Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ULt9U3g60hAggJpMHNM6CWFyvYU.roa
File: ULt9U3g60hAggJpMHNM6CWFyvYU.roa (raw, json)
Hash identifier: 7CM6AyaDjdwhSWd2G9FHX6CLsafsxMCeso3vYTz01hw=
Subject key identifier: 50:BB:7D:53:78:3A:D2:10:20:80:9A:4C:1C:D3:3A:09:61:72:BD:85
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD7921B41765C2AC83C646AB8319F9370
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ULt9U3g60hAggJpMHNM6CWFyvYU.roa
Signing time: Sun 02 Jun 2024 06:10:27 +0000
ROA not before: Sun 02 Jun 2024 06:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d7:92:1b:41:76:5c:2a:c8:3c:64:6a:b8:31:9f:93:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 06:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50bb7d53783ad21020809a4c1cd33a096172bd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f4:3d:89:2d:7c:d5:87:6f:19:94:50:99:53:
6b:a2:cc:49:25:bd:ed:f3:f5:fd:a9:8c:7e:d6:04:
7b:fd:81:90:2e:fb:f7:df:5a:89:56:0d:d7:47:3c:
80:a3:4b:9a:4a:32:fc:06:2d:10:0e:9e:92:80:4e:
22:a6:87:78:43:4a:19:bf:93:57:5c:03:17:a4:e4:
b0:18:e7:1b:2e:d6:b1:49:c9:e4:1b:cf:84:60:3e:
87:96:80:28:79:5b:9c:90:6e:1d:7a:3c:b1:75:d7:
e7:e5:c7:fd:44:ed:11:65:d1:cf:62:f6:dd:7b:0c:
02:fa:5c:3a:69:cf:ac:9d:80:ad:c3:f6:31:79:33:
c4:88:69:0f:ad:0a:99:77:6f:63:c2:04:8b:2c:91:
52:dd:2d:49:89:12:a8:c2:c6:ad:cd:90:f0:b1:39:
b1:8c:79:86:65:fc:e1:fd:c5:b2:6d:d4:d6:bd:01:
c4:57:61:95:c2:92:0a:b9:a9:d4:61:90:e8:cf:77:
53:74:b2:9d:a9:59:fe:51:eb:3c:d3:03:9b:25:76:
58:16:d1:c6:af:4b:47:d5:3a:7a:3e:a6:7b:62:65:
72:c4:e6:1e:03:37:ee:38:39:3e:87:57:1b:c2:1b:
73:c2:a5:5b:94:74:8d:99:f2:88:9d:38:d8:84:b2:
0a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BB:7D:53:78:3A:D2:10:20:80:9A:4C:1C:D3:3A:09:61:72:BD:85
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ULt9U3g60hAggJpMHNM6CWFyvYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:18:9a:e4:a2:8a:ab:0a:84:9e:63:d1:1e:4d:c6:6f:14:8d:
e6:ad:7c:c2:f5:42:30:96:be:31:d7:b7:ce:e6:eb:31:16:db:
7d:30:df:75:38:27:10:6e:09:e5:29:28:06:d6:7c:37:fd:06:
50:09:ea:09:f4:d7:86:12:7a:dc:a0:f0:e4:e7:f6:a3:b2:a8:
ad:b0:f8:0b:e3:ef:50:56:4e:52:0a:d0:4e:36:8f:8a:5d:43:
e8:d5:21:90:7a:c5:91:f7:36:c4:33:21:59:5f:a3:22:d7:fb:
41:81:2a:c4:5f:fc:f1:28:74:64:55:76:7d:5e:9d:4c:a8:80:
7c:e8:ae:db:9a:4d:03:ce:fd:66:ee:a0:3e:5b:e0:7a:94:b4:
bb:82:2f:83:1f:e1:d6:3e:a2:8e:09:30:97:c6:ce:7c:de:16:
75:dd:0e:32:81:95:ff:a4:54:9e:5f:70:32:52:56:77:d8:ee:
8b:1c:48:46:fa:7b:d7:10:7b:4f:bf:90:ca:dd:0d:54:8b:d1:
3e:ce:48:7d:82:02:97:48:a0:27:31:6f:6e:c7:3d:63:96:64:
50:05:11:e0:7c:83:68:b9:f5:31:b9:90:9f:cd:10:f0:9f:f8:
5f:78:f3:26:69:bd:9b:ef:71:37:2e:06:57:78:1a:3a:27:69:
a2:37:39:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/XkhtBdlwqyDxkargxn5NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMDYxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJiN2Q1Mzc4M2FkMjEwMjA4MDlhNGMxY2QzM2EwOTYxNzJiZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/Q9iS181YdvGZRQmVNrosxJJb3t
8/X9qYx+1gR7/YGQLvv331qJVg3XRzyAo0uaSjL8Bi0QDp6SgE4ipod4Q0oZv5NX
XAMXpOSwGOcbLtaxScnkG8+EYD6HloAoeVuckG4dejyxddfn5cf9RO0RZdHPYvbd
ewwC+lw6ac+snYCtw/YxeTPEiGkPrQqZd29jwgSLLJFS3S1JiRKowsatzZDwsTmx
jHmGZfzh/cWybdTWvQHEV2GVwpIKuanUYZDoz3dTdLKdqVn+Ues80wObJXZYFtHG
r0tH1Tp6PqZ7YmVyxOYeAzfuODk+h1cbwhtzwqVblHSNmfKInTjYhLIKDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFC7fVN4OtIQIICaTBzTOglhcr2FMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVUx0OVUzZzYwaEFnZ0pwTUhOTTZDV0Z5dllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFsYmuSiiqsKhJ5j0R5N
xm8UjeatfML1QjCWvjHXt87m6zEW230w33U4JxBuCeUpKAbWfDf9BlAJ6gn014YS
etyg8OTn9qOyqK2w+Avj71BWTlIK0E42j4pdQ+jVIZB6xZH3NsQzIVlfoyLX+0GB
KsRf/PEodGRVdn1enUyogHzortuaTQPO/WbuoD5b4HqUtLuCL4Mf4dY+oo4JMJfG
znzeFnXdDjKBlf+kVJ5fcDJSVnfY7oscSEb6e9cQe0+/kMrdDVSL0T7OSH2CApdI
oCcxb27HPWOWZFAFEeB8g2i59TG5kJ/NEPCf+F948yZpvZvvcTcuBld4GjonaaI3
Oas=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:00:18 2025 by rpki-client