Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rHnbUW6qgNaHpLy-0jE9rZ9ootA.roa
File: rHnbUW6qgNaHpLy-0jE9rZ9ootA.roa (raw, json)
Hash identifier: jiKsPrRpF4w9WkSzmeF16gUZagODY9MzyHHalAB9IVg=
Subject key identifier: AC:79:DB:51:6E:AA:80:D6:87:A4:BC:BE:D2:31:3D:AD:9F:68:A2:D0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC7B079C9A9429A6C41B0AB8B8EC403C9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rHnbUW6qgNaHpLy-0jE9rZ9ootA.roa
Signing time: Thu 30 May 2024 04:09:42 +0000
ROA not before: Thu 30 May 2024 04:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c7:b0:79:c9:a9:42:9a:6c:41:b0:ab:8b:8e:c4:03:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 04:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac79db516eaa80d687a4bcbed2313dad9f68a2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:92:32:14:5f:e7:4e:5b:41:a5:f1:5b:ca:
33:42:a6:ae:61:a1:95:a3:b8:f0:de:27:9d:0f:52:
f9:54:d4:f5:78:1c:36:c7:63:9d:2f:41:8b:f9:b0:
f0:6b:1a:31:a7:c0:b8:6d:c1:93:76:ad:15:47:62:
1e:54:5a:35:9d:9f:ba:68:92:92:ab:85:3e:db:c0:
ae:6c:32:87:e0:50:b1:65:e9:53:84:a6:c9:76:61:
1f:76:6f:9e:9b:82:8a:9c:dc:09:fc:16:b1:8a:fd:
5b:83:8b:05:4c:a7:0b:4b:df:79:e3:3a:11:e0:75:
bb:14:2d:a8:18:e1:ac:46:9e:3a:4a:09:28:8e:34:
e3:ff:0e:8c:09:20:c6:86:cd:09:9a:0f:48:99:38:
09:b3:82:39:e0:64:23:0f:09:af:93:d1:92:81:16:
4d:53:96:89:12:1e:96:a1:26:6d:40:d0:84:12:a7:
bb:55:50:90:3f:fa:c4:9d:53:30:81:6d:10:62:13:
4e:64:31:4e:6a:97:14:60:cf:27:cf:75:12:4c:3d:
8f:56:72:1b:de:63:bc:ac:8b:38:94:be:1d:2d:dd:
17:f1:20:c2:64:13:4c:55:5f:e9:ce:b8:dc:a9:1c:
d9:c3:d8:a2:21:b4:3f:7b:c2:ca:2e:f9:00:93:8a:
43:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:79:DB:51:6E:AA:80:D6:87:A4:BC:BE:D2:31:3D:AD:9F:68:A2:D0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rHnbUW6qgNaHpLy-0jE9rZ9ootA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:96:9e:f1:67:86:0c:df:ea:8e:ee:0c:cb:75:e1:cd:a2:4a:
16:94:d1:a5:ea:83:a4:b8:81:a7:73:29:dc:9d:76:2a:2c:f6:
08:02:c4:05:f4:f8:a5:f9:3b:de:67:3b:91:a8:2d:2a:cd:04:
a8:d5:10:9e:60:5d:1e:e4:34:94:08:2c:64:91:e1:b7:e4:3f:
dd:46:b6:dc:d8:80:4a:b7:eb:b5:7c:89:00:9d:e0:7a:14:da:
78:84:b3:f5:2c:85:bb:41:40:80:32:ac:67:fb:25:c2:46:f6:
27:21:85:73:8c:46:3b:5b:5a:de:ca:af:2f:f0:62:5f:1c:6e:
7a:f1:46:d1:93:aa:5a:ac:6e:f9:7d:7f:c5:18:f2:71:95:ec:
00:90:ad:aa:3f:7d:37:5d:89:e5:02:03:19:ec:84:64:61:48:
dd:76:90:7b:40:dc:5c:34:fd:a5:5c:39:f8:14:df:a7:e8:ab:
37:42:cc:d2:88:60:3c:66:38:a6:e5:ae:5b:95:42:34:eb:ac:
98:3d:91:49:8e:df:c2:98:6f:34:bf:1c:23:d8:e5:2a:bd:a4:
64:51:ed:9c:95:71:31:7d:a5:1e:9f:af:4e:69:ef:31:5e:f9:
c0:4f:e5:1f:48:e8:0c:d7:e1:9b:d5:98:67:f8:ac:e4:be:41:
9b:3c:b1:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/HsHnJqUKabEGwq4uOxAPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMDQwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc5ZGI1MTZlYWE4MGQ2ODdhNGJjYmVkMjMxM2RhZDlmNjhhMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB+SMhRf505bQaXxW8ozQqauYaGV
o7jw3iedD1L5VNT1eBw2x2OdL0GL+bDwaxoxp8C4bcGTdq0VR2IeVFo1nZ+6aJKS
q4U+28CubDKH4FCxZelThKbJdmEfdm+em4KKnNwJ/Baxiv1bg4sFTKcLS9954zoR
4HW7FC2oGOGsRp46SgkojjTj/w6MCSDGhs0Jmg9ImTgJs4I54GQjDwmvk9GSgRZN
U5aJEh6WoSZtQNCEEqe7VVCQP/rEnVMwgW0QYhNOZDFOapcUYM8nz3USTD2PVnIb
3mO8rIs4lL4dLd0X8SDCZBNMVV/pzrjcqRzZw9iiIbQ/e8LKLvkAk4pD8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKx521FuqoDWh6S8vtIxPa2faKLQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvckhuYlVXNnFnTmFIcEx5LTBqRTlyWjlvb3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAGWnvFnhgzf6o7uDMt1
4c2iShaU0aXqg6S4gadzKdyddios9ggCxAX0+KX5O95nO5GoLSrNBKjVEJ5gXR7k
NJQILGSR4bfkP91GttzYgEq367V8iQCd4HoU2niEs/UshbtBQIAyrGf7JcJG9ich
hXOMRjtbWt7Kry/wYl8cbnrxRtGTqlqsbvl9f8UY8nGV7ACQrao/fTddieUCAxns
hGRhSN12kHtA3Fw0/aVcOfgU36foqzdCzNKIYDxmOKblrluVQjTrrJg9kUmO38KY
bzS/HCPY5Sq9pGRR7ZyVcTF9pR6fr05p7zFe+cBP5R9I6AzX4ZvVmGf4rOS+QZs8
scw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:07:11 2025 by rpki-client