Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cFMCXwlZXweaHqswkwR1CZw2upk.roa
File: cFMCXwlZXweaHqswkwR1CZw2upk.roa (raw, json)
Hash identifier: rd76aRqqCBpjki0RGJXdsZN/sYKBh2MsBjHzIwQaJnk=
Subject key identifier: 70:53:02:5F:09:59:5F:07:9A:1E:AB:30:93:04:75:09:9C:36:BA:99
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB129920FB3405ED7651D15CAB6248450
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cFMCXwlZXweaHqswkwR1CZw2upk.roa
Signing time: Sat 25 May 2024 19:10:42 +0000
ROA not before: Sat 25 May 2024 19:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b1:29:92:0f:b3:40:5e:d7:65:1d:15:ca:b6:24:84:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 19:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7053025f09595f079a1eab30930475099c36ba99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cc:74:a8:92:01:a8:fd:99:34:27:86:43:f9:
2f:1a:66:21:ad:30:7e:0e:c7:e0:6f:25:d5:bd:67:
dd:ce:6f:e2:d4:28:f6:cc:89:52:04:02:d1:23:27:
cd:4c:a1:2c:0e:92:40:70:d4:94:ee:e9:85:c1:d3:
b2:93:60:d7:ef:7b:f4:ff:e8:0b:01:89:9c:af:cf:
38:0a:ae:09:04:fb:01:11:e8:c5:92:00:ff:74:cd:
a6:2c:ef:a6:b1:3e:69:2e:ca:c9:0a:59:6c:7a:a5:
ff:df:46:7f:15:7d:2f:26:bc:f3:dd:b7:da:b0:5b:
08:a6:5e:ed:a1:f0:e5:16:cd:86:a1:ce:5f:e4:5a:
35:ac:c9:89:1b:f0:41:f9:fa:54:56:12:bd:3c:25:
de:1c:57:b0:45:28:43:2e:bc:bc:c8:c6:47:27:30:
29:69:66:0f:62:a9:50:f9:d8:81:3c:a0:7f:a3:92:
cb:dc:09:1e:14:61:23:9d:b0:79:85:99:7b:2f:11:
03:6e:1a:ee:fc:69:cd:48:59:d1:09:61:63:de:78:
fe:db:83:6a:d0:08:1b:73:1a:e7:25:d6:f2:57:78:
9b:91:90:3d:4a:cf:7f:b0:5c:91:4f:a7:60:03:06:
d4:e6:37:a7:52:0f:e6:35:ab:0b:dd:6d:10:0a:cf:
96:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:53:02:5F:09:59:5F:07:9A:1E:AB:30:93:04:75:09:9C:36:BA:99
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cFMCXwlZXweaHqswkwR1CZw2upk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:f8:11:7a:e1:0c:67:b0:ff:fd:94:ad:19:51:7a:0b:53:49:
bf:ef:c3:8c:af:eb:ad:1f:fe:87:82:12:40:fa:11:c1:30:fa:
bb:b6:42:c5:83:9a:ab:ba:3f:8e:98:b1:29:4c:da:f5:4b:db:
5f:a1:c0:ad:92:1b:37:2e:51:7c:ce:7a:84:71:1c:ba:60:e3:
35:f9:51:93:f0:69:cb:d6:86:39:1c:0a:6e:27:a1:fc:00:35:
4b:cc:46:00:17:1a:b3:04:0b:b2:ba:f8:0d:73:52:d5:dc:75:
aa:c4:5f:a4:61:17:fe:bd:ef:ed:c9:50:a7:64:8f:a7:9e:d7:
f4:e7:31:34:89:f3:32:13:8f:ea:11:d6:1a:8b:df:31:83:99:
1f:7d:b2:0b:31:db:15:3f:69:60:67:87:64:e5:ae:87:79:fa:
8c:1c:77:a3:b7:6c:73:14:ff:1d:bd:3c:22:c9:c3:10:86:b4:
6d:e9:e8:96:76:67:90:02:04:0d:bf:c7:d1:44:95:fb:f0:ca:
e7:47:c7:c5:79:4c:f3:cb:a9:2d:83:96:19:c1:05:48:42:53:
25:fd:47:03:c8:a9:ff:14:f1:01:24:32:ea:11:55:ba:92:89:
5b:fb:ae:9d:63:a6:d2:66:1c:30:2a:f2:19:3d:89:7f:74:7d:
d1:79:dd:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+xKZIPs0Be12UdFcq2JIRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MTkxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDUzMDI1ZjA5NTk1ZjA3OWExZWFiMzA5MzA0NzUwOTljMzZiYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsx0qJIBqP2ZNCeGQ/kvGmYhrTB+
DsfgbyXVvWfdzm/i1Cj2zIlSBALRIyfNTKEsDpJAcNSU7umFwdOyk2DX73v0/+gL
AYmcr884Cq4JBPsBEejFkgD/dM2mLO+msT5pLsrJCllseqX/30Z/FX0vJrzz3bfa
sFsIpl7tofDlFs2Goc5f5Fo1rMmJG/BB+fpUVhK9PCXeHFewRShDLry8yMZHJzAp
aWYPYqlQ+diBPKB/o5LL3AkeFGEjnbB5hZl7LxEDbhru/GnNSFnRCWFj3nj+24Nq
0AgbcxrnJdbyV3ibkZA9Ss9/sFyRT6dgAwbU5jenUg/mNasL3W0QCs+WHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHBTAl8JWV8Hmh6rMJMEdQmcNrqZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY0ZNQ1h3bFpYd2VhSHFzd2t3UjFDWncydXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAb4EXrhDGew//2UrRlR
egtTSb/vw4yv660f/oeCEkD6EcEw+ru2QsWDmqu6P46YsSlM2vVL21+hwK2SGzcu
UXzOeoRxHLpg4zX5UZPwacvWhjkcCm4nofwANUvMRgAXGrMEC7K6+A1zUtXcdarE
X6RhF/697+3JUKdkj6ee1/TnMTSJ8zITj+oR1hqL3zGDmR99sgsx2xU/aWBnh2Tl
rod5+owcd6O3bHMU/x29PCLJwxCGtG3p6JZ2Z5ACBA2/x9FElfvwyudHx8V5TPPL
qS2DlhnBBUhCUyX9RwPIqf8U8QEkMuoRVbqSiVv7rp1jptJmHDAq8hk9iX90fdF5
3YU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:21:42 2025 by rpki-client