Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cOFhlY0Z2ocf_f-yGBMsoUwFHzc.roa
File: cOFhlY0Z2ocf_f-yGBMsoUwFHzc.roa (raw, json)
Hash identifier: ngXZNhsv0SsjT8hzySTZWvA2yG9k4a2tAdhmAhb1jiM=
Subject key identifier: 70:E1:61:95:8D:19:DA:87:1F:FD:FF:B2:18:13:2C:A1:4C:05:1F:37
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901C06516905C7A220D6664B1A5BD6210C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cOFhlY0Z2ocf_f-yGBMsoUwFHzc.roa
Signing time: Sat 15 Jun 2024 13:11:34 +0000
ROA not before: Sat 15 Jun 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:06:51:69:05:c7:a2:20:d6:66:4b:1a:5b:d6:21:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70e161958d19da871ffdffb218132ca14c051f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:44:da:23:fe:92:cb:ae:12:fa:91:60:03:
c1:5f:71:40:5c:75:e6:13:3a:14:7a:79:e7:0e:cd:
08:9b:10:36:8e:d4:81:e0:60:40:e3:bf:10:43:0d:
ef:57:a8:cb:23:b2:c4:21:ce:00:07:74:05:06:df:
34:43:86:d7:f1:dc:24:b9:ba:47:49:ec:e6:9c:0b:
e0:ae:1b:a4:03:3c:70:ba:18:34:60:19:ac:4a:28:
0f:ca:ba:83:60:fc:a3:56:fa:a9:36:1a:af:19:8d:
e3:64:11:7e:fa:dc:44:d1:6c:75:8a:e9:02:72:ab:
38:0a:59:b1:33:33:f3:30:ec:35:c7:a1:19:30:16:
94:bc:64:71:52:76:b7:20:82:39:96:45:0a:2d:71:
66:66:a4:b6:02:2f:55:65:cf:43:f0:0d:3e:b5:48:
81:01:c6:ab:6d:9f:60:2e:59:4e:a9:a4:02:3d:46:
8e:6b:1f:b3:d6:ea:ee:a5:23:88:36:14:31:65:99:
c2:18:ff:12:62:22:be:66:13:bb:9e:85:f3:7b:0c:
00:6e:4d:55:3d:06:08:7b:4b:bd:92:d2:0a:cb:90:
a0:d2:3d:53:4d:62:cb:29:b8:c0:d4:1c:f2:c9:64:
70:9b:63:64:f2:ac:8b:55:ad:7a:03:e2:5c:12:c8:
b6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E1:61:95:8D:19:DA:87:1F:FD:FF:B2:18:13:2C:A1:4C:05:1F:37
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cOFhlY0Z2ocf_f-yGBMsoUwFHzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:f7:03:fd:b3:5d:4b:b6:d9:cc:a8:39:a7:d1:dc:7d:a7:2a:
0b:29:fd:59:94:ef:d2:1e:e5:7b:d6:58:bf:8a:02:4b:d2:a2:
5d:02:b6:2b:54:a8:cc:a3:42:6f:52:bc:06:96:22:36:66:3b:
5e:00:13:13:55:ac:0e:a6:26:7c:c3:f4:18:f8:e4:0b:7b:b1:
55:61:cb:aa:d1:70:82:8d:c7:71:67:b4:fd:4f:44:17:06:d9:
0c:aa:f8:6d:66:87:7d:0c:da:04:77:d9:88:cb:b2:1e:2c:5e:
17:5e:c1:1e:56:3e:9d:2a:7b:1f:07:88:9e:4f:8c:b5:37:8c:
f3:2d:eb:9b:91:4b:c4:c4:e3:3f:60:cf:b7:0a:e5:6d:f3:a4:
1c:73:42:66:b4:73:1b:86:4c:11:ff:c7:9c:bc:4a:56:f1:d4:
32:cf:38:42:4f:50:67:4b:c7:48:59:f7:cc:e9:2c:89:e9:3e:
f0:39:69:0d:75:7a:34:a0:52:ba:65:8a:83:fe:9c:8d:83:f8:
4e:08:d9:52:76:75:42:05:d5:12:56:ab:3f:4b:58:a3:ef:be:
b0:52:2d:cc:98:1c:5a:50:03:bc:02:44:a1:05:3f:da:55:3c:
41:53:fb:64:90:38:07:48:2d:73:30:86:c5:87:f0:12:dc:42:
c7:30:56:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAcBlFpBceiINZmSxpb1iEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGUxNjE5NThkMTlkYTg3MWZmZGZmYjIxODEzMmNhMTRjMDUxZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxdE2iP+ksuuEvqRYAPBX3FAXHXm
EzoUennnDs0ImxA2jtSB4GBA478QQw3vV6jLI7LEIc4AB3QFBt80Q4bX8dwkubpH
SezmnAvgrhukAzxwuhg0YBmsSigPyrqDYPyjVvqpNhqvGY3jZBF++txE0Wx1iukC
cqs4ClmxMzPzMOw1x6EZMBaUvGRxUna3III5lkUKLXFmZqS2Ai9VZc9D8A0+tUiB
AcarbZ9gLllOqaQCPUaOax+z1urupSOINhQxZZnCGP8SYiK+ZhO7noXzewwAbk1V
PQYIe0u9ktIKy5Cg0j1TTWLLKbjA1BzyyWRwm2Nk8qyLVa16A+JcEsi2gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHDhYZWNGdqHH/3/shgTLKFMBR83MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY09GaGxZMFoyb2NmX2YteUdCTXNvVXdGSHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJb3A/2zXUu22cyoOafR
3H2nKgsp/VmU79Ie5XvWWL+KAkvSol0CtitUqMyjQm9SvAaWIjZmO14AExNVrA6m
JnzD9Bj45At7sVVhy6rRcIKNx3FntP1PRBcG2Qyq+G1mh30M2gR32YjLsh4sXhde
wR5WPp0qex8HiJ5PjLU3jPMt65uRS8TE4z9gz7cK5W3zpBxzQma0cxuGTBH/x5y8
Slbx1DLPOEJPUGdLx0hZ98zpLInpPvA5aQ11ejSgUrplioP+nI2D+E4I2VJ2dUIF
1RJWqz9LWKPvvrBSLcyYHFpQA7wCRKEFP9pVPEFT+2SQOAdILXMwhsWH8BLcQscw
Vqg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:06:03 2025 by rpki-client