Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dFjjoQbV3nmRDLg75-MXa8yGu18.roa
File: dFjjoQbV3nmRDLg75-MXa8yGu18.roa (raw, json)
Hash identifier: u52c58RM7jPe+MluNYsIvyGRbYSl2WaMecU605exhjI=
Subject key identifier: 74:58:E3:A1:06:D5:DE:79:91:0C:B8:3B:E7:E3:17:6B:CC:86:BB:5F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190757A290F2E28C5FD357EED7EDBB22CBD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dFjjoQbV3nmRDLg75-MXa8yGu18.roa
Signing time: Tue 02 Jul 2024 22:04:18 +0000
ROA not before: Tue 02 Jul 2024 22:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:757a:f05/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:75:7a:29:0f:2e:28:c5:fd:35:7e:ed:7e:db:b2:2c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 22:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7458e3a106d5de79910cb83be7e3176bcc86bb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:58:c2:fa:23:2f:96:25:1e:68:83:d3:52:
37:6f:95:b5:52:0d:4d:07:07:4c:41:4e:b7:e4:c9:
f6:99:7c:bf:85:0c:83:98:98:1b:0f:e3:de:48:34:
6a:f5:d5:83:b2:ca:0f:6d:e2:4c:b5:07:3e:db:ac:
88:ec:c1:59:24:83:6f:d2:f0:1f:2b:75:95:e7:74:
5f:7a:cc:20:d9:6b:79:47:e3:e3:4a:c8:5c:16:0a:
f5:94:6e:d7:1f:32:74:0f:cb:e1:72:d4:7d:22:5f:
3c:c3:2b:74:e3:c9:87:99:f9:2e:5c:0e:7c:c4:db:
29:4d:0f:da:16:02:a2:e1:35:33:91:75:2e:c2:a1:
1a:7d:e7:32:68:1f:9b:57:98:46:7f:cb:3e:b0:5d:
01:e1:40:56:27:a4:79:49:ec:04:7b:fe:54:15:74:
c9:0c:6e:00:a2:b2:46:e2:84:dd:02:95:97:03:7b:
b4:f2:47:6e:32:dc:29:cd:cd:ff:fe:7a:6c:03:37:
fa:ba:5b:f7:93:d6:92:59:25:27:ce:2b:55:92:e0:
f1:c2:53:ec:c1:07:c2:fc:15:bd:9c:8c:b4:af:bc:
b9:1d:10:df:b4:78:d1:95:dd:35:ee:e5:e5:15:b8:
4a:c5:e3:ba:5a:42:7b:33:e4:4e:4d:93:dd:dc:f9:
75:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:58:E3:A1:06:D5:DE:79:91:0C:B8:3B:E7:E3:17:6B:CC:86:BB:5F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dFjjoQbV3nmRDLg75-MXa8yGu18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:a9:03:b3:00:7e:d7:0f:0b:c0:53:ff:cc:50:2d:45:40:fb:
84:5b:f2:ef:22:c9:b5:b8:71:4f:e4:e8:a3:80:8c:bf:8c:65:
4b:f3:92:fe:1e:78:7e:3c:ff:4e:d4:03:e0:bb:51:09:29:ee:
ed:9b:a9:8d:cd:53:a8:2d:85:60:5a:3f:7f:23:cf:6f:6d:9b:
4c:1e:ec:04:ad:e1:cc:d4:88:98:7a:32:50:e6:23:41:bb:41:
ef:f3:fa:a6:ed:4a:53:06:49:5d:2d:e9:bc:c0:f6:7a:ad:60:
43:c5:78:60:51:b4:b8:a0:06:3a:ee:90:e0:8f:f3:9f:cb:73:
ee:8d:35:d1:ba:a9:5f:d5:96:62:81:4a:ca:05:d9:36:c1:da:
e7:b8:33:af:e8:69:cd:8e:72:a1:2f:f6:98:e5:2f:e1:22:23:
f4:ae:48:fd:ea:6b:fe:42:d0:36:e8:7a:9d:81:f2:eb:b9:cd:
c6:a7:02:a0:63:41:9f:43:77:94:98:35:1c:50:0f:4c:13:22:
0f:1c:54:6c:85:74:05:df:71:6c:2f:e2:7a:4e:a8:22:b6:10:
93:84:92:8c:4c:c1:de:26:29:a7:18:0a:20:5e:6f:63:76:4f:
68:a4:54:6b:70:f4:03:41:4f:f3:db:da:d5:35:ac:26:73:44:
10:d0:f4:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB1eikPLijF/TV+7X7bsiy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMjIwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDU4ZTNhMTA2ZDVkZTc5OTEwY2I4M2JlN2UzMTc2YmNjODZiYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnhYwvojL5YlHmiD01I3b5W1Ug1N
BwdMQU635Mn2mXy/hQyDmJgbD+PeSDRq9dWDssoPbeJMtQc+26yI7MFZJINv0vAf
K3WV53Rfeswg2Wt5R+PjSshcFgr1lG7XHzJ0D8vhctR9Il88wyt048mHmfkuXA58
xNspTQ/aFgKi4TUzkXUuwqEafecyaB+bV5hGf8s+sF0B4UBWJ6R5SewEe/5UFXTJ
DG4AorJG4oTdApWXA3u08kduMtwpzc3//npsAzf6ulv3k9aSWSUnzitVkuDxwlPs
wQfC/BW9nIy0r7y5HRDftHjRld017uXlFbhKxeO6WkJ7M+ROTZPd3Pl15QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHRY46EG1d55kQy4O+fjF2vMhrtfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZEZqam9RYlYzbm1SRExnNzUtTVhhOHlHdTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADWpA7MAftcPC8BT/8xQ
LUVA+4Rb8u8iybW4cU/k6KOAjL+MZUvzkv4eeH48/07UA+C7UQkp7u2bqY3NU6gt
hWBaP38jz29tm0we7ASt4czUiJh6MlDmI0G7Qe/z+qbtSlMGSV0t6bzA9nqtYEPF
eGBRtLigBjrukOCP85/Lc+6NNdG6qV/VlmKBSsoF2TbB2ue4M6/oac2OcqEv9pjl
L+EiI/SuSP3qa/5C0Dboep2B8uu5zcanAqBjQZ9Dd5SYNRxQD0wTIg8cVGyFdAXf
cWwv4npOqCK2EJOEkoxMwd4mKacYCiBeb2N2T2ikVGtw9ANBT/Pb2tU1rCZzRBDQ
9Hc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:51 2025 by rpki-client