Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p4jLMf-4IohNcL21_tTWwCIIREo.roa
File: p4jLMf-4IohNcL21_tTWwCIIREo.roa (raw, json)
Hash identifier: qjhOf42fRBtYItS90mx/sDg8PdY/2ieHfTt7Lz6dKME=
Subject key identifier: A7:88:CB:31:FF:B8:22:88:4D:70:BD:B5:FE:D4:D6:C0:22:08:44:4A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190167218BA7EB052D2132A0B637C1DCA30
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p4jLMf-4IohNcL21_tTWwCIIREo.roa
Signing time: Fri 14 Jun 2024 11:11:34 +0000
ROA not before: Fri 14 Jun 2024 11:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:72:18:ba:7e:b0:52:d2:13:2a:0b:63:7c:1d:ca:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 14 11:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a788cb31ffb822884d70bdb5fed4d6c02208444a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:67:6b:71:74:c9:77:c9:53:25:e7:69:5f:
96:57:9a:c4:60:13:3d:34:df:60:ad:13:ab:ce:e7:
b1:b3:10:62:72:35:6f:f4:d4:bd:fe:40:2b:d5:08:
cf:8d:f3:f7:af:59:35:74:ce:f3:aa:e6:18:63:82:
d6:5f:64:b4:4f:52:98:56:0b:8f:1b:d8:ea:7c:ea:
0d:19:ac:cc:62:dc:77:5e:1e:62:46:41:55:40:05:
a6:48:75:40:c9:cc:69:30:29:f1:96:34:24:15:36:
1e:48:ea:9c:8d:42:5d:dd:4a:47:e8:d4:c1:ae:56:
65:4d:8c:60:15:d0:71:bf:bf:0b:77:65:29:6f:b0:
e8:ba:25:5c:cc:07:60:53:4e:ff:3d:f7:60:cc:c0:
b8:6a:01:2f:35:4e:dc:56:02:2a:4f:01:76:e1:ae:
23:1a:9d:ff:24:74:6a:47:e8:af:b2:6f:17:47:af:
d7:49:05:12:dd:9b:e3:81:f3:a1:31:4e:59:bb:f2:
e8:f0:95:b6:59:50:c3:e2:8d:fb:b3:25:c4:e5:60:
79:0f:fa:16:e5:73:d9:78:cb:70:61:07:2a:24:c2:
9c:79:e8:e6:14:96:78:a6:cb:3a:97:5e:f6:85:52:
16:b1:8e:96:05:78:94:6e:fe:82:35:17:df:60:cd:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:88:CB:31:FF:B8:22:88:4D:70:BD:B5:FE:D4:D6:C0:22:08:44:4A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/p4jLMf-4IohNcL21_tTWwCIIREo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:fe:ed:04:b2:0c:0d:80:c8:8b:d3:5b:e3:84:8d:54:bf:3f:
8b:5a:fe:c9:27:94:3f:ba:c4:12:53:dd:a6:8b:7a:1a:e5:8d:
54:cf:84:a0:1f:67:aa:8c:01:62:aa:e7:05:32:b3:ca:7d:05:
a3:4f:81:ad:70:41:e2:ba:5f:bb:01:89:43:d7:68:c6:19:71:
7b:6f:c5:39:b6:83:cb:27:96:0b:e3:8e:55:bd:3a:1c:c5:a1:
10:3d:83:e6:13:6e:49:88:e3:82:9b:cc:a1:0b:f5:56:f5:e2:
dc:10:81:5b:1e:12:e1:26:88:22:5d:1f:89:e4:26:4f:ab:f4:
63:55:b7:f2:56:c8:41:e1:47:93:ee:d1:6a:06:f1:9c:07:2d:
f3:81:bc:0c:d8:04:95:1b:3f:da:f4:fa:b6:1e:49:81:41:69:
f6:8f:9c:a1:f8:05:69:2e:fa:96:3a:31:cc:79:d7:c7:55:c2:
72:02:65:2d:85:dc:84:8b:26:59:0e:6b:8f:b3:70:4d:78:99:
c7:15:e5:cd:38:d0:12:03:10:d7:a2:d1:0e:bb:97:32:47:bf:
c9:5d:6a:11:73:62:a8:54:03:6c:80:e8:59:f4:34:14:fc:e8:
f1:a4:b0:ab:42:ed:ba:0f:73:de:1f:55:24:75:70:c0:19:d8:
ae:81:51:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAWchi6frBS0hMqC2N8HcowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE0MTExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg4Y2IzMWZmYjgyMjg4NGQ3MGJkYjVmZWQ0ZDZjMDIyMDg0NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcJna3F0yXfJUyXnaV+WV5rEYBM9
NN9grROrzuexsxBicjVv9NS9/kAr1QjPjfP3r1k1dM7zquYYY4LWX2S0T1KYVguP
G9jqfOoNGazMYtx3Xh5iRkFVQAWmSHVAycxpMCnxljQkFTYeSOqcjUJd3UpH6NTB
rlZlTYxgFdBxv78Ld2Upb7DouiVczAdgU07/PfdgzMC4agEvNU7cVgIqTwF24a4j
Gp3/JHRqR+ivsm8XR6/XSQUS3ZvjgfOhMU5Zu/Lo8JW2WVDD4o37syXE5WB5D/oW
5XPZeMtwYQcqJMKceejmFJZ4pss6l172hVIWsY6WBXiUbv6CNRffYM2tZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKeIyzH/uCKITXC9tf7U1sAiCERKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcDRqTE1mLTRJb2hOY0wyMV90VFd3Q0lJUkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABL+7QSyDA2AyIvTW+OE
jVS/P4ta/sknlD+6xBJT3aaLehrljVTPhKAfZ6qMAWKq5wUys8p9BaNPga1wQeK6
X7sBiUPXaMYZcXtvxTm2g8snlgvjjlW9OhzFoRA9g+YTbkmI44KbzKEL9Vb14twQ
gVseEuEmiCJdH4nkJk+r9GNVt/JWyEHhR5Pu0WoG8ZwHLfOBvAzYBJUbP9r0+rYe
SYFBafaPnKH4BWku+pY6Mcx518dVwnICZS2F3ISLJlkOa4+zcE14mccV5c040BID
ENei0Q67lzJHv8ldahFzYqhUA2yA6Fn0NBT86PGksKtC7boPc94fVSR1cMAZ2K6B
UQQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:09:20 2025 by rpki-client