Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tE6CG56hhdzPy1-QHkFF447cj64.roa
File: tE6CG56hhdzPy1-QHkFF447cj64.roa (raw, json)
Hash identifier: 4c3JY+wtfXsv1+R/fAsth5NOsZ5pADMOlrTlPFnSd48=
Subject key identifier: B4:4E:82:1B:9E:A1:85:DC:CF:CB:5F:90:1E:41:45:E3:8E:DC:8F:AE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907136DA1EEB9D4885F679709A0C8C1E27
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tE6CG56hhdzPy1-QHkFF447cj64.roa
Signing time: Tue 02 Jul 2024 02:12:18 +0000
ROA not before: Tue 02 Jul 2024 02:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:71:36:da:1e:eb:9d:48:85:f6:79:70:9a:0c:8c:1e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 02:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b44e821b9ea185dccfcb5f901e4145e38edc8fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a2:15:f9:2b:ef:c8:35:96:9a:8e:ba:c0:62:
6e:60:e7:1c:68:49:f3:83:6f:73:ee:12:50:09:cd:
ae:1a:91:df:35:51:c8:89:7c:fa:5d:38:8d:54:e0:
66:8c:f3:35:29:e2:d0:56:7e:58:01:26:35:5d:57:
5d:2c:17:3c:5f:14:65:ff:21:76:9a:e4:6f:01:b1:
d4:e6:30:bd:48:c2:18:47:16:6c:55:d8:b4:97:7f:
ea:30:b4:f1:75:dc:35:43:e7:a9:ba:2d:b3:a8:6e:
03:17:21:f8:26:74:2a:fd:04:ba:f7:e0:3f:d9:6e:
85:63:1b:a0:79:8d:cf:41:82:fa:8a:22:0b:51:2b:
67:e4:32:42:d7:fe:e3:bb:55:88:47:3c:6d:4e:60:
e7:46:c0:d2:f0:2f:5a:92:6f:51:09:9e:32:2a:c8:
a2:7f:90:4b:f5:e3:fc:1d:ce:7f:8b:ca:b2:a8:19:
fd:70:27:6c:d4:12:f6:6a:a3:da:e3:4c:2d:c6:c8:
6e:5b:2f:2c:b4:ce:61:aa:a8:36:6d:e8:e9:d7:b4:
a0:41:94:55:6d:26:db:75:4f:12:f9:72:52:67:6d:
dd:bb:40:3f:ca:83:13:3b:a5:e4:5f:2b:5f:86:03:
ff:ab:09:1e:b9:22:56:88:1f:9e:2f:09:ad:c6:c0:
6c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4E:82:1B:9E:A1:85:DC:CF:CB:5F:90:1E:41:45:E3:8E:DC:8F:AE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tE6CG56hhdzPy1-QHkFF447cj64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:f5:59:9f:08:03:f4:a8:9b:fd:e4:10:c1:26:f4:bc:51:31:
05:a1:e5:7a:02:1c:b2:9d:e2:b7:0d:9b:1d:da:51:e8:3a:ca:
ac:a3:59:6f:04:0c:3f:1f:d6:8b:7a:4c:b7:b5:20:d0:84:29:
90:88:1d:50:56:ec:b9:9f:10:9d:89:78:f0:ab:5c:08:3f:82:
d7:4d:87:b0:1b:36:6f:96:58:ae:70:16:2f:12:d1:5d:04:58:
fd:9f:f5:02:51:b3:70:be:93:e3:ea:ad:9f:11:fc:20:7b:24:
32:f7:84:78:d5:5d:39:1f:25:71:53:93:09:1f:ba:71:df:bd:
e9:82:20:d3:d2:3b:8b:d6:6e:7a:53:f3:07:e0:62:0c:50:f3:
c4:f3:99:26:1d:1f:d4:a6:b3:79:e8:19:48:4d:77:86:7f:65:
bf:6a:7f:f5:43:d8:1e:8b:0e:59:83:b8:d7:eb:6d:e5:6b:64:
30:d0:60:d6:d5:65:81:f0:2b:88:a8:9e:9f:2c:5d:58:2a:83:
c6:02:7e:9b:e0:76:57:b5:5c:eb:40:cb:cc:f9:f2:c8:ff:fe:
ba:7f:3a:41:d2:94:f0:44:50:94:8b:f2:8b:10:1b:41:4e:56:
03:f4:de:ad:21:98:49:0b:d6:37:06:29:01:9e:7b:2f:2a:34:
87:78:52:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBxNtoe651IhfZ5cJoMjB4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMDIxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRlODIxYjllYTE4NWRjY2ZjYjVmOTAxZTQxNDVlMzhlZGM4ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aIV+SvvyDWWmo66wGJuYOccaEnz
g29z7hJQCc2uGpHfNVHIiXz6XTiNVOBmjPM1KeLQVn5YASY1XVddLBc8XxRl/yF2
muRvAbHU5jC9SMIYRxZsVdi0l3/qMLTxddw1Q+epui2zqG4DFyH4JnQq/QS69+A/
2W6FYxugeY3PQYL6iiILUStn5DJC1/7ju1WIRzxtTmDnRsDS8C9akm9RCZ4yKsii
f5BL9eP8Hc5/i8qyqBn9cCds1BL2aqPa40wtxshuWy8stM5hqqg2bejp17SgQZRV
bSbbdU8S+XJSZ23du0A/yoMTO6XkXytfhgP/qwkeuSJWiB+eLwmtxsBsHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLROghueoYXcz8tfkB5BReOO3I+uMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdEU2Q0c1NmhoZHpQeTEtUUhrRkY0NDdjajY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADv1WZ8IA/Som/3kEMEm
9LxRMQWh5XoCHLKd4rcNmx3aUeg6yqyjWW8EDD8f1ot6TLe1INCEKZCIHVBW7Lmf
EJ2JePCrXAg/gtdNh7AbNm+WWK5wFi8S0V0EWP2f9QJRs3C+k+PqrZ8R/CB7JDL3
hHjVXTkfJXFTkwkfunHfvemCINPSO4vWbnpT8wfgYgxQ88TzmSYdH9Sms3noGUhN
d4Z/Zb9qf/VD2B6LDlmDuNfrbeVrZDDQYNbVZYHwK4ionp8sXVgqg8YCfpvgdle1
XOtAy8z58sj//rp/OkHSlPBEUJSL8osQG0FOVgP03q0hmEkL1jcGKQGeey8qNId4
UnM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:15 2025 by rpki-client