Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dATOl8qfdUEI_oyOrqWa4kh1s1I.roa
File: dATOl8qfdUEI_oyOrqWa4kh1s1I.roa (raw, json)
Hash identifier: PsJitr5n+MV9sNRrbWBxiGarPxK84zzm//SMnn/QGuc=
Subject key identifier: 74:04:CE:97:CA:9F:75:41:08:FE:8C:8E:AE:A5:9A:E2:48:75:B3:52
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019046B7E1BDFC6C96CCBBCBA4756E5961FE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dATOl8qfdUEI_oyOrqWa4kh1s1I.roa
Signing time: Sun 23 Jun 2024 20:09:34 +0000
ROA not before: Sun 23 Jun 2024 20:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:46:b7:e1:bd:fc:6c:96:cc:bb:cb:a4:75:6e:59:61:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 20:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7404ce97ca9f754108fe8c8eaea59ae24875b352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ba:00:28:71:3b:9b:ba:c8:92:ee:ef:fd:33:
49:9e:be:6c:02:10:92:73:93:57:50:09:0c:7f:55:
22:18:fd:c0:2d:b9:c2:1c:04:94:81:cd:72:b0:c6:
4a:b1:ec:f7:da:65:68:cd:11:c9:a9:15:bf:49:fe:
d5:f9:2a:85:2f:d9:36:56:bf:58:94:e3:f4:e8:48:
62:0e:ee:59:f6:30:af:d5:85:58:87:0e:b2:0b:0d:
0a:7d:92:85:6e:92:d5:ac:d6:70:3e:37:cf:ad:e4:
3b:b1:ff:1d:6b:ed:0e:aa:0d:32:c2:b2:cc:b8:e8:
c6:6f:e6:45:03:24:ed:e0:fd:de:77:22:55:59:b4:
a5:a3:d4:2d:60:31:7b:08:db:f5:a6:0e:a9:08:9a:
62:4f:4a:a8:43:f3:99:90:15:d5:54:3f:70:34:a3:
cb:86:c1:4f:a9:ee:0e:53:63:a3:a1:26:e4:7b:2c:
dc:36:bb:5f:85:44:ac:7a:2e:18:f1:1b:d5:ea:09:
b7:b1:5d:0a:9e:9d:cd:c4:e3:71:63:09:c2:9b:2a:
2f:a2:51:53:fa:52:aa:fb:e5:99:5d:1d:98:9d:bb:
9f:a5:8c:d2:c1:52:7d:a3:c7:d8:8a:df:4a:5d:27:
76:a6:23:8b:ad:1c:14:4f:3a:a0:3b:46:ee:01:43:
56:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:04:CE:97:CA:9F:75:41:08:FE:8C:8E:AE:A5:9A:E2:48:75:B3:52
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dATOl8qfdUEI_oyOrqWa4kh1s1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:8b:72:3a:d2:8a:a0:25:09:74:90:1b:4d:8c:a9:6b:01:6d:
31:e2:ae:8d:02:2a:f1:9c:91:97:36:a8:85:4b:12:c9:9f:13:
00:a9:84:5e:d4:f8:bd:7e:8d:9e:b5:61:4c:51:07:8f:b0:81:
69:9e:aa:be:0c:81:b6:49:ba:c1:20:3b:ad:66:59:a1:67:c4:
f1:a1:f2:ad:cc:9e:37:c6:6f:bf:d8:5f:97:da:87:89:9a:a7:
d5:10:4b:3d:88:2c:9c:89:ad:db:55:5d:8b:62:29:0c:c7:bc:
08:7c:4b:2e:eb:c6:f4:06:37:b0:80:66:5e:ce:25:79:55:24:
d8:3f:a9:f1:e1:0f:48:c5:39:5e:e0:91:32:1f:d6:66:51:d9:
cd:de:04:49:e6:34:c0:62:aa:03:4f:44:d1:63:8f:ae:23:35:
ec:60:7a:96:43:8e:ae:72:1a:cb:80:88:9b:32:77:07:ed:b2:
7b:c7:7c:14:b9:ce:03:5e:1b:d2:cf:ec:53:c5:70:48:e4:61:
a7:7a:a2:fb:5a:f7:11:77:9d:da:84:ff:cf:3f:ca:c5:f4:b5:
1b:bd:4a:a0:26:15:67:6f:96:9f:56:6f:1d:7e:bd:2c:47:97:
bf:a8:14:ad:76:93:6c:4f:31:16:d3:b9:f2:9c:c5:e8:34:8e:
77:b6:03:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBGt+G9/GyWzLvLpHVuWWH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMjAwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA0Y2U5N2NhOWY3NTQxMDhmZThjOGVhZWE1OWFlMjQ4NzViMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjroAKHE7m7rIku7v/TNJnr5sAhCS
c5NXUAkMf1UiGP3ALbnCHASUgc1ysMZKsez32mVozRHJqRW/Sf7V+SqFL9k2Vr9Y
lOP06EhiDu5Z9jCv1YVYhw6yCw0KfZKFbpLVrNZwPjfPreQ7sf8da+0Oqg0ywrLM
uOjGb+ZFAyTt4P3edyJVWbSlo9QtYDF7CNv1pg6pCJpiT0qoQ/OZkBXVVD9wNKPL
hsFPqe4OU2OjoSbkeyzcNrtfhUSsei4Y8RvV6gm3sV0Knp3NxONxYwnCmyovolFT
+lKq++WZXR2YnbufpYzSwVJ9o8fYit9KXSd2piOLrRwUTzqgO0buAUNW8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHQEzpfKn3VBCP6Mjq6lmuJIdbNSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZEFUT2w4cWZkVUVJX295T3JxV2E0a2gxczFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECLcjrSiqAlCXSQG02M
qWsBbTHiro0CKvGckZc2qIVLEsmfEwCphF7U+L1+jZ61YUxRB4+wgWmeqr4MgbZJ
usEgO61mWaFnxPGh8q3MnjfGb7/YX5fah4map9UQSz2ILJyJrdtVXYtiKQzHvAh8
Sy7rxvQGN7CAZl7OJXlVJNg/qfHhD0jFOV7gkTIf1mZR2c3eBEnmNMBiqgNPRNFj
j64jNexgepZDjq5yGsuAiJsydwftsnvHfBS5zgNeG9LP7FPFcEjkYad6ovta9xF3
ndqE/88/ysX0tRu9SqAmFWdvlp9Wbx1+vSxHl7+oFK12k2xPMRbTufKcxeg0jne2
A1w=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:10:34 2025 by rpki-client