Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s1k7Jz9rdHcjoqbuqn5oDMBn3Gg.roa
File: s1k7Jz9rdHcjoqbuqn5oDMBn3Gg.roa (raw, json)
Hash identifier: Y9VLhAxmikfeBzyBDuLJCGiLFfyN0SpybVpXvXvnCMg=
Subject key identifier: B3:59:3B:27:3F:6B:74:77:23:A2:A6:EE:AA:7E:68:0C:C0:67:DC:68
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF56684BA41AE5078B476E2B5B0B2C681
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s1k7Jz9rdHcjoqbuqn5oDMBn3Gg.roa
Signing time: Sat 08 Jun 2024 01:11:27 +0000
ROA not before: Sat 08 Jun 2024 01:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f5:66:84:ba:41:ae:50:78:b4:76:e2:b5:b0:b2:c6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 8 01:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3593b273f6b747723a2a6eeaa7e680cc067dc68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:73:c8:19:7e:38:ad:6b:b8:b8:55:0c:90:56:
e6:28:57:46:68:06:2c:de:d8:46:03:95:a3:da:8f:
5f:d2:40:90:e1:58:d9:d8:7f:b4:e5:5a:a7:44:4a:
9a:2d:25:cb:16:8b:ba:1a:9f:86:10:12:f3:7d:dc:
81:bc:74:f3:bf:dd:02:65:22:8a:08:81:23:4d:65:
52:85:c4:3c:c5:94:d3:30:23:2a:84:4d:93:6c:49:
b1:93:8a:11:5b:d5:65:e7:ef:61:47:e6:01:be:b8:
54:84:82:a8:64:96:08:38:16:f3:f6:61:5e:47:f8:
14:88:bf:44:ca:fc:1b:01:bf:3c:92:61:1c:4f:1d:
1d:07:b2:03:c0:c8:13:20:26:d7:bd:7f:74:7e:86:
3c:b5:11:e2:23:dd:dc:bf:c9:86:c9:e6:50:97:1d:
08:d4:e1:5e:8a:a5:74:80:b7:1b:c9:19:07:ec:ea:
d4:0e:73:80:4e:73:e1:8b:65:ed:a6:c0:e1:b9:08:
06:31:fd:bc:ca:a2:c5:7c:38:68:98:e7:51:9a:04:
e5:86:f0:d6:e2:f1:1b:85:f3:4e:22:3f:09:6c:b2:
cd:c8:5f:21:56:4f:86:73:b8:01:b2:ab:eb:bc:e0:
9d:ba:f8:e5:42:aa:ed:9e:b2:a5:6e:d6:19:b2:f0:
fb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:3B:27:3F:6B:74:77:23:A2:A6:EE:AA:7E:68:0C:C0:67:DC:68
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s1k7Jz9rdHcjoqbuqn5oDMBn3Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:98:7d:ae:26:c4:ab:27:46:d5:c8:d0:2d:ed:4f:db:c1:9d:
5b:6b:f4:cf:a4:1f:d7:3e:f0:94:ac:9a:9e:c2:42:e7:5a:87:
91:a9:c4:34:01:f1:5b:00:49:3b:2f:ff:b2:e3:25:ab:34:40:
00:9b:ca:e2:62:eb:b5:bd:ee:40:49:11:b5:11:e0:c6:91:6b:
4e:dc:4a:5f:12:af:29:26:02:c5:f7:96:40:7b:89:83:f1:7a:
87:6a:75:ca:d7:0e:7d:2f:75:be:19:ee:b0:14:56:dd:fe:63:
42:ed:8c:2b:df:dd:d9:de:3b:91:7c:2e:b3:23:ca:38:18:9c:
b4:fb:34:20:31:78:79:06:be:67:cc:5b:6b:d1:7e:e9:6b:7c:
1c:0d:89:b4:67:b0:27:ba:83:b5:64:f6:4e:2e:f9:e9:7c:1d:
36:d4:2c:64:50:18:2d:b1:db:b8:53:c7:66:56:3a:a9:51:a3:
79:36:63:e6:fa:3e:f8:6b:b1:48:4d:3d:8d:7d:bf:10:e5:d2:
9b:ce:cd:8f:c2:b1:08:4f:ac:02:0e:7d:44:62:cc:97:f3:7a:
2b:bc:41:98:20:38:5b:67:f8:d8:f7:48:3a:e0:81:b8:ef:3b:
83:29:16:25:19:39:2f:ea:48:63:9f:01:84:39:9d:fb:b7:a4:
68:9c:d2:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/1ZoS6Qa5QeLR24rWwssaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA4MDExMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU5M2IyNzNmNmI3NDc3MjNhMmE2ZWVhYTdlNjgwY2MwNjdkYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnPIGX44rWu4uFUMkFbmKFdGaAYs
3thGA5Wj2o9f0kCQ4VjZ2H+05VqnREqaLSXLFou6Gp+GEBLzfdyBvHTzv90CZSKK
CIEjTWVShcQ8xZTTMCMqhE2TbEmxk4oRW9Vl5+9hR+YBvrhUhIKoZJYIOBbz9mFe
R/gUiL9EyvwbAb88kmEcTx0dB7IDwMgTICbXvX90foY8tRHiI93cv8mGyeZQlx0I
1OFeiqV0gLcbyRkH7OrUDnOATnPhi2XtpsDhuQgGMf28yqLFfDhomOdRmgTlhvDW
4vEbhfNOIj8JbLLNyF8hVk+Gc7gBsqvrvOCduvjlQqrtnrKlbtYZsvD7vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLNZOyc/a3R3I6Km7qp+aAzAZ9xoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvczFrN0p6OXJkSGNqb3FidXFuNW9ETUJuM0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAmYfa4mxKsnRtXI0C3t
T9vBnVtr9M+kH9c+8JSsmp7CQudah5GpxDQB8VsASTsv/7LjJas0QACbyuJi67W9
7kBJEbUR4MaRa07cSl8SrykmAsX3lkB7iYPxeodqdcrXDn0vdb4Z7rAUVt3+Y0Lt
jCvf3dneO5F8LrMjyjgYnLT7NCAxeHkGvmfMW2vRfulrfBwNibRnsCe6g7Vk9k4u
+el8HTbULGRQGC2x27hTx2ZWOqlRo3k2Y+b6PvhrsUhNPY19vxDl0pvOzY/CsQhP
rAIOfURizJfzeiu8QZggOFtn+Nj3SDrggbjvO4MpFiUZOS/qSGOfAYQ5nfu3pGic
0mY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:42 2025 by rpki-client