Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9QEaKjUhNBPGt_NcDT0BeGSCvs.roa
File: W9QEaKjUhNBPGt_NcDT0BeGSCvs.roa (raw, json)
Hash identifier: 80XLTh4TCaFeMwtN8S02N0uaKBlTA+D/nDbTWxp1fzY=
Subject key identifier: 5B:D4:04:68:A8:D4:84:D0:4F:1A:DF:CD:70:34:F4:05:E1:92:0A:FB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909F52FCEDDA8B9D529FA5A78D487711AE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9QEaKjUhNBPGt_NcDT0BeGSCvs.roa
Signing time: Thu 11 Jul 2024 01:05:34 +0000
ROA not before: Thu 11 Jul 2024 01:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:9f52:2053/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9f:52:fc:ed:da:8b:9d:52:9f:a5:a7:8d:48:77:11:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 11 01:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bd40468a8d484d04f1adfcd7034f405e1920afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:f7:6c:7a:31:f9:29:1f:84:d7:5a:fe:21:
cf:96:31:5b:de:6c:5c:10:d3:39:e2:35:f8:38:45:
21:aa:57:f9:79:ef:43:5e:69:34:c6:8f:6d:6a:33:
5d:62:27:8c:e5:ef:ff:1e:66:07:69:32:e6:a9:d3:
3c:12:84:29:d4:d3:2d:74:2a:76:db:60:e6:b1:d4:
1e:2b:b0:35:b6:92:af:52:c6:3f:ae:fd:db:e8:f6:
d2:6b:08:f9:82:07:b6:8e:f6:33:05:1c:65:79:d9:
24:8a:46:c5:70:1d:5f:59:0a:3b:88:66:63:c6:c5:
f0:5c:df:8a:0a:f2:92:b7:5b:6c:b6:ae:1f:1f:65:
c7:d2:07:d2:00:4c:a3:a7:39:20:fb:f4:b1:e5:96:
f1:b5:ad:03:55:01:f8:94:3d:97:76:9a:c9:af:4c:
4e:1c:37:f1:8c:25:96:99:1c:c2:73:19:bb:7e:44:
22:d1:1c:46:88:9f:4d:5e:4c:df:27:28:8e:e1:b5:
aa:ca:2d:0e:b9:76:81:a5:48:64:1c:40:47:4d:0c:
f7:85:a2:97:09:fc:ad:6b:f6:f5:e3:e4:d2:b9:35:
d3:d7:eb:b9:66:8b:a8:fe:ea:97:63:71:32:00:a6:
e2:c4:6e:79:ae:ed:76:66:e5:a4:bd:af:d1:79:a0:
5a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D4:04:68:A8:D4:84:D0:4F:1A:DF:CD:70:34:F4:05:E1:92:0A:FB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W9QEaKjUhNBPGt_NcDT0BeGSCvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:0e:3b:0c:56:40:89:57:bc:e2:6a:70:38:60:c7:eb:93:2c:
06:a3:db:97:dc:09:a2:f0:09:d1:75:91:d3:df:92:0f:8f:d3:
8b:1a:24:26:80:21:9d:2e:90:9d:67:91:7e:be:45:14:0b:0e:
3c:ce:d5:8a:ea:17:be:74:e8:8d:c2:63:88:b9:c5:89:e0:58:
a8:f3:7c:f0:b7:ed:e6:b2:fd:10:3f:c8:4b:2b:44:e3:8e:37:
a8:c7:e0:4a:0a:80:1f:ab:d6:a3:61:11:02:e5:85:6a:b5:16:
d6:4e:2a:a8:d8:34:63:91:1f:a4:7f:a2:57:f3:0c:1b:8c:16:
e8:4e:36:ab:c5:7d:10:38:3e:ef:b4:58:e6:00:68:a0:23:e2:
be:dc:a5:3b:b2:a3:17:c0:aa:57:bb:06:33:d4:ad:19:49:e1:
1b:23:5f:d1:77:25:22:59:cd:67:ed:3e:95:dc:2d:80:99:b4:
37:4e:dd:5d:be:0c:f9:ac:4f:7d:a1:cd:f3:92:ff:70:36:18:
91:11:88:69:42:86:40:47:bb:bb:1c:30:88:54:3f:e8:d3:21:
03:82:9f:0d:3f:58:5b:02:cd:2c:40:51:83:95:ac:be:9c:a0:
9c:70:76:f9:8d:09:ce:04:54:e9:1c:c2:f8:7f:0c:aa:2e:f7:
2e:46:ef:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCfUvzt2oudUp+lp41IdxGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzExMDEwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ0MDQ2OGE4ZDQ4NGQwNGYxYWRmY2Q3MDM0ZjQwNWUxOTIwYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnET3bHox+SkfhNda/iHPljFb3mxc
ENM54jX4OEUhqlf5ee9DXmk0xo9tajNdYieM5e//HmYHaTLmqdM8EoQp1NMtdCp2
22DmsdQeK7A1tpKvUsY/rv3b6PbSawj5gge2jvYzBRxledkkikbFcB1fWQo7iGZj
xsXwXN+KCvKSt1tstq4fH2XH0gfSAEyjpzkg+/Sx5Zbxta0DVQH4lD2XdprJr0xO
HDfxjCWWmRzCcxm7fkQi0RxGiJ9NXkzfJyiO4bWqyi0OuXaBpUhkHEBHTQz3haKX
Cfyta/b14+TSuTXT1+u5Zouo/uqXY3EyAKbixG55ru12ZuWkva/ReaBaCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFvUBGio1ITQTxrfzXA09AXhkgr7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVzlRRWFLalVoTkJQR3RfTmNEVDBCZUdTQ3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG0OOwxWQIlXvOJqcDhg
x+uTLAaj25fcCaLwCdF1kdPfkg+P04saJCaAIZ0ukJ1nkX6+RRQLDjzO1YrqF750
6I3CY4i5xYngWKjzfPC37eay/RA/yEsrROOON6jH4EoKgB+r1qNhEQLlhWq1FtZO
KqjYNGORH6R/olfzDBuMFuhONqvFfRA4Pu+0WOYAaKAj4r7cpTuyoxfAqle7BjPU
rRlJ4RsjX9F3JSJZzWftPpXcLYCZtDdO3V2+DPmsT32hzfOS/3A2GJERiGlChkBH
u7scMIhUP+jTIQOCnw0/WFsCzSxAUYOVrL6coJxwdvmNCc4EVOkcwvh/DKou9y5G
7wU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:10:01 2025 by rpki-client