Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WHv8vGke2GSHD1dReth28f8t3jQ.roa
File: WHv8vGke2GSHD1dReth28f8t3jQ.roa (raw, json)
Hash identifier: akGzajNEpLpUUuevlVZkc2Z0G6vppIkWTCfJeI8b+S4=
Subject key identifier: 58:7B:FC:BC:69:1E:D8:64:87:0F:57:51:7A:D8:76:F1:FF:2D:DE:34
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190426D40586B03B73D09AABE369C5CE269
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WHv8vGke2GSHD1dReth28f8t3jQ.roa
Signing time: Sun 23 Jun 2024 00:09:34 +0000
ROA not before: Sun 23 Jun 2024 00:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:42:6d:40:58:6b:03:b7:3d:09:aa:be:36:9c:5c:e2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 00:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587bfcbc691ed864870f57517ad876f1ff2dde34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:b7:64:42:c7:42:4d:d4:da:62:e0:7f:18:
c2:fc:f0:c2:8b:3b:b4:14:36:4c:a0:48:a8:c0:ce:
e9:ac:88:d8:3b:d1:de:e5:fd:c4:80:fc:9b:62:14:
ef:70:67:7b:d3:27:43:d2:c5:78:e2:de:0d:a9:43:
18:35:9e:62:22:ba:03:d0:79:e3:e0:28:1c:0c:33:
56:40:62:c6:66:22:38:d0:a0:81:d1:dc:60:51:b9:
93:e1:66:73:c3:6d:0e:e8:d1:66:2f:8f:71:1a:a1:
d5:a4:3e:64:d3:24:26:08:98:34:90:e9:37:85:c7:
32:4d:8e:63:c0:c5:13:cd:92:6a:50:bf:72:0f:22:
18:ce:df:ec:bb:b3:38:c2:9c:0b:34:47:74:8e:22:
e9:07:50:da:56:f3:a7:af:a1:6f:64:9c:84:4f:d8:
ce:34:54:a0:87:84:dc:69:c8:c1:6b:ab:ed:f3:f1:
f2:e8:04:6a:56:8e:c7:05:14:22:d5:0d:5f:ab:3c:
5a:1e:aa:51:a9:d9:81:1c:99:16:0f:2b:bc:9f:9c:
8b:6b:6f:07:7b:00:a6:4b:a0:c1:d2:19:a6:7d:91:
f6:09:5c:3b:3e:95:9d:30:09:21:6e:0f:4c:20:30:
fa:17:6d:6a:ac:d3:ab:ed:38:9d:4b:1d:f3:cc:57:
2b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7B:FC:BC:69:1E:D8:64:87:0F:57:51:7A:D8:76:F1:FF:2D:DE:34
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WHv8vGke2GSHD1dReth28f8t3jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:70:8f:7d:3d:3d:f3:b5:52:f0:2a:00:61:b0:ae:48:35:4f:
ff:48:93:7c:37:d8:80:dd:06:b9:2b:9c:c5:d1:bb:0f:e1:9e:
c8:7c:5e:35:8f:63:c1:bc:5a:df:ec:06:d1:ef:a2:c6:96:20:
61:fe:99:a4:f0:22:2c:5b:0f:0a:93:66:d0:95:b0:bb:22:8d:
43:21:18:64:a7:c9:38:a9:82:cb:ca:f1:7d:c0:06:16:6b:68:
1c:bb:4f:8d:10:71:8b:91:c0:1c:5a:e8:f6:18:13:57:34:4b:
20:24:dd:bd:dd:e8:13:8b:63:64:5f:d0:5f:4d:f4:f1:98:51:
64:bf:72:1a:cd:98:f3:e4:33:fc:be:5e:79:e4:7e:d7:71:5c:
17:c4:d9:8c:f0:a5:37:cf:d2:bc:9a:41:04:20:25:2f:55:83:
81:bf:24:dc:7c:23:3f:28:4b:60:ef:2b:d5:b9:2d:7e:1d:e8:
fe:5d:ac:04:7b:b2:3c:2d:e0:b7:aa:54:c9:90:56:a2:2d:09:
9b:84:eb:d5:81:42:df:6d:88:f3:fd:19:ed:5e:ba:64:cc:71:
94:5f:c7:9c:98:b7:1f:66:55:32:9e:8b:2e:55:d2:15:66:8d:
ad:7b:eb:20:5c:7d:02:3f:3d:1c:12:d6:88:b3:42:6c:17:f6:
6d:95:99:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBCbUBYawO3PQmqvjacXOJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODdiZmNiYzY5MWVkODY0ODcwZjU3NTE3YWQ4NzZmMWZmMmRkZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lO3ZELHQk3U2mLgfxjC/PDCizu0
FDZMoEiowM7prIjYO9He5f3EgPybYhTvcGd70ydD0sV44t4NqUMYNZ5iIroD0Hnj
4CgcDDNWQGLGZiI40KCB0dxgUbmT4WZzw20O6NFmL49xGqHVpD5k0yQmCJg0kOk3
hccyTY5jwMUTzZJqUL9yDyIYzt/su7M4wpwLNEd0jiLpB1DaVvOnr6FvZJyET9jO
NFSgh4TcacjBa6vt8/Hy6ARqVo7HBRQi1Q1fqzxaHqpRqdmBHJkWDyu8n5yLa28H
ewCmS6DB0hmmfZH2CVw7PpWdMAkhbg9MIDD6F21qrNOr7TidSx3zzFcrwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFh7/LxpHthkhw9XUXrYdvH/Ld40MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV0h2OHZHa2UyR1NIRDFkUmV0aDI4Zjh0M2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBwj309PfO1UvAqAGGw
rkg1T/9Ik3w32IDdBrkrnMXRuw/hnsh8XjWPY8G8Wt/sBtHvosaWIGH+maTwIixb
DwqTZtCVsLsijUMhGGSnyTipgsvK8X3ABhZraBy7T40QcYuRwBxa6PYYE1c0SyAk
3b3d6BOLY2Rf0F9N9PGYUWS/chrNmPPkM/y+XnnkftdxXBfE2YzwpTfP0ryaQQQg
JS9Vg4G/JNx8Iz8oS2DvK9W5LX4d6P5drAR7sjwt4LeqVMmQVqItCZuE69WBQt9t
iPP9Ge1eumTMcZRfx5yYtx9mVTKeiy5V0hVmja176yBcfQI/PRwS1oizQmwX9m2V
me4=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:59 2025 by rpki-client