Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gxNMsum1tPIzkP_-k2CFDGfV1jg.roa
File: gxNMsum1tPIzkP_-k2CFDGfV1jg.roa (raw, json)
Hash identifier: J2ldlitJnsjNntCp12onT3Rbi35Dr/fx7D6rcPIS4As=
Subject key identifier: 83:13:4C:B2:E9:B5:B4:F2:33:90:FF:FE:93:60:85:0C:67:D5:D6:38
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907E4CC426DF534BF7F494CAE3F75A5EAD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gxNMsum1tPIzkP_-k2CFDGfV1jg.roa
Signing time: Thu 04 Jul 2024 15:11:18 +0000
ROA not before: Thu 04 Jul 2024 15:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:4c:c4:26:df:53:4b:f7:f4:94:ca:e3:f7:5a:5e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 4 15:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83134cb2e9b5b4f23390fffe9360850c67d5d638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3c:03:7c:c1:f9:a8:8f:df:38:92:0b:9c:df:
ea:e7:2e:60:87:92:d4:78:c0:d3:88:35:09:cc:da:
ad:c6:e1:19:a9:84:2f:41:8d:7c:73:ad:49:b0:5a:
21:bf:e1:9a:81:96:e7:a2:5a:a5:5e:23:d4:27:c8:
ce:05:cc:d9:5e:f0:f6:99:dc:94:3b:db:d9:50:ac:
c2:c8:f7:17:26:29:d9:7b:49:09:65:df:ac:69:21:
03:0c:3f:db:b9:e3:b3:dc:4f:0f:c6:b5:68:f3:8d:
69:ec:39:28:ac:6b:9d:35:69:b7:82:5d:8f:04:ec:
4d:ce:33:62:25:51:b9:56:af:1a:e5:10:68:9b:5c:
27:4c:de:d0:6a:4b:b3:f4:f7:a4:26:14:f0:32:f5:
2d:6e:c7:eb:c2:8d:17:fe:a3:5a:a7:33:42:7e:c6:
ed:2b:c7:e7:db:0c:6a:2f:78:26:d2:e4:b0:da:fc:
19:64:3a:67:46:6b:36:80:b4:30:d8:52:7b:ad:db:
38:e0:20:8b:8a:38:ff:fc:3f:b0:76:32:e7:72:07:
d0:b3:5a:0a:f4:0e:90:b6:fb:46:6f:1a:96:cc:de:
3a:9d:ee:af:6b:b4:f7:7d:62:71:a4:a5:7b:e7:05:
98:45:0b:f8:2d:df:32:5c:d7:94:44:7c:21:ad:ef:
16:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:13:4C:B2:E9:B5:B4:F2:33:90:FF:FE:93:60:85:0C:67:D5:D6:38
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gxNMsum1tPIzkP_-k2CFDGfV1jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:86:70:29:7e:24:37:58:3d:4a:2b:a0:7b:20:08:ba:77:b5:
c9:08:52:a4:f6:8e:31:a7:2b:89:2f:8e:f5:12:69:48:57:10:
25:58:2c:d0:41:98:12:72:69:6e:05:cd:d0:a3:ec:84:2e:5f:
df:be:31:e5:9f:38:c6:0e:bd:fb:c7:87:2c:87:c4:a5:38:91:
d2:8b:cc:ec:38:ea:dc:ad:15:8e:ce:43:e9:ff:b7:a2:02:ed:
e4:0e:6b:b5:5c:60:85:31:8e:be:53:f2:f8:7e:1d:21:15:21:
78:91:47:54:85:0a:24:f1:d7:e1:6f:b4:09:dc:60:21:3f:ce:
28:47:41:51:a6:88:7f:cf:a8:1c:a2:36:49:b8:00:ed:28:7e:
28:bc:52:b1:14:3c:38:b1:4a:a7:ef:18:07:82:46:85:4d:4e:
52:86:75:7a:26:27:fb:e6:42:89:db:91:64:66:b0:3a:19:06:
6a:83:19:22:93:ac:28:3e:b0:0b:71:ff:d1:7b:fe:11:8f:a0:
9f:a5:4f:2b:27:e1:65:86:a6:50:6a:a4:c7:c0:3d:7a:40:a8:
e4:ab:0e:1e:c9:c3:4d:88:39:b0:38:94:0f:29:91:c3:9c:42:
b0:76:1c:51:80:6f:41:77:f4:5d:2d:bd:56:a6:76:e7:26:72:
6e:a2:4e:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB+TMQm31NL9/SUyuP3Wl6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA0MTUxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzEzNGNiMmU5YjViNGYyMzM5MGZmZmU5MzYwODUwYzY3ZDVkNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zwDfMH5qI/fOJILnN/q5y5gh5LU
eMDTiDUJzNqtxuEZqYQvQY18c61JsFohv+GagZbnolqlXiPUJ8jOBczZXvD2mdyU
O9vZUKzCyPcXJinZe0kJZd+saSEDDD/bueOz3E8PxrVo841p7DkorGudNWm3gl2P
BOxNzjNiJVG5Vq8a5RBom1wnTN7Qakuz9PekJhTwMvUtbsfrwo0X/qNapzNCfsbt
K8fn2wxqL3gm0uSw2vwZZDpnRms2gLQw2FJ7rds44CCLijj//D+wdjLncgfQs1oK
9A6QtvtGbxqWzN46ne6va7T3fWJxpKV75wWYRQv4Ld8yXNeURHwhre8WiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIMTTLLptbTyM5D//pNghQxn1dY4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ3hOTXN1bTF0UEl6a1BfLWsyQ0ZER2ZWMWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECGcCl+JDdYPUoroHsg
CLp3tckIUqT2jjGnK4kvjvUSaUhXECVYLNBBmBJyaW4FzdCj7IQuX9++MeWfOMYO
vfvHhyyHxKU4kdKLzOw46tytFY7OQ+n/t6IC7eQOa7VcYIUxjr5T8vh+HSEVIXiR
R1SFCiTx1+FvtAncYCE/zihHQVGmiH/PqByiNkm4AO0ofii8UrEUPDixSqfvGAeC
RoVNTlKGdXomJ/vmQonbkWRmsDoZBmqDGSKTrCg+sAtx/9F7/hGPoJ+lTysn4WWG
plBqpMfAPXpAqOSrDh7Jw02IObA4lA8pkcOcQrB2HFGAb0F39F0tvVamducmcm6i
TuQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:12:04 2025 by rpki-client