Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ouHUpY5DCTmEBaUoxnKBesYPp2g.roa
File: ouHUpY5DCTmEBaUoxnKBesYPp2g.roa (raw, json)
Hash identifier: v3RLnFtEMRKfz/0w8BbGrxeqzYO2R449RdkoDZHvzOo=
Subject key identifier: A2:E1:D4:A5:8E:43:09:39:84:05:A5:28:C6:72:81:7A:C6:0F:A7:68
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD42332D25DF7264F265A82B3819A59EB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ouHUpY5DCTmEBaUoxnKBesYPp2g.roa
Signing time: Sat 01 Jun 2024 14:10:27 +0000
ROA not before: Sat 01 Jun 2024 14:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:23:32:d2:5d:f7:26:4f:26:5a:82:b3:81:9a:59:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 14:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e1d4a58e4309398405a528c672817ac60fa768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:53:54:58:41:29:2e:71:f7:99:46:15:e8:a7:
ce:e8:36:5d:6d:a4:50:33:5d:54:7a:3a:15:7d:ab:
6e:d0:26:31:0e:13:fb:ce:47:0c:f1:11:a7:e0:ae:
20:25:11:b5:65:9a:b8:a5:c0:83:3a:e4:c1:2b:2b:
97:a5:53:09:1f:20:65:2e:7a:38:38:99:dd:32:c4:
e6:50:eb:da:0f:1c:a3:25:eb:f9:88:d0:dc:e7:62:
5e:f2:6d:94:53:b3:b4:6d:dc:30:86:9e:06:d8:5b:
82:39:71:01:2e:87:68:01:50:5e:1f:23:6e:84:46:
67:d1:29:34:29:f3:1c:1d:e5:9f:a5:3e:5f:2c:69:
7a:6c:e9:c9:8f:57:75:89:ac:94:98:ae:b0:ad:77:
aa:a1:a6:23:4e:a1:a0:c4:ee:fd:23:4d:a1:51:8d:
2b:f2:ab:4e:d1:ec:e1:93:9d:a6:09:82:f8:96:16:
b9:4f:bf:cf:8e:70:f1:dd:ab:ff:69:62:9d:b4:a5:
ee:b2:bf:5e:05:fc:0b:d3:12:d9:cb:8d:13:39:c8:
be:f9:9e:a2:3e:f4:2f:8d:0d:c5:44:25:05:01:84:
8b:75:a7:8d:1b:ac:4b:f8:21:e9:cd:42:56:97:3d:
aa:63:72:84:03:42:88:85:a6:21:5d:14:0a:aa:a3:
0b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E1:D4:A5:8E:43:09:39:84:05:A5:28:C6:72:81:7A:C6:0F:A7:68
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ouHUpY5DCTmEBaUoxnKBesYPp2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:12:46:5e:db:30:76:1b:99:77:7b:36:51:9a:0d:d5:8a:cb:
b7:c0:a3:c7:eb:61:b1:20:fd:0a:e8:e6:84:4a:b9:5a:06:4e:
3b:ef:05:0d:bf:82:0a:91:e5:a0:2d:2c:76:2b:19:1c:90:7d:
c6:3a:b7:76:03:eb:ce:f4:1e:c3:bb:03:76:1c:c1:ed:96:ca:
65:28:af:2b:68:6d:b7:a0:95:1b:34:8d:88:ab:e2:e8:6e:25:
e6:da:0e:6f:bd:a1:ee:51:c3:18:ff:1f:32:67:96:31:84:10:
f9:13:7d:19:ef:11:a0:3d:ed:14:d7:65:a2:69:01:5e:10:f7:
76:83:5a:eb:1b:a1:14:4c:82:0c:9e:23:b4:2a:d3:6b:6b:79:
4a:dd:fe:79:61:46:1c:9a:9b:36:47:54:0e:a1:b6:82:f4:a2:
99:c7:de:98:06:53:a2:cc:9c:09:56:86:17:77:04:58:42:0d:
2a:9a:c6:dc:33:0e:01:f6:cc:9a:39:b3:15:c4:da:74:02:35:
8a:66:5b:35:9f:58:9b:aa:ff:4d:6a:da:f3:c9:a8:81:96:de:
76:b2:b5:27:e2:88:02:25:f8:f8:ed:93:4f:6b:6a:3c:e6:7c:
a1:d3:5a:8c:d8:d4:4c:7a:0b:1b:4f:e8:a0:7a:54:8f:91:11:
0b:cb:5c:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/UIzLSXfcmTyZagrOBmlnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMTQxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmUxZDRhNThlNDMwOTM5ODQwNWE1MjhjNjcyODE3YWM2MGZhNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1NUWEEpLnH3mUYV6KfO6DZdbaRQ
M11UejoVfatu0CYxDhP7zkcM8RGn4K4gJRG1ZZq4pcCDOuTBKyuXpVMJHyBlLno4
OJndMsTmUOvaDxyjJev5iNDc52Je8m2UU7O0bdwwhp4G2FuCOXEBLodoAVBeHyNu
hEZn0Sk0KfMcHeWfpT5fLGl6bOnJj1d1iayUmK6wrXeqoaYjTqGgxO79I02hUY0r
8qtO0ezhk52mCYL4lha5T7/PjnDx3av/aWKdtKXusr9eBfwL0xLZy40TOci++Z6i
PvQvjQ3FRCUFAYSLdaeNG6xL+CHpzUJWlz2qY3KEA0KIhaYhXRQKqqMLJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKLh1KWOQwk5hAWlKMZygXrGD6doMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb3VIVXBZNURDVG1FQmFVb3huS0Jlc1lQcDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF8SRl7bMHYbmXd7NlGa
DdWKy7fAo8frYbEg/Qro5oRKuVoGTjvvBQ2/ggqR5aAtLHYrGRyQfcY6t3YD6870
HsO7A3Ycwe2WymUorytobbeglRs0jYir4uhuJebaDm+9oe5Rwxj/HzJnljGEEPkT
fRnvEaA97RTXZaJpAV4Q93aDWusboRRMggyeI7Qq02treUrd/nlhRhyamzZHVA6h
toL0opnH3pgGU6LMnAlWhhd3BFhCDSqaxtwzDgH2zJo5sxXE2nQCNYpmWzWfWJuq
/01q2vPJqIGW3naytSfiiAIl+Pjtk09rajzmfKHTWozY1Ex6CxtP6KB6VI+REQvL
XGk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:10 2025 by rpki-client