Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KLi4UA8WQaQveneKF7CIgIGYuqI.roa
File: KLi4UA8WQaQveneKF7CIgIGYuqI.roa (raw, json)
Hash identifier: 1Fa6fghDTag0F2ORw/pYSN2arIJ3pGogJZ8ZVPO0yCI=
Subject key identifier: 28:B8:B8:50:0F:16:41:A4:2F:7A:77:8A:17:B0:88:80:81:98:BA:A2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B53BA9855464309EA27938CD6751137F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KLi4UA8WQaQveneKF7CIgIGYuqI.roa
Signing time: Mon 15 Jul 2024 07:11:44 +0000
ROA not before: Mon 15 Jul 2024 07:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:3b:a9:85:54:64:30:9e:a2:79:38:cd:67:51:13:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 07:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28b8b8500f1641a42f7a778a17b088808198baa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:24:37:11:99:bf:48:1f:27:9a:7a:0c:86:e2:
8d:51:6c:04:25:8d:92:6e:70:f9:f4:ce:1f:b5:95:
05:36:58:00:0a:77:76:a5:eb:06:8a:6f:d6:da:ce:
45:ba:3b:1f:7c:00:a5:62:ba:ef:ac:a7:51:31:78:
93:b7:89:38:1f:27:e0:93:96:10:1c:58:58:0f:d8:
80:4a:0b:0f:dd:66:89:90:43:83:df:68:e9:b3:06:
24:67:c1:ab:cd:af:3d:88:7c:89:5b:ad:1f:ef:2a:
ed:e0:3c:32:f1:69:a9:bb:7e:37:53:a1:e7:5b:bc:
70:75:91:e0:6e:fd:ee:a5:c7:c8:30:55:66:8c:ec:
18:fe:27:35:a2:cb:5f:43:ff:75:a0:87:3f:68:1b:
60:3f:49:37:f1:95:f6:6f:bb:ee:ab:26:45:98:b2:
d1:65:63:52:2f:7f:ed:7f:6c:f5:35:7a:3e:32:07:
68:7c:78:f0:ee:50:59:22:9e:f3:d3:7a:b5:31:ed:
b6:a5:e2:fa:3d:bd:99:d1:fc:36:e8:58:00:95:2f:
72:84:d0:47:b7:29:23:98:0e:c1:02:3f:33:cc:97:
c4:44:09:2b:58:6a:ca:dc:ea:0b:44:03:c8:ef:36:
9d:89:8b:ce:93:22:ce:cc:21:cf:00:1b:5d:88:f5:
91:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B8:B8:50:0F:16:41:A4:2F:7A:77:8A:17:B0:88:80:81:98:BA:A2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KLi4UA8WQaQveneKF7CIgIGYuqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:d6:30:c5:fa:ad:64:90:7f:cc:ae:03:c4:94:9b:97:f6:3d:
ae:9f:be:55:84:95:2e:3c:84:ab:85:31:30:b9:23:1c:d7:2f:
70:62:4e:90:64:d1:f8:98:e9:da:c2:fe:5c:18:fd:c8:da:7e:
87:ff:ec:66:84:67:9e:12:b6:1b:af:d4:94:b4:91:28:d0:49:
64:34:57:d3:7f:64:dc:8b:3d:3b:c6:43:3b:d1:c1:e3:44:33:
53:f6:4d:25:8b:99:ca:d3:75:1c:d7:2e:01:97:7a:37:f8:3c:
e8:20:12:7b:14:8e:e7:90:5d:3a:c6:fb:a0:da:65:b5:60:d3:
72:f0:7d:d3:1a:db:5d:03:f3:43:e1:a7:ff:8a:04:a3:08:8b:
55:35:b6:bc:ca:85:e0:56:f5:46:b8:62:69:5c:f2:03:a8:7f:
0f:21:ba:29:01:e7:bf:36:ef:c0:33:f0:35:1a:99:2e:c2:31:
4c:90:27:86:9f:56:0f:f2:a6:1e:c5:80:87:8b:6e:f4:8a:55:
f4:4f:ff:69:aa:ef:42:19:da:50:43:11:a6:f0:85:17:0d:2c:
21:c5:d8:a8:76:88:43:ec:1f:8a:2e:c1:ba:37:70:51:1d:06:
a0:bb:4b:9e:62:08:1b:d1:ee:4a:a5:38:2f:bf:fc:5e:57:54:
66:48:37:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC1O6mFVGQwnqJ5OM1nURN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MDcxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI4Yjg1MDBmMTY0MWE0MmY3YTc3OGExN2IwODg4MDgxOThiYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCQ3EZm/SB8nmnoMhuKNUWwEJY2S
bnD59M4ftZUFNlgACnd2pesGim/W2s5FujsffAClYrrvrKdRMXiTt4k4Hyfgk5YQ
HFhYD9iASgsP3WaJkEOD32jpswYkZ8Grza89iHyJW60f7yrt4Dwy8Wmpu343U6Hn
W7xwdZHgbv3upcfIMFVmjOwY/ic1ostfQ/91oIc/aBtgP0k38ZX2b7vuqyZFmLLR
ZWNSL3/tf2z1NXo+MgdofHjw7lBZIp7z03q1Me22peL6Pb2Z0fw26FgAlS9yhNBH
tykjmA7BAj8zzJfERAkrWGrK3OoLRAPI7zadiYvOkyLOzCHPABtdiPWR9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCi4uFAPFkGkL3p3ihewiICBmLqiMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS0xpNFVBOFdRYVF2ZW5lS0Y3Q0lnSUdZdXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbWMMX6rWSQf8yuA8SU
m5f2Pa6fvlWElS48hKuFMTC5IxzXL3BiTpBk0fiY6drC/lwY/cjafof/7GaEZ54S
thuv1JS0kSjQSWQ0V9N/ZNyLPTvGQzvRweNEM1P2TSWLmcrTdRzXLgGXejf4POgg
EnsUjueQXTrG+6DaZbVg03LwfdMa210D80Php/+KBKMIi1U1trzKheBW9Ua4Ymlc
8gOofw8huikB578278Az8DUamS7CMUyQJ4afVg/yph7FgIeLbvSKVfRP/2mq70IZ
2lBDEabwhRcNLCHF2Kh2iEPsH4ouwbo3cFEdBqC7S55iCBvR7kqlOC+//F5XVGZI
NxU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:17 2025 by rpki-client