Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vXnQYmG3g7WFjzK8liZl9CzKGMA.roa
File: vXnQYmG3g7WFjzK8liZl9CzKGMA.roa (raw, json)
Hash identifier: Fs3LEQis+mjnyRWBTpCWsjmck1z3odDGqNpRErFE898=
Subject key identifier: BD:79:D0:62:61:B7:83:B5:85:8F:32:BC:96:26:65:F4:2C:CA:18:C0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCBFBCBA681C35D858FE375423ECCD4CE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vXnQYmG3g7WFjzK8liZl9CzKGMA.roa
Signing time: Fri 31 May 2024 00:10:27 +0000
ROA not before: Fri 31 May 2024 00:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cb:fb:cb:a6:81:c3:5d:85:8f:e3:75:42:3e:cc:d4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 00:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd79d06261b783b5858f32bc962665f42cca18c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:19:2f:90:16:12:bd:e0:49:93:ec:fc:7a:
a2:16:2b:5d:37:a6:81:4a:6a:6a:c1:9c:ec:c9:0e:
81:5b:87:d0:c5:75:ad:2d:15:89:2d:35:5e:e2:99:
41:40:fd:e6:47:63:7a:f5:8e:30:95:8c:40:e5:cb:
25:10:c1:98:13:cb:2b:c8:b3:78:09:6d:9c:ff:fd:
d4:23:e2:cc:17:3d:70:ea:f5:e5:7c:38:aa:6c:0a:
8f:4a:a5:ff:31:20:11:1a:ae:1f:3c:ec:b5:ba:a7:
d7:d2:f9:11:9b:84:6c:4b:0f:3f:6b:a0:a8:4f:5e:
dd:34:68:4c:48:3c:2f:0a:ce:5e:a6:ce:c2:6d:48:
9e:ce:94:9d:3f:9a:08:27:0f:02:cc:1d:da:69:b9:
0b:17:34:5b:bc:92:6b:3b:59:39:3c:f6:b8:83:de:
17:2d:a8:8a:87:12:cc:8d:2c:5f:2d:f5:32:65:54:
c6:f3:6a:4e:e1:47:f8:93:e9:bb:8f:3f:5b:be:fd:
95:c3:88:b2:13:65:ef:58:39:e8:f3:ba:76:aa:66:
18:fe:2d:30:2a:be:ad:ad:72:79:ef:2a:d2:58:ca:
e3:60:41:62:85:f6:96:9a:0a:bd:72:f3:65:36:bb:
2c:de:de:30:7e:d8:78:a4:34:04:00:e3:a4:26:92:
a0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:79:D0:62:61:B7:83:B5:85:8F:32:BC:96:26:65:F4:2C:CA:18:C0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vXnQYmG3g7WFjzK8liZl9CzKGMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:91:b6:be:aa:85:94:d2:89:cf:d1:d7:a1:d8:6a:a1:7b:16:
1d:ff:38:f5:9a:cb:99:54:ef:a3:90:f7:7e:f7:df:a7:26:a9:
05:6a:3d:ba:5c:33:f8:60:ca:e7:c9:e1:cb:c3:6f:5a:c6:fb:
99:ba:b4:e0:a3:64:92:47:04:0a:5c:7e:5f:60:19:5d:59:b7:
a2:66:51:dd:ce:2c:c6:81:06:a1:53:18:1b:a7:fe:72:2d:cf:
75:10:1b:e6:11:d8:b3:dd:4e:5b:78:4b:10:df:fd:5d:4e:85:
83:72:39:c6:4f:f1:30:38:90:41:04:60:d4:e3:96:5e:b1:f6:
b4:b8:5e:48:6d:12:ed:8b:70:bb:ae:3e:64:40:37:a9:dd:46:
80:42:da:23:45:34:4b:69:e7:54:de:3b:55:6e:27:de:9e:9a:
61:c9:e4:c5:a3:02:a1:f6:ee:d9:66:8b:dc:03:f1:8e:6e:7c:
2b:44:3c:10:32:45:34:0e:7b:61:d3:13:79:d7:7f:1b:ab:43:
26:b3:45:da:ae:e6:43:d8:8e:04:e5:10:25:c5:5c:28:cc:77:
09:01:0c:a1:c2:06:d5:90:fd:2b:f1:2d:1e:f0:4c:12:c6:14:
a9:9f:2f:0f:6a:ff:49:17:af:5d:6f:b3:b8:c9:87:fc:44:d8:
c2:6a:0d:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/L+8umgcNdhY/jdUI+zNTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMDAxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc5ZDA2MjYxYjc4M2I1ODU4ZjMyYmM5NjI2NjVmNDJjY2ExOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzIZL5AWEr3gSZPs/HqiFitdN6aB
SmpqwZzsyQ6BW4fQxXWtLRWJLTVe4plBQP3mR2N69Y4wlYxA5cslEMGYE8sryLN4
CW2c//3UI+LMFz1w6vXlfDiqbAqPSqX/MSARGq4fPOy1uqfX0vkRm4RsSw8/a6Co
T17dNGhMSDwvCs5eps7CbUiezpSdP5oIJw8CzB3aabkLFzRbvJJrO1k5PPa4g94X
LaiKhxLMjSxfLfUyZVTG82pO4Uf4k+m7jz9bvv2Vw4iyE2XvWDno87p2qmYY/i0w
Kr6trXJ57yrSWMrjYEFihfaWmgq9cvNlNrss3t4wfth4pDQEAOOkJpKgLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL150GJht4O1hY8yvJYmZfQsyhjAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdlhuUVltRzNnN1dGanpLOGxpWmw5Q3pLR01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGRtr6qhZTSic/R16HY
aqF7Fh3/OPWay5lU76OQ937336cmqQVqPbpcM/hgyufJ4cvDb1rG+5m6tOCjZJJH
BApcfl9gGV1Zt6JmUd3OLMaBBqFTGBun/nItz3UQG+YR2LPdTlt4SxDf/V1OhYNy
OcZP8TA4kEEEYNTjll6x9rS4XkhtEu2LcLuuPmRAN6ndRoBC2iNFNEtp51TeO1Vu
J96emmHJ5MWjAqH27tlmi9wD8Y5ufCtEPBAyRTQOe2HTE3nXfxurQyazRdqu5kPY
jgTlECXFXCjMdwkBDKHCBtWQ/SvxLR7wTBLGFKmfLw9q/0kXr11vs7jJh/xE2MJq
DUQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:34:48 2025 by rpki-client