Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XXsPSFF3qhIUnkfe36PLpXZGMC0.roa
File: XXsPSFF3qhIUnkfe36PLpXZGMC0.roa (raw, json)
Hash identifier: 3/Vn1SF9wDlQUa/XLh5HILkmzXxFpClx7c3glU2wu4E=
Subject key identifier: 5D:7B:0F:48:51:77:AA:12:14:9E:47:DE:DF:A3:CB:A5:76:46:30:2D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909B7BB600B8ED3F89ACD3EA746AE513A9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XXsPSFF3qhIUnkfe36PLpXZGMC0.roa
Signing time: Wed 10 Jul 2024 07:11:34 +0000
ROA not before: Wed 10 Jul 2024 07:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:7b:b6:00:b8:ed:3f:89:ac:d3:ea:74:6a:e5:13:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 07:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d7b0f485177aa12149e47dedfa3cba57646302d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:e7:ff:d3:cd:c1:30:4a:d5:56:18:ac:17:
74:0e:1c:6c:45:b8:df:b1:9e:e6:02:4c:8c:d0:e0:
53:cc:78:a6:f4:6d:6b:e7:f1:f0:ab:8c:30:e4:7a:
f1:5e:64:7b:d4:3e:0c:57:e3:47:3b:fb:5c:c9:a5:
29:7b:31:23:bf:90:3a:f5:90:80:db:05:e9:70:d3:
70:85:a6:88:76:47:0a:bb:12:93:64:62:8c:04:4c:
e8:47:4f:52:b1:46:ad:3a:4d:e8:b9:6d:ba:d0:6f:
5d:ff:c4:41:ae:d8:2f:f8:d9:d8:97:15:14:1a:8a:
fe:b9:a8:3a:ec:bd:93:da:8b:81:1b:ef:5b:49:3f:
e1:40:f0:3b:55:eb:9b:76:fa:4e:96:55:52:53:54:
cc:9e:a0:59:90:76:db:ad:2e:44:b1:2f:a0:c9:0d:
df:62:84:07:75:fd:e5:d6:5c:a5:9c:36:0a:5d:4c:
be:11:0f:73:00:9f:99:d3:55:32:9a:fb:aa:42:d9:
41:b0:61:aa:f2:1f:5e:d3:63:db:87:85:7e:f4:9a:
28:bb:36:3e:c8:a3:22:76:b7:d1:9d:6f:e9:ce:42:
13:f9:d4:6f:85:36:47:5c:e9:2f:79:e7:4f:6d:78:
21:50:af:3b:98:b5:02:60:35:34:79:1b:ca:d8:8b:
7d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7B:0F:48:51:77:AA:12:14:9E:47:DE:DF:A3:CB:A5:76:46:30:2D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XXsPSFF3qhIUnkfe36PLpXZGMC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:56:5e:c6:04:7f:bf:aa:64:27:fe:64:13:39:34:05:42:76:
a8:43:24:09:12:7f:cf:f9:8c:cf:b0:46:47:64:25:12:19:f3:
93:13:08:84:7a:88:cd:93:7d:b7:2d:fe:9d:3c:32:d5:33:01:
03:c3:63:7f:7f:c0:13:1e:1c:2d:b6:ef:78:ba:4d:fd:5b:8c:
8c:60:99:70:1a:77:37:e5:6c:cb:ca:66:96:64:3e:e7:ab:e4:
52:b1:47:ee:3a:e8:f2:1e:d0:76:e2:67:22:5e:dc:92:6a:b5:
fe:be:8c:6a:2a:41:e7:d4:8f:bb:31:29:dd:86:14:60:d0:6b:
fc:3b:df:38:e1:2a:8e:9c:05:af:03:e2:db:70:c2:b6:e9:7e:
64:00:29:ee:5e:60:a2:3f:59:a6:5e:08:78:15:24:7e:48:01:
1c:04:9e:43:3a:ec:3e:3c:47:3f:e7:67:ff:9c:c4:76:cc:12:
77:86:b1:5a:55:f5:dc:d4:91:09:2d:f1:8c:c5:5c:07:9f:f8:
25:ff:d7:ef:e7:ea:02:b7:14:26:97:10:2d:ed:1a:10:82:68:
2f:f6:40:78:e8:af:82:5d:cb:92:ed:2e:2a:f2:57:2f:23:c9:
4d:57:a9:15:9b:b8:af:ea:73:14:e7:bd:2b:eb:87:7d:ab:ae:
60:2f:53:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCbe7YAuO0/iazT6nRq5ROpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMDcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdiMGY0ODUxNzdhYTEyMTQ5ZTQ3ZGVkZmEzY2JhNTc2NDYzMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBDn/9PNwTBK1VYYrBd0DhxsRbjf
sZ7mAkyM0OBTzHim9G1r5/Hwq4ww5HrxXmR71D4MV+NHO/tcyaUpezEjv5A69ZCA
2wXpcNNwhaaIdkcKuxKTZGKMBEzoR09SsUatOk3ouW260G9d/8RBrtgv+NnYlxUU
Gor+uag67L2T2ouBG+9bST/hQPA7VeubdvpOllVSU1TMnqBZkHbbrS5EsS+gyQ3f
YoQHdf3l1lylnDYKXUy+EQ9zAJ+Z01UymvuqQtlBsGGq8h9e02Pbh4V+9JoouzY+
yKMidrfRnW/pzkIT+dRvhTZHXOkveedPbXghUK87mLUCYDU0eRvK2It90wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF17D0hRd6oSFJ5H3t+jy6V2RjAtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFhzUFNGRjNxaElVbmtmZTM2UExwWFpHTUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGdWXsYEf7+qZCf+ZBM5
NAVCdqhDJAkSf8/5jM+wRkdkJRIZ85MTCIR6iM2Tfbct/p08MtUzAQPDY39/wBMe
HC2273i6Tf1bjIxgmXAadzflbMvKZpZkPuer5FKxR+466PIe0HbiZyJe3JJqtf6+
jGoqQefUj7sxKd2GFGDQa/w73zjhKo6cBa8D4ttwwrbpfmQAKe5eYKI/WaZeCHgV
JH5IARwEnkM67D48Rz/nZ/+cxHbMEneGsVpV9dzUkQkt8YzFXAef+CX/1+/n6gK3
FCaXEC3tGhCCaC/2QHjor4Jdy5LtLiryVy8jyU1XqRWbuK/qcxTnvSvrh32rrmAv
U1Q=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:09 2025 by rpki-client