Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_3qKxY3scn5fxpbRbMUTq2maYUA.roa
File: _3qKxY3scn5fxpbRbMUTq2maYUA.roa (raw, json)
Hash identifier: ZBeDoaIkRXYXTOdpc1IPqf/cgk2lGwxvaoTHtZM4Uig=
Subject key identifier: FF:7A:8A:C5:8D:EC:72:7E:5F:C6:96:D1:6C:C5:13:AB:69:9A:61:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900B0C4EEC7EA49907E99ECD5244DEAA9B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_3qKxY3scn5fxpbRbMUTq2maYUA.roa
Signing time: Wed 12 Jun 2024 06:04:34 +0000
ROA not before: Wed 12 Jun 2024 06:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:b0c:9cd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:0c:4e:ec:7e:a4:99:07:e9:9e:cd:52:44:de:aa:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 12 06:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff7a8ac58dec727e5fc696d16cc513ab699a6140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:39:67:f5:d6:27:3f:e9:50:c9:68:82:fb:fa:
c0:0b:94:fd:25:33:f5:b8:fb:73:13:8d:06:e0:17:
64:d9:f9:0d:86:ff:cb:42:bf:ef:10:02:b5:b4:5b:
ab:a4:32:82:e4:f1:cd:50:c5:cb:09:09:e3:60:9b:
68:f0:f7:6e:94:3c:8a:95:88:c6:44:91:9b:9d:67:
46:6b:34:e2:2f:a9:ff:66:d0:55:ff:86:dc:76:0c:
70:bd:96:e4:62:6f:4a:91:19:59:8e:d9:16:5f:66:
4d:50:94:14:f4:f1:a3:bc:b5:32:46:55:be:75:75:
00:91:42:2e:50:a5:79:da:3d:33:d5:93:19:42:78:
7f:66:fa:71:26:2a:23:ec:db:d5:7e:3e:f1:87:14:
96:4e:b1:f2:e1:68:89:8f:3e:ad:f5:a1:db:88:61:
e5:07:e1:4d:cf:24:a5:9f:08:23:e1:13:e4:05:ed:
bb:a0:63:d4:45:21:fb:ea:fa:ca:1c:d0:7b:c1:d3:
1e:0c:69:9d:ca:e5:3d:78:c6:f3:e8:76:d1:d1:77:
a2:39:98:ce:76:a2:02:d1:8d:be:0e:2c:b6:29:bd:
5b:21:c3:81:23:e1:3e:5c:c3:96:56:da:ca:9a:2b:
44:b6:e8:f9:7f:5e:b0:14:ee:d8:ba:5f:46:88:84:
56:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7A:8A:C5:8D:EC:72:7E:5F:C6:96:D1:6C:C5:13:AB:69:9A:61:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_3qKxY3scn5fxpbRbMUTq2maYUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d0:97:9e:57:92:59:1b:0e:5b:08:98:e3:22:9d:22:19:c8:
73:01:9e:08:52:60:6d:9d:ed:50:82:89:47:b8:ab:a0:77:c3:
ef:c0:5a:e8:44:da:e0:d7:bd:d9:4e:62:a8:b3:48:a4:68:ad:
af:77:1c:12:68:39:39:ef:33:db:0b:5f:92:ad:dc:86:fd:40:
ba:a7:06:b8:06:10:98:19:40:32:5a:8e:56:76:56:1a:3d:25:
00:dc:c3:33:a3:72:5e:98:f7:53:17:f4:52:f9:ab:c1:c3:c5:
14:9c:5f:21:87:ce:13:32:b6:81:d4:c5:df:49:db:b1:04:6a:
f5:1a:25:8d:0f:2d:f5:3d:53:93:ca:ec:e2:53:ec:a2:82:c7:
2b:61:d9:89:7a:d9:79:8a:97:35:a3:8e:06:11:ab:91:6f:39:
84:77:fe:92:36:7e:cd:4f:d9:03:f6:e1:e8:cd:b9:ea:1b:fd:
df:5a:6d:91:c5:b5:43:d4:09:0f:ba:9b:ba:86:8d:0a:4d:89:
db:f7:0a:02:85:31:da:5b:78:d2:5f:06:c9:0b:42:53:b4:7e:
84:1a:8c:49:75:0c:f7:37:fd:1d:bb:55:7d:6e:93:14:60:06:
2b:0e:62:29:99:5b:91:28:ab:6e:ed:33:c8:6a:8f:4c:3d:5e:
29:2b:cb:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZALDE7sfqSZB+mezVJE3qqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEyMDYwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdhOGFjNThkZWM3MjdlNWZjNjk2ZDE2Y2M1MTNhYjY5OWE2MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjln9dYnP+lQyWiC+/rAC5T9JTP1
uPtzE40G4Bdk2fkNhv/LQr/vEAK1tFurpDKC5PHNUMXLCQnjYJto8PdulDyKlYjG
RJGbnWdGazTiL6n/ZtBV/4bcdgxwvZbkYm9KkRlZjtkWX2ZNUJQU9PGjvLUyRlW+
dXUAkUIuUKV52j0z1ZMZQnh/ZvpxJioj7NvVfj7xhxSWTrHy4WiJjz6t9aHbiGHl
B+FNzySlnwgj4RPkBe27oGPURSH76vrKHNB7wdMeDGmdyuU9eMbz6HbR0XeiOZjO
dqIC0Y2+Diy2Kb1bIcOBI+E+XMOWVtrKmitEtuj5f16wFO7Yul9GiIRWXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP96isWN7HJ+X8aW0WzFE6tpmmFAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvXzNxS3hZM3NjbjVmeHBiUmJNVVRxMm1hWVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3Ql55XklkbDlsImOMi
nSIZyHMBnghSYG2d7VCCiUe4q6B3w+/AWuhE2uDXvdlOYqizSKRora93HBJoOTnv
M9sLX5Kt3Ib9QLqnBrgGEJgZQDJajlZ2Vho9JQDcwzOjcl6Y91MX9FL5q8HDxRSc
XyGHzhMytoHUxd9J27EEavUaJY0PLfU9U5PK7OJT7KKCxyth2Yl62XmKlzWjjgYR
q5FvOYR3/pI2fs1P2QP24ejNueob/d9abZHFtUPUCQ+6m7qGjQpNidv3CgKFMdpb
eNJfBskLQlO0foQajEl1DPc3/R27VX1ukxRgBisOYimZW5Eoq27tM8hqj0w9Xikr
yzk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:19 2025 by rpki-client