Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/payQo3Vb8wPvJjNSJYW8XgQ0P5Y.roa
File: payQo3Vb8wPvJjNSJYW8XgQ0P5Y.roa (raw, json)
Hash identifier: qPPeJenaPFfyDZqi22A6Hnj1mGYIjbmExvhmce752q4=
Subject key identifier: A5:AC:90:A3:75:5B:F3:03:EF:26:33:52:25:85:BC:5E:04:34:3F:96
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190987AAADE5FA3E894E40C73F5AE31B84D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/payQo3Vb8wPvJjNSJYW8XgQ0P5Y.roa
Signing time: Tue 09 Jul 2024 17:11:34 +0000
ROA not before: Tue 09 Jul 2024 17:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:7a:aa:de:5f:a3:e8:94:e4:0c:73:f5:ae:31:b8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 17:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5ac90a3755bf303ef2633522585bc5e04343f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:19:f5:78:c7:3d:1b:63:8c:b0:8a:4e:c6:50:
11:e7:18:d6:76:1f:f3:95:36:7e:6d:ec:16:c3:54:
6f:62:30:dd:a1:18:60:8d:11:81:bb:4c:44:e8:4d:
91:f1:3e:ef:26:e1:93:b2:b3:da:92:29:73:9b:11:
1d:b5:e6:7c:d4:84:7b:08:3f:79:08:e9:46:cd:34:
59:98:11:58:50:c3:bd:48:79:7f:28:f0:41:a1:48:
bd:e4:d2:a2:ca:9f:25:4d:d9:55:b4:48:65:85:c1:
3f:b4:9c:7b:8b:73:eb:63:82:eb:7f:e9:4d:41:1f:
94:b9:e7:a6:cf:44:e3:73:55:8e:7a:5a:32:52:38:
c0:4c:64:a8:b4:12:8b:e2:ce:3f:31:4e:04:03:75:
13:a9:82:c4:de:85:f1:83:e4:6b:92:89:25:b0:67:
47:d7:11:c3:f9:06:74:85:64:b6:37:eb:70:ba:46:
7d:ca:72:db:8c:8f:31:1f:08:f7:b9:97:70:04:4a:
ba:e1:d6:34:20:30:58:bb:aa:e6:f0:de:d5:af:ba:
81:bd:4a:bc:b1:4f:49:4d:fa:b5:b2:8e:3a:e7:9a:
31:31:05:2f:d7:a4:33:28:f2:c9:9c:f0:33:cb:82:
66:24:1a:0f:89:61:3f:ba:57:28:3a:d9:73:e6:c8:
8a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AC:90:A3:75:5B:F3:03:EF:26:33:52:25:85:BC:5E:04:34:3F:96
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/payQo3Vb8wPvJjNSJYW8XgQ0P5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:36:9e:c8:e3:05:ca:c5:01:9d:86:bb:c7:2a:1b:5e:a4:a6:
78:e5:9c:1e:ee:6b:bd:a3:85:42:d2:d8:82:95:3d:db:fd:df:
b9:63:89:44:ec:0a:16:09:c0:da:c9:e0:82:07:a1:c7:c7:bf:
9a:83:8e:df:bc:c1:cb:31:26:d8:03:fe:bb:e0:3c:a9:75:27:
33:5a:78:ce:11:64:8b:b7:ef:ea:f5:c1:0e:ff:15:01:05:0c:
f6:9b:3f:97:5c:41:a5:4d:84:5a:fd:f7:f8:ce:f4:90:ab:62:
d3:99:96:9a:58:14:59:67:70:52:fc:87:62:f0:66:88:fd:e1:
0d:e1:0f:e6:56:ad:e1:a3:79:a4:76:17:ba:90:42:2a:c8:5c:
82:5d:d8:19:be:12:72:7a:ce:74:66:5d:82:f8:05:a7:f1:9d:
09:1c:17:44:8e:bb:bf:43:2a:a4:bf:a9:4e:5f:36:e6:4e:0b:
70:0e:dc:89:84:ac:90:c9:1c:af:b6:27:f8:89:cb:7b:fa:cc:
75:09:77:9b:f3:b0:c0:4a:7d:58:e7:cf:e4:00:39:39:45:75:
22:66:92:05:c1:c6:a6:5b:b5:20:50:f9:40:df:b4:bd:1a:f1:
98:1d:4f:e4:68:17:0d:72:53:db:42:31:b6:70:0c:c3:71:c1:
b3:73:a9:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCYeqreX6PolOQMc/WuMbhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MTcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFjOTBhMzc1NWJmMzAzZWYyNjMzNTIyNTg1YmM1ZTA0MzQzZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hn1eMc9G2OMsIpOxlAR5xjWdh/z
lTZ+bewWw1RvYjDdoRhgjRGBu0xE6E2R8T7vJuGTsrPakilzmxEdteZ81IR7CD95
COlGzTRZmBFYUMO9SHl/KPBBoUi95NKiyp8lTdlVtEhlhcE/tJx7i3PrY4Lrf+lN
QR+Uueemz0Tjc1WOeloyUjjATGSotBKL4s4/MU4EA3UTqYLE3oXxg+RrkoklsGdH
1xHD+QZ0hWS2N+twukZ9ynLbjI8xHwj3uZdwBEq64dY0IDBYu6rm8N7Vr7qBvUq8
sU9JTfq1so4655oxMQUv16QzKPLJnPAzy4JmJBoPiWE/ulcoOtlz5siK/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKWskKN1W/MD7yYzUiWFvF4END+WMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcGF5UW8zVmI4d1B2SmpOU0pZVzhYZ1EwUDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFw2nsjjBcrFAZ2Gu8cq
G16kpnjlnB7ua72jhULS2IKVPdv937ljiUTsChYJwNrJ4IIHocfHv5qDjt+8wcsx
JtgD/rvgPKl1JzNaeM4RZIu37+r1wQ7/FQEFDPabP5dcQaVNhFr99/jO9JCrYtOZ
lppYFFlncFL8h2LwZoj94Q3hD+ZWreGjeaR2F7qQQirIXIJd2Bm+EnJ6znRmXYL4
BafxnQkcF0SOu79DKqS/qU5fNuZOC3AO3ImErJDJHK+2J/iJy3v6zHUJd5vzsMBK
fVjnz+QAOTlFdSJmkgXBxqZbtSBQ+UDftL0a8ZgdT+RoFw1yU9tCMbZwDMNxwbNz
qQE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:43 2025 by rpki-client