Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ub7Z6aNFjYwH4JHaZkPQLliGpNc.roa
File: Ub7Z6aNFjYwH4JHaZkPQLliGpNc.roa (raw, json)
Hash identifier: Ie5nKJyRBZJbT8kQvFhLGPVhICI+pWt4Sw0bk4JnQP8=
Subject key identifier: 51:BE:D9:E9:A3:45:8D:8C:07:E0:91:DA:66:43:D0:2E:58:86:A4:D7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBC4C85DA308751EDC2F751808C0B341F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ub7Z6aNFjYwH4JHaZkPQLliGpNc.roa
Signing time: Mon 27 May 2024 23:04:42 +0000
ROA not before: Mon 27 May 2024 23:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:bc4c:1195/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bc:4c:85:da:30:87:51:ed:c2:f7:51:80:8c:0b:34:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 23:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51bed9e9a3458d8c07e091da6643d02e5886a4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b2:04:23:31:ed:01:cb:a9:d5:b1:be:8e:e6:
7e:dc:a2:d9:15:41:9a:4e:8e:1b:67:77:53:01:16:
57:3f:c1:43:f7:8b:a3:6f:e9:d2:92:6d:7f:58:13:
7b:c9:4e:6b:0b:ee:52:6f:8b:34:0e:36:06:7f:a3:
f5:01:2b:94:1b:49:e7:6c:38:68:db:d7:7a:f9:08:
f0:e0:40:63:a9:12:4f:8e:a8:e5:4a:59:f6:85:df:
34:f3:e1:12:09:33:65:f8:20:51:71:0d:e1:1d:1b:
7f:95:a9:84:e4:9a:04:a5:65:91:ce:be:9e:f2:35:
de:36:c7:2f:2f:16:a8:5b:8e:d6:39:93:f5:74:f8:
55:1e:ea:58:75:59:46:f0:7f:d7:45:64:19:84:3d:
9f:14:74:9c:12:87:1c:85:17:ed:ff:df:39:3a:3f:
69:36:dc:3a:a1:3e:d4:cd:96:10:80:aa:62:2b:61:
bb:67:93:50:1e:cf:6d:eb:67:d1:21:6e:6f:e1:8b:
84:e3:46:e9:c7:b6:72:ae:c0:b2:7c:11:c3:19:6e:
60:38:c1:17:6e:0c:89:f8:a5:8f:e2:1a:a3:02:ea:
48:42:75:8e:9d:76:98:94:56:1a:e6:dd:15:f8:d7:
8d:d8:a2:e7:b4:dc:25:19:c8:17:af:f6:f6:87:09:
2c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BE:D9:E9:A3:45:8D:8C:07:E0:91:DA:66:43:D0:2E:58:86:A4:D7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ub7Z6aNFjYwH4JHaZkPQLliGpNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:5a:af:b0:20:51:06:91:76:7f:2c:51:90:f7:5d:ee:7b:3e:
7c:a6:82:a3:af:17:a5:d0:1f:b0:80:e7:7e:e7:dc:a8:31:86:
5c:3a:49:06:ec:e7:f0:ab:b9:1d:44:d3:04:b8:c7:da:b9:d8:
62:1b:ed:d7:36:73:a0:dd:69:62:17:78:22:52:03:48:04:a4:
bf:72:5a:8f:3b:30:77:d5:bb:66:35:e4:9a:8a:92:49:38:7e:
ec:33:06:65:f5:bc:67:c5:e7:f8:1c:1e:b5:7c:9b:f4:34:25:
28:c1:7e:75:ec:25:31:13:3d:a0:7e:f1:6a:02:bc:a7:ad:e6:
4d:99:2c:c7:38:a2:c7:4b:9e:60:c5:f8:f6:94:84:5e:83:b0:
1a:7d:2a:43:2c:8c:12:be:84:70:38:3a:a5:39:e1:24:1d:55:
fe:bb:24:be:a4:6e:c5:a3:b6:35:94:d0:a8:05:06:7e:b4:52:
fe:da:f2:24:0d:2a:a8:4c:52:0f:e5:0d:67:d9:d7:55:54:58:
ee:93:ed:cb:c8:e6:f2:b4:63:bb:f8:c8:af:da:e6:64:db:e7:
5d:9b:bd:68:61:3a:2e:f7:7e:cc:3d:a6:78:95:e5:35:2f:fd:
80:85:06:40:0b:92:cc:5a:15:b8:2b:50:82:51:4e:7f:42:64:
23:6a:aa:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+8TIXaMIdR7cL3UYCMCzQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MjMwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJlZDllOWEzNDU4ZDhjMDdlMDkxZGE2NjQzZDAyZTU4ODZhNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bIEIzHtAcup1bG+juZ+3KLZFUGa
To4bZ3dTARZXP8FD94ujb+nSkm1/WBN7yU5rC+5Sb4s0DjYGf6P1ASuUG0nnbDho
29d6+Qjw4EBjqRJPjqjlSln2hd808+ESCTNl+CBRcQ3hHRt/lamE5JoEpWWRzr6e
8jXeNscvLxaoW47WOZP1dPhVHupYdVlG8H/XRWQZhD2fFHScEocchRft/985Oj9p
Ntw6oT7UzZYQgKpiK2G7Z5NQHs9t62fRIW5v4YuE40bpx7ZyrsCyfBHDGW5gOMEX
bgyJ+KWP4hqjAupIQnWOnXaYlFYa5t0V+NeN2KLntNwlGcgXr/b2hwks/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFG+2emjRY2MB+CR2mZD0C5YhqTXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVWI3WjZhTkZqWXdINEpIYVprUFFMbGlHcE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABlar7AgUQaRdn8sUZD3
Xe57PnymgqOvF6XQH7CA537n3Kgxhlw6SQbs5/CruR1E0wS4x9q52GIb7dc2c6Dd
aWIXeCJSA0gEpL9yWo87MHfVu2Y15JqKkkk4fuwzBmX1vGfF5/gcHrV8m/Q0JSjB
fnXsJTETPaB+8WoCvKet5k2ZLMc4osdLnmDF+PaUhF6DsBp9KkMsjBK+hHA4OqU5
4SQdVf67JL6kbsWjtjWU0KgFBn60Uv7a8iQNKqhMUg/lDWfZ11VUWO6T7cvI5vK0
Y7v4yK/a5mTb512bvWhhOi73fsw9pniV5TUv/YCFBkALksxaFbgrUIJRTn9CZCNq
qok=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:05:18 2025 by rpki-client