Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gb7vKJFdS90lhZ564Ng1xOUrjFw.roa
File: gb7vKJFdS90lhZ564Ng1xOUrjFw.roa (raw, json)
Hash identifier: lOraNojr9UBjy+NgUkyZPPmj1N6i7s9avq0p+o0o96w=
Subject key identifier: 81:BE:EF:28:91:5D:4B:DD:25:85:9E:7A:E0:D8:35:C4:E5:2B:8C:5C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FFFE94118EC48BDA90E9D0D191E181D71
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gb7vKJFdS90lhZ564Ng1xOUrjFw.roa
Signing time: Mon 10 Jun 2024 02:10:27 +0000
ROA not before: Mon 10 Jun 2024 02:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ff:e9:41:18:ec:48:bd:a9:0e:9d:0d:19:1e:18:1d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 10 02:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81beef28915d4bdd25859e7ae0d835c4e52b8c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:e6:2c:84:c3:8c:41:ad:64:a0:87:01:8a:
af:ad:08:c8:54:79:22:3b:9e:6b:05:3e:5d:b8:fd:
c2:7b:09:ca:95:a1:62:c1:80:d7:5f:f6:bb:d3:79:
03:4c:4d:15:1c:a9:cb:09:75:b1:4a:65:34:f7:75:
90:63:2e:3b:4d:99:32:a5:5e:29:63:73:a8:69:3f:
21:92:08:0a:1d:17:da:62:d8:56:85:dc:4a:6e:0e:
b3:16:97:76:ec:ba:e4:3e:60:c6:74:7a:18:36:77:
bc:d9:4f:25:a0:51:51:cc:83:d4:3b:d4:24:d5:4c:
49:08:9b:95:df:d4:6e:57:64:42:b8:67:ab:d4:b0:
70:6f:73:4f:37:21:a6:79:38:e5:69:5c:c2:bd:4a:
69:a1:25:e9:46:54:12:e6:13:41:8e:37:bf:35:22:
46:02:c5:8c:06:ab:7b:89:6f:33:79:6f:e3:11:41:
77:ac:e8:8a:8f:38:d4:c0:b2:72:17:ed:85:44:9a:
d2:1b:58:fb:13:61:2a:45:6b:a0:45:77:78:ac:70:
e3:ed:39:6d:5f:70:97:e4:ec:cf:ee:79:c8:a0:63:
60:fb:eb:51:ba:88:15:12:bb:e1:ac:82:3a:90:51:
34:a0:c2:97:64:c7:13:a8:21:fc:7d:25:12:50:c6:
7d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BE:EF:28:91:5D:4B:DD:25:85:9E:7A:E0:D8:35:C4:E5:2B:8C:5C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gb7vKJFdS90lhZ564Ng1xOUrjFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:95:14:47:72:d7:59:ef:fd:81:8d:2e:1a:43:05:85:1e:19:
0e:20:bc:4f:df:12:85:58:5d:83:76:dd:c0:af:6e:4d:99:69:
2e:68:f4:b6:26:a3:5b:ab:6c:e5:32:8b:da:1a:e6:dd:26:08:
e4:b8:bf:92:42:0b:02:4b:26:6b:00:cd:56:15:4b:28:e1:6c:
c1:b7:86:22:4e:b1:20:8b:9e:d2:95:44:b0:a2:4c:63:fc:a8:
de:ef:d5:3c:55:a4:c2:92:db:40:eb:51:1f:8c:1c:3e:f6:12:
60:2e:a2:e3:81:3a:ca:95:83:67:ce:18:d0:d3:af:c3:6b:bc:
aa:55:b3:eb:fa:c1:2b:dd:b5:04:38:97:a2:41:b2:0d:bd:ef:
c4:b1:4e:24:be:c4:10:5c:ac:53:11:18:7e:10:91:c8:43:66:
7f:83:3a:f0:f5:3a:69:47:93:ea:8a:8a:f8:e0:07:93:47:2c:
27:88:6b:3a:2c:0b:02:7b:43:a1:da:77:8b:a1:46:4f:6b:54:
d5:7d:42:e5:f0:f9:a0:39:f3:ae:64:17:a2:a8:52:af:48:72:
4c:61:0f:79:f7:84:73:5e:ad:80:83:73:0b:df:b9:62:88:e8:
d9:cd:a2:be:43:cd:33:88:87:c2:8c:f8:4d:1d:0b:38:68:b3:
e6:09:b2:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY//6UEY7Ei9qQ6dDRkeGB1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEwMDIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWJlZWYyODkxNWQ0YmRkMjU4NTllN2FlMGQ4MzVjNGU1MmI4YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq7mLITDjEGtZKCHAYqvrQjIVHki
O55rBT5duP3CewnKlaFiwYDXX/a703kDTE0VHKnLCXWxSmU093WQYy47TZkypV4p
Y3OoaT8hkggKHRfaYthWhdxKbg6zFpd27LrkPmDGdHoYNne82U8loFFRzIPUO9Qk
1UxJCJuV39RuV2RCuGer1LBwb3NPNyGmeTjlaVzCvUppoSXpRlQS5hNBjje/NSJG
AsWMBqt7iW8zeW/jEUF3rOiKjzjUwLJyF+2FRJrSG1j7E2EqRWugRXd4rHDj7Tlt
X3CX5OzP7nnIoGNg++tRuogVErvhrII6kFE0oMKXZMcTqCH8fSUSUMZ9xQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIG+7yiRXUvdJYWeeuDYNcTlK4xcMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ2I3dktKRmRTOTBsaFo1NjROZzF4T1VyakZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGaVFEdy11nv/YGNLhpD
BYUeGQ4gvE/fEoVYXYN23cCvbk2ZaS5o9LYmo1urbOUyi9oa5t0mCOS4v5JCCwJL
JmsAzVYVSyjhbMG3hiJOsSCLntKVRLCiTGP8qN7v1TxVpMKS20DrUR+MHD72EmAu
ouOBOsqVg2fOGNDTr8NrvKpVs+v6wSvdtQQ4l6JBsg2978SxTiS+xBBcrFMRGH4Q
kchDZn+DOvD1OmlHk+qKivjgB5NHLCeIazosCwJ7Q6Had4uhRk9rVNV9QuXw+aA5
865kF6KoUq9IckxhD3n3hHNerYCDcwvfuWKI6NnNor5DzTOIh8KM+E0dCzhos+YJ
sts=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:12:14 2025 by rpki-client