:f8:
d9:7d:f7:c2:7b:99:7e:6a:dc:86:57:1b:e6:7b:b6:
e6:f0:c7:93:ba:ad:e8:b2:55:87:50:62:bd:29:0a:
7b:13:6d:df:fd:b5:a2:67:6b:47:04:a0:22:42:55:
c6:d2:5d:d4:b4:1f:e8:9b:1f:98:bb:4d:16:56:1d:
cd:09:7c:46:73:d3:85:1d:f1:2a:95:fb:16:e5:fc:
7a:86:bc:d5:0f:5c:30:d3:10:1d:0d:c1:b5:8d:de:
a0:d0:67:f9:70:46:b3:26:1e:26:de:98:65:ba:d6:
5c:d9:09:46:b4:85:6d:28:05:ac:42:f5:19:62:df:
c9:20:50:e9:91:c5:63:75:7b:dd:1f:e7:17:ce:0f:
69:19:b1:00:c8:3e:11:ba:4d:ac:f2:ff:41:c4:7b:
ff:dd:f7:a0:32:be:8c:b3:88:05:e4:eb:5f:51:05:
1f:25:24:61:6e:8f:f2:30:eb:35:a9:41:6f:dc:5b:
1b:22:fc:6e:51:81:4a:f8:52:61:46:3e:c4:87:ad:
40:d9:59:a7:93:7c:53:a0:c7:cd:a5:b2:00:59:93:
6e:14:ca:19:f3:b1:f9:f9:72:84:3e:93:3f:40:d6:
c1:4b:22:62:f1:3e:ce:7a:e4:82:c2:2a:da:ec:92:
e0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:14:E1:B0:55:03:73:F0:82:78:BD:C6:1E:3B:18:C3:8A:FB:8D:46
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IBThsFUDc_CCeL3GHjsYw4r7jUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:20:50:de:d4:96:02:19:34:06:ae:1b:a8:33:14:1a:50:87:
ef:ff:fc:f3:e1:49:2d:d4:f2:b3:ce:1c:85:c0:10:9b:70:84:
cc:22:dd:db:74:05:16:7e:62:a4:e7:ee:3d:60:da:de:0b:3d:
dc:d9:3a:ec:2e:30:84:77:ec:d0:3e:22:f9:39:d6:70:0e:a5:
15:a5:29:5a:d7:14:30:46:3e:66:88:ba:0e:b3:23:cf:0b:b1:
22:9c:c8:c8:37:6c:55:c0:25:94:89:03:69:01:21:2f:b2:7e:
8c:d0:00:ca:06:3d:65:00:3f:ad:8e:3e:ce:9b:5a:8d:e0:be:
e8:c6:dd:64:25:9b:b4:89:1b:01:9a:54:20:b4:f2:9e:64:b8:
a8:d1:fd:e7:fa:ae:57:3d:9a:81:ba:3e:54:00:d0:6e:1c:62:
1f:5a:03:ed:d5:a5:f6:81:64:fa:0f:25:05:30:5e:19:d3:62:
08:69:00:eb:5a:1d:14:15:70:fe:c4:f8:0e:d1:45:ea:41:99:
c2:7b:a5:2e:8b:70:d0:f8:9f:ab:64:70:15:8c:b8:36:4f:74:
6a:9b:9b:54:6f:02:06:ff:bd:9b:5e:c1:55:30:c4:f8:2c:1a:
eb:30:bb:63:bd:74:6c:b2:d9:85:29:7f:77:c6:df:78:71:ed:
8c:d9:f0:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA7U+3FjBdjlM9YE9wOx0PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMTUwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDE0ZTFiMDU1MDM3M2YwODI3OGJkYzYxZTNiMThjMzhhZmI4ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuEEvhfL0mqZS9tKHfjZfffCe5l+
atyGVxvme7bm8MeTuq3oslWHUGK9KQp7E23f/bWiZ2tHBKAiQlXG0l3UtB/omx+Y
u00WVh3NCXxGc9OFHfEqlfsW5fx6hrzVD1ww0xAdDcG1jd6g0Gf5cEazJh4m3phl
utZc2QlGtIVtKAWsQvUZYt/JIFDpkcVjdXvdH+cXzg9pGbEAyD4Ruk2s8v9BxHv/
3fegMr6Ms4gF5OtfUQUfJSRhbo/yMOs1qUFv3FsbIvxuUYFK+FJhRj7Eh61A2Vmn
k3xToMfNpbIAWZNuFMoZ87H5+XKEPpM/QNbBSyJi8T7OeuSCwira7JLgRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAU4bBVA3Pwgni9xh47GMOK+41GMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSUJUaHNGVURjX0NDZUwzR0hqc1l3NHI3alVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADIgUN7UlgIZNAauG6gz
FBpQh+///PPhSS3U8rPOHIXAEJtwhMwi3dt0BRZ+YqTn7j1g2t4LPdzZOuwuMIR3
7NA+Ivk51nAOpRWlKVrXFDBGPmaIug6zI88LsSKcyMg3bFXAJZSJA2kBIS+yfozQ
AMoGPWUAP62OPs6bWo3gvujG3WQlm7SJGwGaVCC08p5kuKjR/ef6rlc9moG6PlQA
0G4cYh9aA+3VpfaBZPoPJQUwXhnTYghpAOtaHRQVcP7E+A7RRepBmcJ7pS6LcND4
n6tkcBWMuDZPdGqbm1RvAgb/vZtewVUwxPgsGuswu2O9dGyy2YUpf3fG33hx7YzZ
8Ow=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:49 2025 by rpki-client