Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OWYn5TF_uIl8CTC3YblRh0Ryr40.roa
File: OWYn5TF_uIl8CTC3YblRh0Ryr40.roa (raw, json)
Hash identifier: emVijfifbAv277SlTcSJaB2S7ysSn9lepajuvTKxbbA=
Subject key identifier: 39:66:27:E5:31:7F:B8:89:7C:09:30:B7:61:B9:51:87:44:72:AF:8D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019076229FB361AD7425C6F1C5545D77EB6A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OWYn5TF_uIl8CTC3YblRh0Ryr40.roa
Signing time: Wed 03 Jul 2024 01:08:18 +0000
ROA not before: Wed 03 Jul 2024 01:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:22:9f:b3:61:ad:74:25:c6:f1:c5:54:5d:77:eb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 3 01:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=396627e5317fb8897c0930b761b951874472af8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:ac:ce:39:92:17:3c:56:24:2f:36:78:7c:
80:8f:e5:7c:1e:ea:fd:d2:69:e0:09:c1:f0:d6:22:
5d:22:c7:1e:fa:cd:e5:69:0b:31:18:aa:ec:ba:45:
92:99:d9:22:92:c4:52:e8:bc:62:32:50:fc:f3:62:
7c:02:3a:3e:60:8c:a8:2d:9c:f4:8b:d3:6b:6c:aa:
a3:8c:c2:48:7a:74:d7:a0:b1:17:70:86:a2:6c:98:
f8:2f:ff:8f:fb:1c:7b:5e:6a:c7:8a:90:6a:ac:67:
94:e2:dc:13:ba:1a:26:81:c4:7e:52:12:5f:d8:9c:
aa:df:45:da:8f:f9:45:2f:77:78:7b:ee:01:85:a9:
80:51:ea:47:37:63:64:7a:6f:f7:3c:14:f6:4f:3f:
32:8e:5b:33:76:01:74:ff:cc:8f:24:76:fe:a3:fa:
3a:7f:2d:03:70:64:30:7f:c1:ed:a9:32:0d:12:f3:
f7:16:fd:07:78:f6:49:f6:87:3d:4a:f3:07:e6:88:
25:6a:76:db:59:35:59:26:46:51:26:04:8b:aa:49:
0d:5d:f0:75:22:50:2a:0e:9c:40:45:12:86:64:ff:
09:f4:e7:5a:4f:38:b8:72:98:3e:55:3d:ad:f7:d8:
ac:16:f9:77:58:b6:a8:57:4d:09:2f:8f:be:81:43:
0d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:66:27:E5:31:7F:B8:89:7C:09:30:B7:61:B9:51:87:44:72:AF:8D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OWYn5TF_uIl8CTC3YblRh0Ryr40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:ce:8a:4c:05:93:20:ca:a8:2b:0d:a6:db:ae:e0:49:ce:71:
ba:5d:1a:d2:b0:0f:32:0d:f3:aa:8c:7c:ae:b2:97:63:52:82:
a2:55:ff:fd:82:e6:17:cb:23:d8:ce:dc:c1:61:fc:7d:3e:9f:
f9:38:67:90:ac:b8:ad:0c:4b:06:f1:8f:d1:fe:2d:a7:f5:b7:
d2:0a:d5:08:49:c6:ba:3c:58:91:e3:97:be:71:e4:cd:98:1c:
92:4f:22:a4:89:e0:2d:98:12:2c:ed:5f:0f:ff:46:39:bc:8b:
5c:9e:f4:bd:28:7b:4d:fc:10:24:29:5c:40:2b:3e:02:b5:3d:
7f:f8:cd:18:d2:b6:1e:03:11:b2:85:c5:b7:48:03:1e:01:b0:
dd:4c:3c:51:1e:f9:99:fd:f8:f8:fd:14:f6:d1:f0:a7:19:39:
10:c1:35:1f:69:e0:2c:11:7c:d4:de:cd:d0:32:a8:cf:a1:4d:
0d:04:26:93:9a:22:ac:1d:f8:b5:32:7b:03:30:a9:d7:9c:44:
43:03:6a:dc:16:8b:b3:64:b6:8d:44:c4:9a:a8:53:ce:05:b8:
a4:a9:9a:c5:fa:3a:34:08:a4:c4:df:44:65:eb:03:97:56:bb:
56:c7:d4:d3:0d:46:69:82:f7:fa:c6:f5:d8:a4:e6:c1:4c:6a:
fd:4d:5a:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB2Ip+zYa10JcbxxVRdd+tqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAzMDEwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY2MjdlNTMxN2ZiODg5N2MwOTMwYjc2MWI5NTE4NzQ0NzJhZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt+szjmSFzxWJC82eHyAj+V8Hur9
0mngCcHw1iJdIsce+s3laQsxGKrsukWSmdkiksRS6LxiMlD882J8Ajo+YIyoLZz0
i9NrbKqjjMJIenTXoLEXcIaibJj4L/+P+xx7XmrHipBqrGeU4twTuhomgcR+UhJf
2Jyq30Xaj/lFL3d4e+4BhamAUepHN2Nkem/3PBT2Tz8yjlszdgF0/8yPJHb+o/o6
fy0DcGQwf8HtqTINEvP3Fv0HePZJ9oc9SvMH5oglanbbWTVZJkZRJgSLqkkNXfB1
IlAqDpxARRKGZP8J9OdaTzi4cpg+VT2t99isFvl3WLaoV00JL4++gUMNBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDlmJ+Uxf7iJfAkwt2G5UYdEcq+NMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT1dZbjVURl91SWw4Q1RDM1libFJoMFJ5cjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHvOikwFkyDKqCsNptuu
4EnOcbpdGtKwDzIN86qMfK6yl2NSgqJV//2C5hfLI9jO3MFh/H0+n/k4Z5CsuK0M
Swbxj9H+Laf1t9IK1QhJxro8WJHjl75x5M2YHJJPIqSJ4C2YEiztXw//Rjm8i1ye
9L0oe038ECQpXEArPgK1PX/4zRjSth4DEbKFxbdIAx4BsN1MPFEe+Zn9+Pj9FPbR
8KcZORDBNR9p4CwRfNTezdAyqM+hTQ0EJpOaIqwd+LUyewMwqdecREMDatwWi7Nk
to1ExJqoU84FuKSpmsX6OjQIpMTfRGXrA5dWu1bH1NMNRmmC9/rG9dik5sFMav1N
WgU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:07:29 2025 by rpki-client