Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h0Iv8m1Av-9nB6PG5IxzuYHd8fg.roa
File: h0Iv8m1Av-9nB6PG5IxzuYHd8fg.roa (raw, json)
Hash identifier: scdORPGJjHACsVOMlvzlEiJH9GOhmXW42Kh/3OKSxMA=
Subject key identifier: 87:42:2F:F2:6D:40:BF:EF:67:07:A3:C6:E4:8C:73:B9:81:DD:F1:F8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A4B88496974A0816D40536E308128FE8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h0Iv8m1Av-9nB6PG5IxzuYHd8fg.roa
Signing time: Fri 12 Jul 2024 02:14:34 +0000
ROA not before: Fri 12 Jul 2024 02:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a4:b8:84:96:97:4a:08:16:d4:05:36:e3:08:12:8f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 02:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87422ff26d40bfef6707a3c6e48c73b981ddf1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:14:22:3e:5b:c8:49:34:06:93:a5:6d:bd:
9f:f2:4a:98:a5:84:bd:2e:74:b6:b4:d6:34:d0:4f:
7b:87:17:d9:31:41:67:73:f8:f8:a3:3f:e2:ce:c5:
82:b9:ab:c0:7d:34:6d:9b:46:11:51:9c:4d:46:25:
c3:e5:e5:0f:c1:17:97:bb:75:7b:25:0c:c3:64:69:
5f:99:4d:9f:10:25:46:1a:31:53:19:4b:f9:29:75:
7d:94:d7:73:d9:d2:58:1f:1e:52:d4:76:83:9d:61:
a7:b2:a5:a3:aa:b3:e5:95:6e:c6:b8:ba:7b:0f:77:
83:2e:f0:6f:57:c8:27:48:4f:19:a0:9e:24:e8:31:
e6:53:8e:8d:2a:a8:45:c5:4b:eb:4e:c5:7a:7a:25:
8e:84:5d:b0:f6:35:6b:de:10:98:ea:fc:ee:8c:95:
58:0e:d1:17:ad:d8:9a:16:72:32:36:2f:6a:00:d8:
d2:5d:12:6b:51:2d:bb:e7:ba:44:ab:e1:22:fb:1a:
09:dd:81:46:ad:a4:76:14:87:a7:7a:1e:54:59:80:
46:71:f1:f3:ed:3c:e2:ce:85:20:c5:41:1e:7b:d8:
e3:bf:d3:7c:f3:6c:7a:50:a0:fe:fd:46:72:cb:1e:
48:e2:ab:d9:4d:38:98:c5:88:19:8d:66:d1:5d:05:
9f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:42:2F:F2:6D:40:BF:EF:67:07:A3:C6:E4:8C:73:B9:81:DD:F1:F8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h0Iv8m1Av-9nB6PG5IxzuYHd8fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:25:9b:df:97:10:80:7b:c5:fd:80:a6:bc:14:c8:d8:57:9f:
21:c0:0c:37:d1:50:21:af:f5:93:f8:e7:99:23:46:b3:ee:d6:
1f:29:4c:22:6d:5d:76:4b:bb:70:46:4b:8c:5b:7b:04:30:18:
c4:8b:5c:ab:10:32:09:cf:7e:94:67:85:a0:3d:0c:88:a7:5e:
34:bc:58:87:c5:57:77:ca:dc:4b:48:1d:c8:89:1f:ce:fd:2c:
79:c9:33:c0:d8:37:08:d3:53:93:96:72:92:1c:12:7a:b6:ec:
d5:ca:da:ba:7a:81:28:0f:2c:51:96:70:ce:39:d3:c5:86:f3:
3f:03:23:a9:b4:78:58:3d:21:3b:55:10:60:9c:c2:dd:e7:ac:
70:89:76:2c:9f:c8:80:df:ae:7e:d6:c3:b8:c8:85:89:ad:bf:
f9:53:22:cd:ee:75:a4:ff:84:7e:08:15:a2:bb:74:75:b7:29:
5d:82:21:fc:bb:31:52:78:eb:e3:df:bd:ca:86:97:2b:41:bc:
8c:ae:3d:8f:ce:73:15:78:30:8e:47:de:54:84:ad:d3:41:45:
28:fc:4a:a5:45:97:b6:55:05:59:f5:49:0b:67:ec:df:69:07:
9d:2d:9e:65:5a:9c:3d:29:4f:cf:5e:41:8c:c8:23:cf:85:83:
1f:d5:dc:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCkuISWl0oIFtQFNuMIEo/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMDIxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQyMmZmMjZkNDBiZmVmNjcwN2EzYzZlNDhjNzNiOTgxZGRmMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucwUIj5byEk0BpOlbb2f8kqYpYS9
LnS2tNY00E97hxfZMUFnc/j4oz/izsWCuavAfTRtm0YRUZxNRiXD5eUPwReXu3V7
JQzDZGlfmU2fECVGGjFTGUv5KXV9lNdz2dJYHx5S1HaDnWGnsqWjqrPllW7GuLp7
D3eDLvBvV8gnSE8ZoJ4k6DHmU46NKqhFxUvrTsV6eiWOhF2w9jVr3hCY6vzujJVY
DtEXrdiaFnIyNi9qANjSXRJrUS2757pEq+Ei+xoJ3YFGraR2FIeneh5UWYBGcfHz
7TzizoUgxUEee9jjv9N882x6UKD+/UZyyx5I4qvZTTiYxYgZjWbRXQWfpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdCL/JtQL/vZwejxuSMc7mB3fH4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaDBJdjhtMUF2LTluQjZQRzVJeHp1WUhkOGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGAlm9+XEIB7xf2AprwU
yNhXnyHADDfRUCGv9ZP455kjRrPu1h8pTCJtXXZLu3BGS4xbewQwGMSLXKsQMgnP
fpRnhaA9DIinXjS8WIfFV3fK3EtIHciJH879LHnJM8DYNwjTU5OWcpIcEnq27NXK
2rp6gSgPLFGWcM4508WG8z8DI6m0eFg9ITtVEGCcwt3nrHCJdiyfyIDfrn7Ww7jI
hYmtv/lTIs3udaT/hH4IFaK7dHW3KV2CIfy7MVJ46+PfvcqGlytBvIyuPY/OcxV4
MI5H3lSErdNBRSj8SqVFl7ZVBVn1SQtn7N9pB50tnmVanD0pT89eQYzII8+Fgx/V
3AU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:42 2025 by rpki-client