Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGTl9A3LFvnDNM644C8NZ17RZRs.roa
File: hGTl9A3LFvnDNM644C8NZ17RZRs.roa (raw, json)
Hash identifier: ub8fs9I/rnVa5KZLiT32FANN2cKD30lTAoPWRubHVFA=
Subject key identifier: 84:64:E5:F4:0D:CB:16:F9:C3:34:CE:B8:E0:2F:0D:67:5E:D1:65:1B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEF629ADAC83A8276818178D7F5100D7A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGTl9A3LFvnDNM644C8NZ17RZRs.roa
Signing time: Thu 06 Jun 2024 21:09:27 +0000
ROA not before: Thu 06 Jun 2024 21:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:62:9a:da:c8:3a:82:76:81:81:78:d7:f5:10:0d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 21:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8464e5f40dcb16f9c334ceb8e02f0d675ed1651b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:56:39:24:51:3f:0d:04:db:1e:07:84:62:
61:1e:67:39:34:73:35:29:35:5d:02:6c:02:59:2f:
00:49:cd:f3:d7:60:51:92:5c:c4:34:89:6f:93:15:
57:ac:c3:df:19:42:4c:48:3a:f3:c2:00:a2:2c:60:
e7:f9:18:a2:18:7a:60:02:a9:90:cc:e4:a2:c4:35:
1c:c8:32:e8:7a:f6:60:9c:90:e3:b1:fb:96:c8:35:
5f:d7:f7:9d:ef:9c:7c:62:e3:4d:b1:0e:cd:9a:a8:
88:99:f8:34:6f:d5:d4:2a:02:f8:e8:e7:b5:cc:d0:
a9:ae:9c:6e:22:29:85:84:20:73:8f:ef:3e:05:1f:
1a:b5:70:71:3d:0d:3a:50:f2:b5:94:51:47:a2:0f:
f2:db:05:6d:d5:ee:ad:46:28:93:16:38:2f:7e:ca:
93:65:4f:71:87:2c:59:b7:38:34:0e:be:10:d8:db:
a2:e6:0f:0b:9b:a7:66:56:ab:1e:c0:a3:2c:b5:55:
04:b3:c4:f7:ff:f8:5e:79:13:dd:da:b0:4c:f7:c1:
31:c0:51:87:bd:10:71:8f:7d:49:ca:d6:c9:70:06:
e7:6a:27:3b:10:7a:6b:8e:46:5b:6d:91:0a:59:7e:
61:ea:98:86:58:32:17:b4:37:c3:bc:91:a7:28:26:
e4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:64:E5:F4:0D:CB:16:F9:C3:34:CE:B8:E0:2F:0D:67:5E:D1:65:1B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGTl9A3LFvnDNM644C8NZ17RZRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:ec:16:85:11:7d:da:f3:09:c2:e8:45:ce:09:38:08:70:31:
9f:d9:1c:85:0d:b4:8c:0d:ca:18:fc:9c:37:9d:37:39:8d:ff:
5a:13:91:88:bc:39:6b:5a:c5:63:b0:c6:8c:34:96:c5:cb:65:
62:b5:54:b8:d3:5e:e1:10:65:d6:84:02:30:5d:09:a9:62:30:
6f:bf:41:da:a8:e2:3a:8c:71:27:a5:42:4a:42:c8:c9:f1:89:
1e:de:8b:5f:73:f6:06:e9:27:3f:00:4e:6d:dd:5e:ab:95:00:
8a:c0:d5:9e:31:ec:55:6e:09:50:ba:ac:99:f2:77:82:ed:99:
a4:28:f5:19:8f:5b:ce:12:32:cb:8f:17:f9:36:e8:7b:2f:0c:
9c:21:df:1d:c6:19:71:b8:c0:9f:4b:fd:9d:b5:68:77:c3:fc:
ce:61:3e:a5:ee:bb:18:95:b4:cb:0c:0d:a6:18:a2:e7:0e:a5:
04:cb:20:50:db:5a:5e:cc:98:48:7f:dd:fd:72:f8:47:e1:20:
8d:94:18:ad:37:c6:41:82:3a:b2:c9:4a:52:11:9e:3d:fe:43:
87:ba:fb:f5:7b:e7:5b:f1:d2:64:c4:91:0a:02:69:28:ec:05:
b0:66:14:b0:e6:67:95:44:40:46:ec:3d:67:7f:eb:c0:a5:7e:
a1:b1:9b:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/vYprayDqCdoGBeNf1EA16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MjEwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY0ZTVmNDBkY2IxNmY5YzMzNGNlYjhlMDJmMGQ2NzVlZDE2NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsBWOSRRPw0E2x4HhGJhHmc5NHM1
KTVdAmwCWS8ASc3z12BRklzENIlvkxVXrMPfGUJMSDrzwgCiLGDn+RiiGHpgAqmQ
zOSixDUcyDLoevZgnJDjsfuWyDVf1/ed75x8YuNNsQ7NmqiImfg0b9XUKgL46Oe1
zNCprpxuIimFhCBzj+8+BR8atXBxPQ06UPK1lFFHog/y2wVt1e6tRiiTFjgvfsqT
ZU9xhyxZtzg0Dr4Q2Nui5g8Lm6dmVqsewKMstVUEs8T3//heeRPd2rBM98ExwFGH
vRBxj31JytbJcAbnaic7EHprjkZbbZEKWX5h6piGWDIXtDfDvJGnKCbkZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRk5fQNyxb5wzTOuOAvDWde0WUbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaEdUbDlBM0xGdm5ETk02NDRDOE5aMTdSWlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGLsFoURfdrzCcLoRc4J
OAhwMZ/ZHIUNtIwNyhj8nDedNzmN/1oTkYi8OWtaxWOwxow0lsXLZWK1VLjTXuEQ
ZdaEAjBdCaliMG+/Qdqo4jqMcSelQkpCyMnxiR7ei19z9gbpJz8ATm3dXquVAIrA
1Z4x7FVuCVC6rJnyd4LtmaQo9RmPW84SMsuPF/k26HsvDJwh3x3GGXG4wJ9L/Z21
aHfD/M5hPqXuuxiVtMsMDaYYoucOpQTLIFDbWl7MmEh/3f1y+EfhII2UGK03xkGC
OrLJSlIRnj3+Q4e6+/V751vx0mTEkQoCaSjsBbBmFLDmZ5VEQEbsPWd/68ClfqGx
m9Q=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:08:29 2025 by rpki-client