Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QV2pvEe0q8KqyJg-oeU83ZgJOjE.roa
File: QV2pvEe0q8KqyJg-oeU83ZgJOjE.roa (raw, json)
Hash identifier: 9fnOJ+rHH1IfSYAFADstcnCzXxi9f4bF+TFxxFVaoPU=
Subject key identifier: 41:5D:A9:BC:47:B4:AB:C2:AA:C8:98:3E:A1:E5:3C:DD:98:09:3A:31
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190ADB7116EE93D0CD35C31C430794C9B0D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QV2pvEe0q8KqyJg-oeU83ZgJOjE.roa
Signing time: Sat 13 Jul 2024 20:09:34 +0000
ROA not before: Sat 13 Jul 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ad:b7:11:6e:e9:3d:0c:d3:5c:31:c4:30:79:4c:9b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=415da9bc47b4abc2aac8983ea1e53cdd98093a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:b0:df:5e:59:62:2f:d1:5c:a3:18:d2:8e:
1b:14:c8:5c:7f:00:59:78:6f:e8:5f:14:30:68:27:
c9:38:e8:40:71:99:b5:6a:ab:97:3b:c5:3b:fb:27:
3b:30:5a:da:18:b8:4e:42:e0:b7:ce:fe:d5:bf:32:
07:8f:67:7a:c2:0e:78:11:69:37:e8:b3:31:5f:4b:
eb:03:40:37:20:13:6f:e7:ca:c2:fa:54:8d:2a:72:
99:34:9f:ec:28:a5:fe:c6:1c:1b:ab:34:cf:0c:93:
03:64:e6:23:04:55:e9:b8:75:95:3f:f0:9b:d0:ea:
05:b0:6f:7a:25:0f:fb:25:65:3d:fa:d6:4f:c9:9c:
18:1d:f4:aa:87:d6:13:4e:65:37:f0:6e:cc:0c:19:
85:9d:4d:a4:9a:3c:05:83:95:1e:60:f2:a7:85:18:
ea:da:e7:17:fb:a1:45:be:76:e2:2a:55:a2:79:de:
8a:41:7a:8c:1c:4d:c2:ad:6d:93:d1:1d:1d:4a:f8:
ae:1e:af:23:a5:12:a8:02:96:2a:cf:45:85:de:e7:
7b:87:b8:9c:e6:13:b1:59:97:87:09:64:5d:c2:22:
da:e9:78:53:39:0a:08:df:9d:35:09:fa:ab:2c:2e:
38:e3:aa:82:c1:4c:22:bd:eb:62:d1:af:20:9b:84:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5D:A9:BC:47:B4:AB:C2:AA:C8:98:3E:A1:E5:3C:DD:98:09:3A:31
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QV2pvEe0q8KqyJg-oeU83ZgJOjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:a9:4d:ce:25:1a:7b:18:66:9c:f2:ee:7d:cb:99:c2:a7:df:
86:15:e1:45:49:9b:13:4b:40:a7:bc:f0:c6:48:f8:bf:cf:b0:
0e:04:e1:5a:57:49:0a:1b:14:c2:db:d0:e4:56:59:a9:53:23:
b3:44:71:16:3d:88:12:15:f1:09:3f:b0:65:74:c0:fa:8c:ec:
1c:b0:6f:8e:d2:10:2c:6b:35:4d:56:38:32:be:da:cc:77:d2:
94:a3:1a:6f:f6:3b:6d:c7:3b:2e:42:7c:0f:86:45:41:30:8b:
bc:33:dc:bd:bb:4d:61:e5:8f:c5:df:ad:b0:38:09:80:22:d5:
4b:f0:29:29:04:81:0a:c6:18:da:7f:5b:f3:d2:78:73:7e:59:
ba:21:d6:bf:c8:3c:53:8f:df:2b:c6:25:92:46:85:cb:ca:48:
14:01:fb:f1:9f:98:41:71:4c:e6:c1:45:39:61:3a:27:ea:05:
50:b7:af:32:57:32:7d:f9:f6:2a:1e:2a:f2:60:c6:3e:fc:94:
9b:af:bd:dc:32:1f:50:e6:c0:43:f3:27:51:cf:32:7f:fb:ec:
f4:4a:89:21:5d:30:63:23:77:09:67:dd:5b:54:42:7d:06:bf:
fb:23:fb:63:3e:af:30:3d:6f:ee:a5:4f:7d:6c:ae:11:d1:e6:
32:74:0d:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCttxFu6T0M01wxxDB5TJsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVkYTliYzQ3YjRhYmMyYWFjODk4M2VhMWU1M2NkZDk4MDkzYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoGw315ZYi/RXKMY0o4bFMhcfwBZ
eG/oXxQwaCfJOOhAcZm1aquXO8U7+yc7MFraGLhOQuC3zv7VvzIHj2d6wg54EWk3
6LMxX0vrA0A3IBNv58rC+lSNKnKZNJ/sKKX+xhwbqzTPDJMDZOYjBFXpuHWVP/Cb
0OoFsG96JQ/7JWU9+tZPyZwYHfSqh9YTTmU38G7MDBmFnU2kmjwFg5UeYPKnhRjq
2ucX+6FFvnbiKlWied6KQXqMHE3CrW2T0R0dSviuHq8jpRKoApYqz0WF3ud7h7ic
5hOxWZeHCWRdwiLa6XhTOQoI3501CfqrLC4446qCwUwiveti0a8gm4RDvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEFdqbxHtKvCqsiYPqHlPN2YCToxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUVYycHZFZTBxOEtxeUpnLW9lVTgzWmdKT2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHmpTc4lGnsYZpzy7n3L
mcKn34YV4UVJmxNLQKe88MZI+L/PsA4E4VpXSQobFMLb0ORWWalTI7NEcRY9iBIV
8Qk/sGV0wPqM7Bywb47SECxrNU1WODK+2sx30pSjGm/2O23HOy5CfA+GRUEwi7wz
3L27TWHlj8XfrbA4CYAi1UvwKSkEgQrGGNp/W/PSeHN+Wboh1r/IPFOP3yvGJZJG
hcvKSBQB+/GfmEFxTObBRTlhOifqBVC3rzJXMn359ioeKvJgxj78lJuvvdwyH1Dm
wEPzJ1HPMn/77PRKiSFdMGMjdwln3VtUQn0Gv/sj+2M+rzA9b+6lT31srhHR5jJ0
DT8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:03:01 2025 by rpki-client