Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/clDUDXzpioeCCrE-aAxdyvKryc0.roa
File: clDUDXzpioeCCrE-aAxdyvKryc0.roa (raw, json)
Hash identifier: MBsjNgTVwJhBSGypStHl83zlEWAguTvttuSTc9wBN6I=
Subject key identifier: 72:50:D4:0D:7C:E9:8A:87:82:0A:B1:3E:68:0C:5D:CA:F2:AB:C9:CD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF0AD1B49F68004C9DACC156BE7F46285
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/clDUDXzpioeCCrE-aAxdyvKryc0.roa
Signing time: Fri 07 Jun 2024 03:10:27 +0000
ROA not before: Fri 07 Jun 2024 03:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f0:ad:1b:49:f6:80:04:c9:da:cc:15:6b:e7:f4:62:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 7 03:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7250d40d7ce98a87820ab13e680c5dcaf2abc9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:06:18:e6:1f:2a:6f:ae:d0:b2:13:ef:ec:82:
1d:73:fa:10:58:9a:0b:75:6e:fa:96:56:89:a5:df:
dd:6d:10:18:d8:1a:7e:11:e0:b1:60:01:a7:7b:aa:
39:73:66:94:ab:35:73:3e:23:c6:70:2f:2c:84:4c:
3f:76:8a:57:46:e7:38:33:e6:c4:84:b5:17:71:d9:
8b:c6:65:a6:be:91:ae:2b:3f:3b:09:35:31:e3:92:
ae:6f:b8:06:48:04:6b:fa:11:9e:2b:28:18:df:b3:
f1:75:56:84:fb:88:20:07:54:f9:1a:5f:5a:55:41:
81:76:af:2a:1c:14:4a:91:ac:32:cb:5f:1e:d1:d5:
8c:4a:ef:9f:fa:c1:a3:28:73:52:39:20:a5:2d:2a:
2b:00:ba:6e:4f:91:16:92:7e:a4:35:3b:3d:d6:67:
2c:39:21:d6:6f:43:1e:e0:82:06:0a:94:e1:0c:18:
63:8f:d2:18:80:bf:96:0f:e8:77:bc:a2:4a:73:30:
b3:c1:68:93:8a:e6:9e:03:20:da:e6:cb:f9:ad:e3:
d3:74:7b:94:b8:f0:75:1a:de:9d:19:2f:23:6c:3a:
40:aa:4c:69:1e:84:3b:c3:d0:3e:7a:df:02:de:6a:
9c:87:0b:c4:9f:ea:04:4d:3f:67:b7:f6:73:2c:fa:
d9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:50:D4:0D:7C:E9:8A:87:82:0A:B1:3E:68:0C:5D:CA:F2:AB:C9:CD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/clDUDXzpioeCCrE-aAxdyvKryc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:e1:20:c6:4f:ee:40:81:c5:f3:0c:bc:9f:18:f5:ac:e7:87:
cb:02:12:cf:da:e9:56:fb:5a:28:05:a6:26:90:63:54:16:f4:
ea:7d:d5:56:d8:bf:39:78:0f:2d:41:56:47:cc:22:2f:25:f4:
4e:77:43:f8:94:f9:1d:08:55:68:09:dd:72:44:2e:e9:f2:0e:
fb:35:4d:aa:a1:71:a0:29:0c:79:ee:18:52:23:d9:a9:98:c9:
da:bf:77:bb:c4:58:03:ea:aa:54:50:5a:1c:3b:bb:82:ba:ee:
72:42:9f:5e:25:f4:da:f0:f0:04:3a:41:e3:bf:96:70:df:56:
98:03:17:9b:a1:ed:3d:32:1a:99:5b:d2:46:e2:e8:cd:5b:51:
46:0f:58:ee:68:47:bb:6a:23:9c:53:47:34:18:b3:09:3e:c6:
99:a3:e2:9b:87:13:67:bc:10:1d:2d:5f:5a:b2:46:bf:34:54:
49:42:dc:c3:92:ea:32:41:d8:7f:67:43:54:dd:46:62:4c:1e:
ee:02:1a:3e:9e:5d:8f:5e:ea:74:bf:86:09:72:77:f3:d8:0f:
13:91:a8:99:07:ee:99:0f:7d:a1:84:57:f7:c3:a0:7e:bb:24:
66:ae:87:2f:38:3a:e5:51:c8:14:9d:10:eb:6e:79:55:62:13:
e6:13:5e:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/wrRtJ9oAEydrMFWvn9GKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA3MDMxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUwZDQwZDdjZTk4YTg3ODIwYWIxM2U2ODBjNWRjYWYyYWJjOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQYY5h8qb67QshPv7IIdc/oQWJoL
dW76llaJpd/dbRAY2Bp+EeCxYAGne6o5c2aUqzVzPiPGcC8shEw/dopXRuc4M+bE
hLUXcdmLxmWmvpGuKz87CTUx45Kub7gGSARr+hGeKygY37PxdVaE+4ggB1T5Gl9a
VUGBdq8qHBRKkawyy18e0dWMSu+f+sGjKHNSOSClLSorALpuT5EWkn6kNTs91mcs
OSHWb0Me4IIGCpThDBhjj9IYgL+WD+h3vKJKczCzwWiTiuaeAyDa5sv5rePTdHuU
uPB1Gt6dGS8jbDpAqkxpHoQ7w9A+et8C3mqchwvEn+oETT9nt/ZzLPrZMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJQ1A186YqHggqxPmgMXcryq8nNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY2xEVURYenBpb2VDQ3JFLWFBeGR5dktyeWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD3hIMZP7kCBxfMMvJ8Y
9aznh8sCEs/a6Vb7WigFpiaQY1QW9Op91VbYvzl4Dy1BVkfMIi8l9E53Q/iU+R0I
VWgJ3XJELunyDvs1TaqhcaApDHnuGFIj2amYydq/d7vEWAPqqlRQWhw7u4K67nJC
n14l9Nrw8AQ6QeO/lnDfVpgDF5uh7T0yGplb0kbi6M1bUUYPWO5oR7tqI5xTRzQY
swk+xpmj4puHE2e8EB0tX1qyRr80VElC3MOS6jJB2H9nQ1TdRmJMHu4CGj6eXY9e
6nS/hglyd/PYDxORqJkH7pkPfaGEV/fDoH67JGauhy84OuVRyBSdEOtueVViE+YT
Xjc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:10:26 2025 by rpki-client