Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RWxKRQttM6_lbLhw42oAMnAZ1qo.roa
File: RWxKRQttM6_lbLhw42oAMnAZ1qo.roa (raw, json)
Hash identifier: A51tGB16oSlMzsr4JCyK+KBi4zjEzeqygu1qFt9fU2g=
Subject key identifier: 45:6C:4A:45:0B:6D:33:AF:E5:6C:B8:70:E3:6A:00:32:70:19:D6:AA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190874D2607C4092160D55325DB06B47DCF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RWxKRQttM6_lbLhw42oAMnAZ1qo.roa
Signing time: Sat 06 Jul 2024 09:08:18 +0000
ROA not before: Sat 06 Jul 2024 09:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:4d:26:07:c4:09:21:60:d5:53:25:db:06:b4:7d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 6 09:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=456c4a450b6d33afe56cb870e36a00327019d6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:9b:e2:af:8a:eb:10:33:2e:88:4e:8c:cb:
0a:11:7c:68:2b:9c:b6:06:61:39:f8:13:c2:de:4d:
7e:e5:dc:c3:d5:71:c3:85:03:73:07:e5:f2:87:d0:
03:fb:18:53:89:25:9d:1a:17:75:95:d0:f8:7c:22:
9e:f3:94:df:88:6b:3d:70:53:30:f5:a2:cb:c5:36:
5d:c8:81:2c:51:00:5b:95:98:20:df:f0:22:69:77:
8b:00:b4:f9:6b:ab:e6:21:77:f2:ed:e2:0a:4d:f0:
f9:f5:44:9e:7a:db:83:db:c7:8d:a1:80:7c:eb:ce:
91:05:39:f7:c7:fd:fa:1b:ce:46:0e:0d:ab:c3:6c:
df:ec:8a:cc:31:bd:8d:73:f9:45:16:51:32:27:ea:
9f:6b:38:c4:ee:2d:d9:18:a5:a6:5a:47:30:85:ee:
90:5d:ae:04:b1:1b:a2:cb:8d:67:65:df:73:92:00:
1e:94:fc:03:75:76:0a:a1:f6:00:40:26:0c:17:1a:
e0:9c:d5:84:b2:86:c7:04:7a:dd:f8:9a:27:1f:b8:
0e:3c:7b:93:1a:41:8d:10:4e:12:6d:c8:8c:fb:bf:
63:9b:58:e8:48:7a:3f:d6:de:95:6b:b4:4b:47:b8:
df:d0:96:b2:97:82:f8:86:47:76:89:98:32:79:ab:
96:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6C:4A:45:0B:6D:33:AF:E5:6C:B8:70:E3:6A:00:32:70:19:D6:AA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RWxKRQttM6_lbLhw42oAMnAZ1qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:d7:49:bb:00:08:99:1d:ac:80:24:0e:65:93:b1:96:7b:d5:
f9:08:e2:4e:5a:11:b3:5b:8b:ca:38:d5:bf:67:81:bb:01:30:
c4:a6:ea:89:74:f1:8d:4a:ba:4b:31:91:b1:2d:33:7e:57:1c:
08:d9:63:0f:70:d8:e0:25:26:5e:e5:eb:c3:4b:32:3f:c3:e1:
d9:db:52:ad:18:6b:09:81:08:e9:12:d4:46:83:89:11:d3:4b:
7c:e5:75:50:81:8c:e7:c1:3d:05:17:c9:a1:ec:fd:0e:27:f5:
70:35:53:d2:52:5f:27:5a:3c:a9:33:6c:eb:e4:fb:0e:86:32:
b6:67:52:21:e6:bc:76:c2:b7:21:41:1a:4e:12:f6:f6:19:a6:
59:ee:6d:96:ed:7e:72:f1:d9:a2:46:cf:69:e3:18:fc:ac:2d:
f9:b9:5b:1a:cd:3f:17:0b:80:d9:16:36:16:7e:d9:41:d4:81:
d7:3b:f0:41:90:76:21:41:39:fe:f0:4d:8d:37:d3:2f:8f:7c:
83:c9:88:24:f2:12:35:d0:bb:78:48:36:d0:72:88:e0:8f:07:
b5:75:7b:c4:34:f2:09:bd:06:f8:b3:f2:40:14:5c:8c:c8:b0:
2b:f8:c5:b1:df:4b:6a:9f:31:3e:83:e2:41:0e:82:9f:82:b8:
8f:ac:e9:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCHTSYHxAkhYNVTJdsGtH3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA2MDkwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTZjNGE0NTBiNmQzM2FmZTU2Y2I4NzBlMzZhMDAzMjcwMTlkNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynGb4q+K6xAzLohOjMsKEXxoK5y2
BmE5+BPC3k1+5dzD1XHDhQNzB+Xyh9AD+xhTiSWdGhd1ldD4fCKe85TfiGs9cFMw
9aLLxTZdyIEsUQBblZgg3/AiaXeLALT5a6vmIXfy7eIKTfD59USeetuD28eNoYB8
686RBTn3x/36G85GDg2rw2zf7IrMMb2Nc/lFFlEyJ+qfazjE7i3ZGKWmWkcwhe6Q
Xa4EsRuiy41nZd9zkgAelPwDdXYKofYAQCYMFxrgnNWEsobHBHrd+JonH7gOPHuT
GkGNEE4SbciM+79jm1joSHo/1t6Va7RLR7jf0Jayl4L4hkd2iZgyeauWtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEVsSkULbTOv5Wy4cONqADJwGdaqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUld4S1JRdHRNNl9sYkxodzQyb0FNbkFaMXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGnXSbsACJkdrIAkDmWT
sZZ71fkI4k5aEbNbi8o41b9ngbsBMMSm6ol08Y1KuksxkbEtM35XHAjZYw9w2OAl
Jl7l68NLMj/D4dnbUq0YawmBCOkS1EaDiRHTS3zldVCBjOfBPQUXyaHs/Q4n9XA1
U9JSXydaPKkzbOvk+w6GMrZnUiHmvHbCtyFBGk4S9vYZplnubZbtfnLx2aJGz2nj
GPysLfm5WxrNPxcLgNkWNhZ+2UHUgdc78EGQdiFBOf7wTY030y+PfIPJiCTyEjXQ
u3hINtByiOCPB7V1e8Q08gm9Bviz8kAUXIzIsCv4xbHfS2qfMT6D4kEOgp+CuI+s
6SY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:57:20 2025 by rpki-client