Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YiQg7e012DxOvLO9v7K377lFRIk.roa
File: YiQg7e012DxOvLO9v7K377lFRIk.roa (raw, json)
Hash identifier: kjuBxyNDHwXc0j72XJ3fcT7lg/QwYveATjSmSIHCY44=
Subject key identifier: 62:24:20:ED:ED:35:D8:3C:4E:BC:B3:BD:BF:B2:B7:EF:B9:45:44:89
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019011B8AEF4EEE35A8A685F40768761E20B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YiQg7e012DxOvLO9v7K377lFRIk.roa
Signing time: Thu 13 Jun 2024 13:10:34 +0000
ROA not before: Thu 13 Jun 2024 13:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:b8:ae:f4:ee:e3:5a:8a:68:5f:40:76:87:61:e2:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 13 13:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=622420eded35d83c4ebcb3bdbfb2b7efb9454489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:30:9e:dd:01:1e:1f:03:3b:d6:3f:74:05:fa:
0a:56:6c:f5:68:a8:02:50:ae:79:bb:c1:2b:dd:23:
17:18:bd:f6:66:10:e2:42:29:3d:1f:71:e6:58:ce:
0a:76:06:02:99:ac:1e:0a:8b:6d:5a:10:03:dc:49:
79:d6:02:85:8b:d2:f4:5e:9e:d4:e7:f6:9d:ac:c3:
ec:87:11:e8:e1:75:08:61:6d:c8:e5:db:ca:d4:8b:
5c:98:4b:57:9e:86:c3:b1:0c:27:5f:60:b6:13:fa:
45:26:3c:65:7d:f9:69:e6:52:cd:15:fd:5d:03:96:
a8:55:6c:26:f1:60:a2:d1:ca:0a:b1:92:2d:ae:1f:
72:65:71:ff:b7:f0:66:21:f1:c2:fa:3f:ce:41:59:
68:e5:94:96:85:b8:da:c5:9d:6a:58:39:6d:e4:40:
ca:1c:dd:2b:c1:5b:54:1a:96:88:65:6f:fb:4e:0b:
13:ba:3c:e3:0e:8a:34:b2:55:b2:e5:31:14:06:e7:
91:4d:e1:39:95:4a:15:a6:91:39:e1:02:6f:f3:98:
01:a8:ec:5f:83:db:14:1e:8a:40:9e:3d:d2:e6:e6:
1d:1f:08:15:3a:08:b0:1b:a9:f2:e0:0f:a7:53:fa:
8a:82:81:a2:c9:0a:4d:08:df:5a:b6:56:e5:7a:bd:
13:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:24:20:ED:ED:35:D8:3C:4E:BC:B3:BD:BF:B2:B7:EF:B9:45:44:89
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YiQg7e012DxOvLO9v7K377lFRIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:1d:42:17:90:43:bc:7a:a0:cd:92:97:c5:f7:69:4f:ad:98:
ca:f7:9b:ad:02:2a:d0:58:57:79:16:b0:64:fc:b1:96:a5:e8:
3d:c3:de:db:41:16:07:0a:ed:52:33:77:e5:c9:ac:1f:4f:4b:
ab:47:a5:3b:d8:81:bb:19:5a:fc:c2:29:28:43:3d:36:dc:d6:
e2:99:a6:9b:7a:8e:8a:89:49:b0:31:07:6d:69:cf:c0:d8:64:
c5:92:ac:90:08:ee:80:49:8d:e6:ca:ea:d9:47:fa:06:56:28:
89:59:e6:5e:32:6c:92:b5:32:1a:ac:ec:e8:1e:0c:bc:64:36:
8b:c8:8e:61:bc:59:57:c4:91:c4:a7:61:82:d3:54:67:88:05:
3c:d1:af:d4:32:54:69:91:fc:48:82:c5:3a:97:6e:a6:56:9c:
8b:fd:cf:ad:aa:8b:56:60:a6:c4:53:70:e3:15:56:07:cc:09:
08:e6:01:c2:f4:18:39:18:58:ba:14:dd:f3:18:c7:8b:6c:6e:
eb:10:c3:36:9f:fb:3d:1c:0d:2e:d5:f1:bb:8e:d5:8f:e8:22:
fe:85:bc:95:6c:29:52:ad:aa:d9:25:5c:0b:84:1b:df:f6:42:
57:6d:31:04:75:e3:86:d8:99:f5:43:49:96:af:a4:93:41:af:
b4:62:a1:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZARuK707uNaimhfQHaHYeILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEzMTMxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjI0MjBlZGVkMzVkODNjNGViY2IzYmRiZmIyYjdlZmI5NDU0NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjCe3QEeHwM71j90BfoKVmz1aKgC
UK55u8Er3SMXGL32ZhDiQik9H3HmWM4KdgYCmaweCottWhAD3El51gKFi9L0Xp7U
5/adrMPshxHo4XUIYW3I5dvK1ItcmEtXnobDsQwnX2C2E/pFJjxlfflp5lLNFf1d
A5aoVWwm8WCi0coKsZItrh9yZXH/t/BmIfHC+j/OQVlo5ZSWhbjaxZ1qWDlt5EDK
HN0rwVtUGpaIZW/7TgsTujzjDoo0slWy5TEUBueRTeE5lUoVppE54QJv85gBqOxf
g9sUHopAnj3S5uYdHwgVOgiwG6ny4A+nU/qKgoGiyQpNCN9atlbler0TFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGIkIO3tNdg8Tryzvb+yt++5RUSJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWWlRZzdlMDEyRHhPdkxPOXY3SzM3N2xGUklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIEdQheQQ7x6oM2Sl8X3
aU+tmMr3m60CKtBYV3kWsGT8sZal6D3D3ttBFgcK7VIzd+XJrB9PS6tHpTvYgbsZ
WvzCKShDPTbc1uKZppt6joqJSbAxB21pz8DYZMWSrJAI7oBJjebK6tlH+gZWKIlZ
5l4ybJK1Mhqs7OgeDLxkNovIjmG8WVfEkcSnYYLTVGeIBTzRr9QyVGmR/EiCxTqX
bqZWnIv9z62qi1ZgpsRTcOMVVgfMCQjmAcL0GDkYWLoU3fMYx4tsbusQwzaf+z0c
DS7V8buO1Y/oIv6FvJVsKVKtqtklXAuEG9/2QldtMQR144bYmfVDSZavpJNBr7Ri
odk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:21 2025 by rpki-client