Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/omzikaF1Tn3RbNXaKz-QsVHnzXI.roa
File: omzikaF1Tn3RbNXaKz-QsVHnzXI.roa (raw, json)
Hash identifier: PjK5VJFWluOWSDhtwTd0gGng41ex5oWHkN0LvtqNafQ=
Subject key identifier: A2:6C:E2:91:A1:75:4E:7D:D1:6C:D5:DA:2B:3F:90:B1:51:E7:CD:72
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903FDAFCE2AD160A82477FAB096CAC74DB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/omzikaF1Tn3RbNXaKz-QsVHnzXI.roa
Signing time: Sat 22 Jun 2024 12:10:34 +0000
ROA not before: Sat 22 Jun 2024 12:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:da:fc:e2:ad:16:0a:82:47:7f:ab:09:6c:ac:74:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 12:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a26ce291a1754e7dd16cd5da2b3f90b151e7cd72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:91:ac:a2:9f:c1:ed:c3:61:3e:7c:d7:65:9a:
6c:df:4a:cd:a8:eb:6e:7f:e8:fb:e4:54:58:44:4b:
c7:15:eb:ae:3a:5b:d9:15:06:fe:27:91:73:09:c5:
f9:ba:e4:84:cc:23:a4:09:bf:b0:34:c8:6f:dc:51:
b3:a1:ab:7b:05:bf:ef:8c:fc:e1:d6:ca:90:3a:00:
66:00:41:59:21:5d:a5:74:d9:71:90:e1:bd:fc:df:
79:6d:7b:21:e9:49:00:0e:58:40:e0:c6:14:17:db:
5f:33:f0:c6:9d:08:e6:61:87:74:73:ea:36:3e:26:
d6:d5:4e:76:f8:3d:49:a1:79:5e:2e:3e:13:08:a5:
9a:4a:bb:40:2d:fc:c0:ae:df:87:1e:2e:15:e4:3c:
1f:12:0c:55:69:6a:6a:b2:d7:98:50:7b:e1:c5:18:
1b:3c:66:1c:02:f4:d7:74:99:e3:63:1c:5e:d3:b9:
fb:34:af:c3:1e:4f:74:f0:29:5f:68:5c:8b:28:70:
ef:34:c3:39:09:e2:a3:c0:21:29:7d:60:1b:da:8e:
7d:4f:91:57:7a:9c:b7:cc:15:2c:fa:0f:07:eb:6b:
12:a2:d9:c8:e3:fe:42:71:aa:15:d1:fa:ca:32:9e:
10:e8:37:57:33:51:70:4f:32:c0:e8:e8:d4:4c:ea:
b8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:E2:91:A1:75:4E:7D:D1:6C:D5:DA:2B:3F:90:B1:51:E7:CD:72
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/omzikaF1Tn3RbNXaKz-QsVHnzXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:e9:8d:05:42:5d:ca:86:fc:49:6a:97:70:bb:0b:57:e0:b0:
c9:ab:b3:0d:5a:0f:d4:11:12:2b:c8:77:e6:32:5a:2e:fb:11:
f1:f8:c2:5a:7f:93:88:d0:7c:59:ee:20:fd:d9:c2:31:f2:5f:
a0:d8:44:a0:e7:1e:57:01:28:f3:1a:20:23:09:e0:45:e0:b8:
76:65:e0:ad:9e:b6:d8:23:47:11:da:bc:a7:a5:cf:3c:43:0a:
b9:3f:b3:13:b4:3e:4d:49:ca:67:58:b5:bb:81:dc:42:dc:46:
fc:bb:2e:a4:a8:01:80:a2:6b:6b:76:dc:1c:38:2f:c5:a4:f2:
e8:89:63:85:0e:5c:8c:50:5f:58:41:70:94:88:c5:5b:87:94:
b6:d8:4f:4a:64:88:7e:41:16:fb:a5:28:48:b8:ed:fe:50:6a:
14:bf:10:6f:20:91:73:c5:3a:8c:26:46:fa:1a:6a:22:82:19:
57:a6:b5:05:d7:3e:a3:17:37:09:c3:05:34:82:0e:f1:a2:07:
76:a8:58:3a:ea:46:65:d7:53:6a:b3:8e:bd:8a:92:a5:11:50:
3b:68:1b:d6:4e:b7:82:d8:f7:9f:d5:3d:9c:36:55:63:ec:77:
4f:fb:58:94:9c:e6:66:86:bd:4a:fb:85:f9:1c:b2:64:d4:3c:
6d:21:82:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA/2vzirRYKgkd/qwlsrHTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMTIxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZjZTI5MWExNzU0ZTdkZDE2Y2Q1ZGEyYjNmOTBiMTUxZTdjZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZGsop/B7cNhPnzXZZps30rNqOtu
f+j75FRYREvHFeuuOlvZFQb+J5FzCcX5uuSEzCOkCb+wNMhv3FGzoat7Bb/vjPzh
1sqQOgBmAEFZIV2ldNlxkOG9/N95bXsh6UkADlhA4MYUF9tfM/DGnQjmYYd0c+o2
PibW1U52+D1JoXleLj4TCKWaSrtALfzArt+HHi4V5DwfEgxVaWpqsteYUHvhxRgb
PGYcAvTXdJnjYxxe07n7NK/DHk908ClfaFyLKHDvNMM5CeKjwCEpfWAb2o59T5FX
epy3zBUs+g8H62sSotnI4/5CcaoV0frKMp4Q6DdXM1FwTzLA6OjUTOq4AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJs4pGhdU590WzV2is/kLFR581yMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb216aWthRjFUbjNSYk5YYUt6LVFzVkhuelhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3pjQVCXcqG/Elql3C7
C1fgsMmrsw1aD9QREivId+YyWi77EfH4wlp/k4jQfFnuIP3ZwjHyX6DYRKDnHlcB
KPMaICMJ4EXguHZl4K2ettgjRxHavKelzzxDCrk/sxO0Pk1JymdYtbuB3ELcRvy7
LqSoAYCia2t23Bw4L8Wk8uiJY4UOXIxQX1hBcJSIxVuHlLbYT0pkiH5BFvulKEi4
7f5QahS/EG8gkXPFOowmRvoaaiKCGVemtQXXPqMXNwnDBTSCDvGiB3aoWDrqRmXX
U2qzjr2KkqURUDtoG9ZOt4LY95/VPZw2VWPsd0/7WJSc5maGvUr7hfkcsmTUPG0h
gjc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:22:57 2025 by rpki-client