Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hI8Dje7d7zR92BK27MBNTmi9meQ.roa
File: hI8Dje7d7zR92BK27MBNTmi9meQ.roa (raw, json)
Hash identifier: gq8CEWQ5FA3wyO2Nv+6DB7/iXb+EpQvT6ELhSve9EHE=
Subject key identifier: 84:8F:03:8D:EE:DD:EF:34:7D:D8:12:B6:EC:C0:4D:4E:68:BD:99:E4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190A93755A18DCD05B7BEE2ADF802EE2F13
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hI8Dje7d7zR92BK27MBNTmi9meQ.roa
Signing time: Fri 12 Jul 2024 23:11:34 +0000
ROA not before: Fri 12 Jul 2024 23:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a9:37:55:a1:8d:cd:05:b7:be:e2:ad:f8:02:ee:2f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 12 23:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=848f038deeddef347dd812b6ecc04d4e68bd99e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:fa:fa:63:b7:22:f7:83:8e:25:f5:9c:13:
fa:04:68:8d:37:98:67:58:90:cc:0d:99:ce:50:8f:
13:48:8d:dc:e3:c5:ce:8d:44:8f:9e:3e:85:4b:98:
f5:b9:83:3d:e7:93:2b:24:a7:1f:60:f7:89:87:75:
86:95:3e:44:11:47:51:f1:c0:33:03:a5:db:a8:1b:
ce:25:f9:87:d9:84:84:f4:32:0a:de:9d:e7:5d:41:
17:f2:af:ed:8c:e7:97:9b:bd:3e:76:cd:b4:74:fa:
d5:c4:2c:95:97:78:8d:ee:38:dc:50:48:b3:07:43:
ac:36:f7:27:2c:be:1f:55:6f:f6:a8:af:7e:06:6d:
08:11:cc:8a:c4:f1:60:e7:24:a9:c1:bf:57:4c:83:
e8:00:87:85:07:37:2b:78:3e:18:c9:95:3b:e8:d7:
20:8d:b6:04:24:07:65:00:84:6a:75:7f:86:21:af:
70:52:c9:11:34:c5:78:46:6c:93:99:cb:dd:ff:13:
0b:12:18:3b:77:2c:7b:7f:b9:82:98:2f:fe:9f:3a:
94:4b:d2:c8:e4:15:f9:93:04:bd:8a:e8:41:4d:d7:
bb:73:6a:d2:bd:2b:f9:98:90:00:82:a2:5e:d1:6a:
9f:95:92:bd:2d:ee:36:a1:09:49:91:ed:2d:75:92:
a0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8F:03:8D:EE:DD:EF:34:7D:D8:12:B6:EC:C0:4D:4E:68:BD:99:E4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hI8Dje7d7zR92BK27MBNTmi9meQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:48:f8:51:3e:fc:22:79:21:bd:05:1b:23:63:7c:07:0b:4f:
2e:65:b3:c9:e0:b6:f9:d5:fa:f7:fe:4f:d8:cc:f1:0a:63:71:
a8:7d:57:47:a8:e1:80:1b:af:f2:ee:d1:e3:3d:c2:5a:bc:15:
91:5c:ce:41:21:00:cb:dd:09:cc:0a:e7:97:e1:ba:5c:d0:16:
19:0f:40:e9:4c:c5:c5:f4:a4:cb:86:20:fe:9f:78:25:af:14:
06:ce:67:65:bd:57:f7:24:41:85:1c:00:fe:5e:ad:bf:d1:01:
2a:25:e2:1c:a4:fa:78:97:93:30:27:e4:a8:33:d9:be:59:8a:
ba:1b:4a:78:67:00:4b:94:43:82:20:3f:7e:38:f5:57:c9:5b:
71:c4:60:7a:fc:ab:26:c5:b2:00:0c:db:18:be:bc:b1:24:22:
78:f0:c6:fe:b4:38:d5:9a:4d:43:68:e6:11:14:9e:c8:1b:ef:
b3:74:c9:d6:4a:77:a2:79:1c:b1:a6:5a:9e:8e:3d:88:e8:4b:
19:82:91:ad:50:a0:0e:92:c3:5e:ef:44:9b:7d:e5:12:36:a3:
4f:f0:c5:d5:87:44:28:f6:1b:1d:28:7e:0d:53:bd:78:9e:a7:
2c:15:20:39:50:6f:e8:66:85:24:0c:bb:f0:9a:98:4e:74:a4:
7d:ba:ab:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCpN1Whjc0Ft77irfgC7i8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEyMjMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhmMDM4ZGVlZGRlZjM0N2RkODEyYjZlY2MwNGQ0ZTY4YmQ5OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO36+mO3IveDjiX1nBP6BGiNN5hn
WJDMDZnOUI8TSI3c48XOjUSPnj6FS5j1uYM955MrJKcfYPeJh3WGlT5EEUdR8cAz
A6XbqBvOJfmH2YSE9DIK3p3nXUEX8q/tjOeXm70+ds20dPrVxCyVl3iN7jjcUEiz
B0OsNvcnLL4fVW/2qK9+Bm0IEcyKxPFg5ySpwb9XTIPoAIeFBzcreD4YyZU76Ncg
jbYEJAdlAIRqdX+GIa9wUskRNMV4RmyTmcvd/xMLEhg7dyx7f7mCmC/+nzqUS9LI
5BX5kwS9iuhBTde7c2rSvSv5mJAAgqJe0WqflZK9Le42oQlJke0tdZKgDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISPA43u3e80fdgStuzATU5ovZnkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaEk4RGplN2Q3elI5MkJLMjdNQk5UbWk5bWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD9I+FE+/CJ5Ib0FGyNj
fAcLTy5ls8ngtvnV+vf+T9jM8Qpjcah9V0eo4YAbr/Lu0eM9wlq8FZFczkEhAMvd
CcwK55fhulzQFhkPQOlMxcX0pMuGIP6feCWvFAbOZ2W9V/ckQYUcAP5erb/RASol
4hyk+niXkzAn5Kgz2b5ZirobSnhnAEuUQ4IgP3449VfJW3HEYHr8qybFsgAM2xi+
vLEkInjwxv60ONWaTUNo5hEUnsgb77N0ydZKd6J5HLGmWp6OPYjoSxmCka1QoA6S
w17vRJt95RI2o0/wxdWHRCj2Gx0ofg1TvXiepywVIDlQb+hmhSQMu/CamE50pH26
q0U=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:21:40 2025 by rpki-client