Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_BrwiFf-hMgQ2jxk1D_94N9t6VM.roa
File: _BrwiFf-hMgQ2jxk1D_94N9t6VM.roa (raw, json)
Hash identifier: e9D7CL6dhaASKOHidXRZ1RWTuTzzCICaoGgsHRLHgzA=
Subject key identifier: FC:1A:F0:88:57:FE:84:C8:10:DA:3C:64:D4:3F:FD:E0:DF:6D:E9:53
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A712F0566519ACCAAC244830C7BCD032
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_BrwiFf-hMgQ2jxk1D_94N9t6VM.roa
Signing time: Fri 12 Jul 2024 13:12:34 +0000
ROA not before: Fri 12 Jul 2024 13:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:12:f0:56:65:19:ac:ca:ac:24:48:30:c7:bc:d0:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 13:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc1af08857fe84c810da3c64d43ffde0df6de953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3e:63:5f:a8:e6:3e:1e:e8:3b:58:c1:92:2f:
4a:9f:5a:7d:c4:7c:7c:90:ad:7c:80:2d:0a:8e:e2:
2c:28:9a:69:7d:9b:1d:f9:4c:31:16:1e:67:d0:05:
a9:51:c4:9b:48:36:6e:33:f4:1b:34:b9:1b:a2:d6:
7f:5c:a9:1b:0d:26:18:54:35:6e:22:7d:57:6b:db:
17:78:e2:6b:08:01:f0:98:d8:1a:e7:25:b5:fb:94:
ec:6a:a9:67:3c:f8:bd:6b:f6:51:41:cd:43:8e:53:
ec:38:e2:78:5a:ca:08:31:2e:be:e9:88:66:70:6a:
f0:04:df:19:04:fb:e1:95:03:0d:b8:10:65:54:fb:
c6:c9:45:5b:f0:5a:9c:ad:4b:89:c9:b4:1f:bf:bb:
68:c6:e6:56:33:d6:42:04:de:a9:03:58:f2:57:da:
c2:21:c7:3c:36:09:de:f1:46:9c:72:7d:95:83:89:
56:62:23:e7:ed:1e:94:5e:62:cc:43:5f:39:e0:96:
f5:a6:1a:07:4a:4f:16:de:83:4e:7d:b0:0a:43:9f:
c4:02:70:78:a1:91:bd:8f:e8:d2:17:c6:13:49:98:
c9:79:55:44:1c:28:9e:14:ad:34:d4:7c:ba:07:64:
35:11:e6:28:06:14:10:aa:31:24:16:68:0a:1d:1c:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1A:F0:88:57:FE:84:C8:10:DA:3C:64:D4:3F:FD:E0:DF:6D:E9:53
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_BrwiFf-hMgQ2jxk1D_94N9t6VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:d2:42:b7:59:17:61:f1:51:c9:2c:fd:34:9b:ee:53:90:fe:
7a:7c:13:d4:96:48:85:2c:ec:0a:f3:2a:11:ac:a3:4f:4f:67:
1a:fd:b6:31:20:aa:cb:8a:a8:0d:58:cb:fe:10:1f:57:e4:0b:
40:66:4b:64:d4:15:31:bb:c3:0f:b6:c2:b4:5f:17:61:0a:32:
4f:06:86:fb:71:18:9f:f5:3f:11:dd:ed:f5:bf:f3:17:71:35:
58:2e:bc:2c:b1:62:0b:4f:6f:86:8a:5f:a6:23:d7:38:d3:ac:
d7:c3:4e:34:b3:b3:8f:46:1f:89:de:45:d7:7a:a9:35:08:fd:
07:a2:29:9b:cd:c9:7a:f1:93:6c:f0:23:4e:31:73:49:7c:8f:
d3:51:49:58:03:44:15:7d:75:ad:86:49:af:e7:18:0c:9c:10:
f0:47:58:73:71:2b:02:b2:aa:99:5c:82:cb:c7:9b:f0:e0:ba:
c1:16:8f:61:69:3e:ca:ec:d0:20:da:e8:5c:61:0f:46:4f:f1:
28:8a:c7:83:5f:fc:13:d9:2c:aa:6d:02:85:ce:3f:d2:a5:bb:
26:63:c0:c4:a4:ad:00:e2:92:3e:d3:48:22:7c:44:b5:67:e0:
81:f8:21:23:80:25:78:0d:e2:9a:49:89:6a:50:3a:75:99:a0:
d2:d2:95:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCnEvBWZRmsyqwkSDDHvNAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMTMxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzFhZjA4ODU3ZmU4NGM4MTBkYTNjNjRkNDNmZmRlMGRmNmRlOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6D5jX6jmPh7oO1jBki9Kn1p9xHx8
kK18gC0KjuIsKJppfZsd+UwxFh5n0AWpUcSbSDZuM/QbNLkbotZ/XKkbDSYYVDVu
In1Xa9sXeOJrCAHwmNga5yW1+5TsaqlnPPi9a/ZRQc1DjlPsOOJ4WsoIMS6+6Yhm
cGrwBN8ZBPvhlQMNuBBlVPvGyUVb8FqcrUuJybQfv7toxuZWM9ZCBN6pA1jyV9rC
Icc8Ngne8Uaccn2Vg4lWYiPn7R6UXmLMQ1854Jb1phoHSk8W3oNOfbAKQ5/EAnB4
oZG9j+jSF8YTSZjJeVVEHCieFK001Hy6B2Q1EeYoBhQQqjEkFmgKHRzE8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPwa8IhX/oTIENo8ZNQ//eDfbelTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX0Jyd2lGZi1oTWdRMmp4azFEXzk0Tjl0NlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADHSQrdZF2HxUcks/TSb
7lOQ/np8E9SWSIUs7ArzKhGso09PZxr9tjEgqsuKqA1Yy/4QH1fkC0BmS2TUFTG7
ww+2wrRfF2EKMk8GhvtxGJ/1PxHd7fW/8xdxNVguvCyxYgtPb4aKX6Yj1zjTrNfD
TjSzs49GH4neRdd6qTUI/QeiKZvNyXrxk2zwI04xc0l8j9NRSVgDRBV9da2GSa/n
GAycEPBHWHNxKwKyqplcgsvHm/DgusEWj2FpPsrs0CDa6FxhD0ZP8SiKx4Nf/BPZ
LKptAoXOP9KluyZjwMSkrQDikj7TSCJ8RLVn4IH4ISOAJXgN4ppJiWpQOnWZoNLS
lec=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:05:31 2025 by rpki-client