Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kbSce8uv4i2yvliUOt8mKwhZjL8.roa
File: kbSce8uv4i2yvliUOt8mKwhZjL8.roa (raw, json)
Hash identifier: oFS8Pf/1KInFzcql0besPgqm2BX7O1azsXZKGcrzXh8=
Subject key identifier: 91:B4:9C:7B:CB:AF:E2:2D:B2:BE:58:94:3A:DF:26:2B:08:59:8C:BF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEB144E94051E77741DDE20B172BD955C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kbSce8uv4i2yvliUOt8mKwhZjL8.roa
Signing time: Thu 06 Jun 2024 01:05:27 +0000
ROA not before: Thu 06 Jun 2024 01:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:eb13:7324/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:eb:14:4e:94:05:1e:77:74:1d:de:20:b1:72:bd:95:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 01:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b49c7bcbafe22db2be58943adf262b08598cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:af:87:e0:6a:d5:cb:f7:c0:30:27:dd:96:32:
14:f2:3f:b8:74:b9:9a:d9:61:8e:25:d1:c8:87:d2:
3e:7f:f3:dc:9d:a0:b4:f5:8e:89:a6:07:d8:e8:14:
75:79:bf:9f:29:90:8b:d4:b3:6c:a4:d0:1e:58:11:
0f:93:56:f3:21:a6:aa:6c:9c:a0:0f:14:c9:9c:f2:
d8:54:a6:d4:a5:2d:f5:59:63:d0:6e:88:6a:f2:0f:
4f:95:73:87:ae:6f:bb:71:5f:2c:e7:0e:33:01:30:
7d:1a:b5:fc:6d:32:25:96:d3:f3:7e:f4:1f:69:a7:
fb:86:a4:df:0e:83:36:7d:b5:66:32:a3:89:47:81:
1c:6e:e0:35:d1:cc:f5:3c:2a:49:f2:7e:60:a7:25:
c9:39:d6:1d:83:f4:79:46:e8:d9:a3:38:f5:53:7a:
e5:06:5e:da:ef:99:90:56:b1:d7:a3:26:40:6a:71:
61:3e:0e:42:d0:ee:61:4f:49:a5:9b:f0:8a:76:0c:
eb:3b:8f:50:84:1c:65:61:09:4e:bb:dd:eb:27:3b:
63:9c:ba:1d:ed:11:9c:2f:fa:77:4f:e2:de:c1:f0:
c7:48:e6:0f:72:dc:ef:da:d0:47:a3:2b:46:e6:77:
c8:27:41:b0:27:6c:6f:73:15:18:6d:2a:ba:f4:dd:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B4:9C:7B:CB:AF:E2:2D:B2:BE:58:94:3A:DF:26:2B:08:59:8C:BF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kbSce8uv4i2yvliUOt8mKwhZjL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:b6:4c:6f:c1:75:7e:7d:22:33:76:e0:67:e4:02:18:d5:cf:
af:d1:c7:c1:5d:b0:c3:74:4a:4d:ed:49:1b:c8:12:8b:c0:cd:
ba:67:b1:c1:7e:ca:0d:84:7d:f1:5d:1d:2f:79:0c:76:78:19:
1a:99:1a:2f:b0:da:0d:23:75:65:dd:85:30:11:2c:4a:9e:89:
4c:13:e8:80:fa:97:86:4f:ed:e5:17:d9:d8:e1:5b:26:44:a1:
5c:f3:6f:7a:2b:5b:c9:d8:72:59:c0:2f:a3:b5:ab:13:e0:e0:
d3:fc:bd:0e:43:29:b3:d9:69:c0:8e:bb:1a:d5:b1:ff:70:0b:
86:49:40:68:a0:bd:c0:bd:ef:d8:8d:40:86:cf:96:0a:22:cd:
47:e8:f5:20:52:2d:d4:80:0e:4f:8c:17:06:17:01:ca:f9:d7:
0f:d3:57:3b:01:22:e6:45:34:b5:5a:46:e2:8b:44:17:a9:be:
f6:ee:4c:25:e8:ba:ee:72:e1:d9:e3:91:f7:74:1e:ed:fb:4f:
84:b3:a9:71:a8:23:c7:cb:76:b3:58:5d:52:64:79:e9:66:b4:
cc:de:c3:4a:a1:3b:bf:1a:9e:d2:a5:65:ce:da:82:3d:b3:01:
45:fe:af:46:7f:a7:df:c4:9c:ed:59:87:cd:6d:4a:f6:4d:12:
5c:8e:36:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/rFE6UBR53dB3eILFyvZVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MDEwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI0OWM3YmNiYWZlMjJkYjJiZTU4OTQzYWRmMjYyYjA4NTk4Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna+H4GrVy/fAMCfdljIU8j+4dLma
2WGOJdHIh9I+f/PcnaC09Y6JpgfY6BR1eb+fKZCL1LNspNAeWBEPk1bzIaaqbJyg
DxTJnPLYVKbUpS31WWPQbohq8g9PlXOHrm+7cV8s5w4zATB9GrX8bTIlltPzfvQf
aaf7hqTfDoM2fbVmMqOJR4EcbuA10cz1PCpJ8n5gpyXJOdYdg/R5RujZozj1U3rl
Bl7a75mQVrHXoyZAanFhPg5C0O5hT0mlm/CKdgzrO49QhBxlYQlOu93rJztjnLod
7RGcL/p3T+LewfDHSOYPctzv2tBHoytG5nfIJ0GwJ2xvcxUYbSq69N0RzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJG0nHvLr+Itsr5YlDrfJisIWYy/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva2JTY2U4dXY0aTJ5dmxpVU90OG1Ld2haakw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEK2TG/BdX59IjN24Gfk
AhjVz6/Rx8FdsMN0Sk3tSRvIEovAzbpnscF+yg2EffFdHS95DHZ4GRqZGi+w2g0j
dWXdhTARLEqeiUwT6ID6l4ZP7eUX2djhWyZEoVzzb3orW8nYclnAL6O1qxPg4NP8
vQ5DKbPZacCOuxrVsf9wC4ZJQGigvcC979iNQIbPlgoizUfo9SBSLdSADk+MFwYX
Acr51w/TVzsBIuZFNLVaRuKLRBepvvbuTCXouu5y4dnjkfd0Hu37T4SzqXGoI8fL
drNYXVJkeelmtMzew0qhO78antKlZc7agj2zAUX+r0Z/p9/EnO1Zh81tSvZNElyO
Now=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:13:18 2025 by rpki-client