Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lDbSRInbFWoFquHvJiUCZihhFKY.roa
File: lDbSRInbFWoFquHvJiUCZihhFKY.roa (raw, json)
Hash identifier: T0is/Ngc87Up0QzB0CNRYETryXpboFfMgKVfh3RHwJQ=
Subject key identifier: 94:36:D2:44:89:DB:15:6A:05:AA:E1:EF:26:25:02:66:28:61:14:A6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901597497527DBDEB7887CF153B4D672AE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lDbSRInbFWoFquHvJiUCZihhFKY.roa
Signing time: Fri 14 Jun 2024 07:12:34 +0000
ROA not before: Fri 14 Jun 2024 07:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:97:49:75:27:db:de:b7:88:7c:f1:53:b4:d6:72:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 14 07:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9436d24489db156a05aae1ef26250266286114a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ab:3b:0a:76:cd:79:ce:1f:5c:20:c6:8f:b0:
0d:22:fc:97:a2:87:27:bc:70:f3:7c:4b:4e:22:fd:
d3:99:c4:10:20:0c:1b:66:dd:13:3d:3e:99:d2:32:
89:81:54:03:51:a6:23:23:93:d3:8f:ae:95:7a:0f:
f3:48:b4:e3:ad:db:05:a5:dd:fa:82:72:80:b9:d7:
2f:47:fa:68:98:0e:5e:11:07:d7:7d:34:38:ff:52:
bb:5a:53:00:74:72:63:f7:18:a2:0c:f8:1c:0e:4b:
29:45:bb:51:dc:20:0c:75:3f:b0:97:86:e4:21:c2:
ad:fb:6f:a1:bc:30:e0:1a:15:39:0e:fb:69:ae:e6:
44:5a:9b:f4:43:08:5a:32:1a:3d:0f:4f:4a:7e:a0:
d7:ab:cb:4d:ae:a2:b0:ae:16:43:da:85:2d:7f:91:
e3:10:99:19:ea:66:c9:4f:3b:c5:f7:aa:a1:78:09:
24:00:58:2a:8a:a4:f3:d8:e9:99:ef:62:be:40:31:
0b:ae:86:6b:4d:41:45:13:42:82:83:07:fe:86:45:
16:78:93:35:d0:56:c6:c2:cb:a6:33:63:36:70:d7:
cf:13:22:19:91:4f:ff:f4:c1:ba:36:cb:76:6b:b6:
52:8f:b8:58:fd:91:ca:de:37:fc:8a:f8:a3:a8:c0:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:36:D2:44:89:DB:15:6A:05:AA:E1:EF:26:25:02:66:28:61:14:A6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lDbSRInbFWoFquHvJiUCZihhFKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:7a:db:ef:9f:f7:80:6b:3b:d7:b6:5f:a2:87:ad:7c:44:e8:
bd:b3:06:4b:76:d3:9a:f0:ff:e1:09:6a:a4:63:6a:be:ab:b3:
53:db:31:a5:50:ff:44:82:6d:69:83:6a:64:e4:99:a3:31:e8:
2b:db:6a:b2:0c:75:6e:73:8c:3e:1c:e3:c6:c1:a2:ef:e8:f5:
7e:90:3a:2d:7c:4f:4c:59:b7:f4:91:7e:91:76:30:d5:10:57:
64:45:c9:e8:c8:40:cd:ea:4a:3a:05:52:30:5e:93:08:f2:e0:
1b:5f:77:39:0a:6b:24:c1:e7:a0:0a:2c:6b:dd:3c:e3:ac:13:
18:39:eb:a1:df:ab:0e:2f:ec:6f:19:69:ea:ce:80:14:88:14:
25:21:f3:2e:de:fb:d2:1f:3d:e8:30:c4:20:19:59:40:b7:83:
6a:e7:72:3d:81:3d:11:34:41:d9:c1:f6:1c:c9:ae:67:38:0b:
58:99:44:b4:27:d8:ed:f3:43:46:43:b6:61:95:e7:ef:4b:24:
ee:f4:0d:70:c6:bf:93:23:12:13:a5:cd:cc:04:02:3b:b3:0b:
42:59:ce:fa:b8:e8:f6:aa:ce:80:1c:e6:e7:78:bd:91:6a:68:
73:ba:3f:74:a8:eb:95:31:5b:15:63:fb:05:d4:49:a8:41:9f:
d9:e0:0f:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAVl0l1J9vet4h88VO01nKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE0MDcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM2ZDI0NDg5ZGIxNTZhMDVhYWUxZWYyNjI1MDI2NjI4NjExNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKs7CnbNec4fXCDGj7ANIvyXoocn
vHDzfEtOIv3TmcQQIAwbZt0TPT6Z0jKJgVQDUaYjI5PTj66Veg/zSLTjrdsFpd36
gnKAudcvR/pomA5eEQfXfTQ4/1K7WlMAdHJj9xiiDPgcDkspRbtR3CAMdT+wl4bk
IcKt+2+hvDDgGhU5DvtpruZEWpv0QwhaMho9D09KfqDXq8tNrqKwrhZD2oUtf5Hj
EJkZ6mbJTzvF96qheAkkAFgqiqTz2OmZ72K+QDELroZrTUFFE0KCgwf+hkUWeJM1
0FbGwsumM2M2cNfPEyIZkU//9MG6Nst2a7ZSj7hY/ZHK3jf8ivijqMC4QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJQ20kSJ2xVqBarh7yYlAmYoYRSmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbERiU1JJbmJGV29GcXVIdkppVUNaaWhoRktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAd62++f94BrO9e2X6KH
rXxE6L2zBkt205rw/+EJaqRjar6rs1PbMaVQ/0SCbWmDamTkmaMx6CvbarIMdW5z
jD4c48bBou/o9X6QOi18T0xZt/SRfpF2MNUQV2RFyejIQM3qSjoFUjBekwjy4Btf
dzkKayTB56AKLGvdPOOsExg566Hfqw4v7G8ZaerOgBSIFCUh8y7e+9IfPegwxCAZ
WUC3g2rncj2BPRE0QdnB9hzJrmc4C1iZRLQn2O3zQ0ZDtmGV5+9LJO70DXDGv5Mj
EhOlzcwEAjuzC0JZzvq46PaqzoAc5ud4vZFqaHO6P3So65UxWxVj+wXUSahBn9ng
D64=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:44 2025 by rpki-client