Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tx839iIT_2iOxrAqOm8-UqXqZsg.roa
File: tx839iIT_2iOxrAqOm8-UqXqZsg.roa (raw, json)
Hash identifier: GaS0NnCrRpnektuBt+yk7qOpuuyeT/l1cPxBVdpKrpY=
Subject key identifier: B7:1F:37:F6:22:13:FF:68:8E:C6:B0:2A:3A:6F:3E:52:A5:EA:66:C8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190AE5DB2FD0D908BD52C8584719CD9AC9A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tx839iIT_2iOxrAqOm8-UqXqZsg.roa
Signing time: Sat 13 Jul 2024 23:11:34 +0000
ROA not before: Sat 13 Jul 2024 23:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ae:5d:b2:fd:0d:90:8b:d5:2c:85:84:71:9c:d9:ac:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 13 23:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b71f37f62213ff688ec6b02a3a6f3e52a5ea66c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:5c:a7:06:08:42:26:59:ca:17:d6:a9:77:
98:51:a7:73:0e:e8:ed:ee:4d:4e:d2:4a:79:a0:ff:
19:ce:43:0c:33:fc:a0:44:3a:55:06:15:59:c8:28:
15:85:bd:ff:15:6b:ce:77:d1:96:bc:04:a8:7e:b9:
10:a0:06:aa:10:1c:50:58:1f:d1:ba:2e:66:d5:79:
6b:04:61:c9:c0:87:b4:0b:bb:89:e6:7e:30:27:84:
ce:ee:22:90:6a:0b:35:57:f9:a6:75:44:9b:a3:5e:
08:9f:f3:bf:68:9b:ba:13:7b:91:24:48:34:0a:7c:
cb:70:97:90:36:62:2c:37:61:f2:8b:7f:4b:e5:7e:
23:af:d0:7d:45:7c:fd:86:aa:ed:fd:41:98:4c:9e:
78:3b:18:b2:72:06:87:96:a8:34:f0:60:77:72:8f:
41:42:5f:35:fc:87:30:2a:45:1a:20:10:2c:63:3e:
b0:e2:4d:1f:eb:aa:9e:c4:3c:b0:c2:43:d4:83:82:
a9:9e:9c:4b:37:32:5b:4b:74:8d:b1:ed:8d:e9:ad:
84:5d:30:06:cc:24:0f:8a:1d:3c:cf:4d:23:5a:af:
25:3f:58:1e:71:8d:5d:9a:ed:65:7e:b8:39:d2:26:
e9:92:22:be:4c:23:b8:ee:26:d2:3e:bc:7a:e5:fd:
e9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1F:37:F6:22:13:FF:68:8E:C6:B0:2A:3A:6F:3E:52:A5:EA:66:C8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tx839iIT_2iOxrAqOm8-UqXqZsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:26:8c:71:19:f2:e2:8a:9d:bf:53:ae:da:6c:8d:03:16:bc:
be:9f:73:86:43:c5:b9:30:30:c7:66:b6:8a:48:bf:55:c9:f4:
bd:97:d2:fa:74:2b:f2:12:20:2f:9e:2b:06:02:8c:dd:51:e3:
de:9c:1d:13:0f:15:c2:40:25:3f:12:21:d7:56:17:bf:c1:89:
9b:60:85:8b:ba:c9:c6:8c:cd:75:22:c6:6c:67:7d:72:7a:d1:
7a:be:7d:67:44:bd:9c:4b:5e:c8:07:02:5b:6d:24:d5:5f:81:
d0:c4:5a:aa:c0:39:26:10:0f:6b:e8:96:02:ad:d0:dc:f0:4e:
a3:e2:13:ae:5a:17:97:29:9f:61:8a:26:1f:e5:81:78:ff:e9:
3b:91:25:aa:1f:ec:34:56:c1:fe:1b:c9:f0:e2:b7:42:dd:dd:
a5:a8:28:0e:1a:a2:08:dd:5f:e6:81:53:21:27:99:75:c0:a5:
e9:ac:40:1b:87:31:be:d6:c1:c2:cc:47:b1:3c:a4:a2:e3:55:
aa:23:4c:97:7d:44:8a:31:3c:6a:54:19:6d:3f:07:c8:0f:d0:
52:d1:5e:c3:57:c6:cf:88:1e:b5:de:dd:7e:62:96:88:c7:87:
f9:a0:fe:6f:d7:db:27:ec:28:67:53:b8:3c:d8:f1:c9:b7:9e:
2b:fd:4f:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCuXbL9DZCL1SyFhHGc2ayaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEzMjMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFmMzdmNjIyMTNmZjY4OGVjNmIwMmEzYTZmM2U1MmE1ZWE2NmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/VcpwYIQiZZyhfWqXeYUadzDujt
7k1O0kp5oP8ZzkMMM/ygRDpVBhVZyCgVhb3/FWvOd9GWvASofrkQoAaqEBxQWB/R
ui5m1XlrBGHJwIe0C7uJ5n4wJ4TO7iKQags1V/mmdUSbo14In/O/aJu6E3uRJEg0
CnzLcJeQNmIsN2Hyi39L5X4jr9B9RXz9hqrt/UGYTJ54OxiycgaHlqg08GB3co9B
Ql81/IcwKkUaIBAsYz6w4k0f66qexDywwkPUg4KpnpxLNzJbS3SNse2N6a2EXTAG
zCQPih08z00jWq8lP1gecY1dmu1lfrg50ibpkiK+TCO47ibSPrx65f3pCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcfN/YiE/9ojsawKjpvPlKl6mbIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdHg4MzlpSVRfMmlPeHJBcU9tOC1VcVhxWnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG8mjHEZ8uKKnb9Trtps
jQMWvL6fc4ZDxbkwMMdmtopIv1XJ9L2X0vp0K/ISIC+eKwYCjN1R496cHRMPFcJA
JT8SIddWF7/BiZtghYu6ycaMzXUixmxnfXJ60Xq+fWdEvZxLXsgHAlttJNVfgdDE
WqrAOSYQD2volgKt0NzwTqPiE65aF5cpn2GKJh/lgXj/6TuRJaof7DRWwf4byfDi
t0Ld3aWoKA4aogjdX+aBUyEnmXXApemsQBuHMb7WwcLMR7E8pKLjVaojTJd9RIox
PGpUGW0/B8gP0FLRXsNXxs+IHrXe3X5ilojHh/mg/m/X2yfsKGdTuDzY8cm3niv9
T6M=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:37:53 2025 by rpki-client