Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vpWXli9waY4pLiGVacKzQxBmX2s.roa
File: vpWXli9waY4pLiGVacKzQxBmX2s.roa (raw, json)
Hash identifier: 7vaOq7ms/ulx58li8Rzx99BdAMculEyY1JP0tepcGHc=
Subject key identifier: BE:95:97:96:2F:70:69:8E:29:2E:21:95:69:C2:B3:43:10:66:5F:6B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019052F4D1C582983B5FF6ED1FD30CC52CED
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vpWXli9waY4pLiGVacKzQxBmX2s.roa
Signing time: Wed 26 Jun 2024 05:11:34 +0000
ROA not before: Wed 26 Jun 2024 05:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:52:f4:d1:c5:82:98:3b:5f:f6:ed:1f:d3:0c:c5:2c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 26 05:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be9597962f70698e292e219569c2b34310665f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a7:11:00:0e:59:03:d6:94:0e:6e:ef:b3:0f:
3a:91:2a:17:51:2b:6b:c4:6f:15:ef:47:88:4a:c3:
24:ad:f2:5f:dc:24:37:c6:49:c1:74:dc:d0:1b:26:
f6:f3:de:73:7b:c1:13:a9:a6:92:57:e4:80:9e:e8:
cd:d4:cd:5f:37:c1:97:4d:2c:f9:10:ed:40:07:36:
7a:b4:40:6c:91:37:75:54:48:02:8c:99:0d:39:24:
17:b9:92:05:4a:c0:94:fa:0c:ce:b1:d7:f7:d5:22:
bf:7c:7b:f9:d0:e9:57:77:00:8a:86:d8:47:67:78:
33:66:d6:60:88:56:e7:77:13:62:95:4b:41:a5:97:
3a:34:99:00:6f:02:e2:96:1b:d4:78:81:71:8b:1a:
7f:6c:e1:14:a5:c7:45:2b:e9:fc:8f:a6:02:31:8b:
a2:fb:ee:54:5b:c3:92:a6:7b:ef:06:9c:7e:dd:08:
5a:8a:c6:8a:8a:f2:82:89:d0:7e:af:d1:38:cf:4f:
9a:3f:0a:83:60:78:fa:15:82:a1:e2:1f:23:e8:2d:
3d:20:2a:65:76:32:b4:e2:20:6a:74:e8:ae:08:f1:
56:71:c5:53:09:6f:6f:b0:72:11:fd:54:87:47:25:
8f:97:8c:ee:d1:f1:a8:18:dc:98:bb:b0:ab:f7:d6:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:95:97:96:2F:70:69:8E:29:2E:21:95:69:C2:B3:43:10:66:5F:6B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vpWXli9waY4pLiGVacKzQxBmX2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:12:50:c8:d4:cf:31:8d:a3:57:a9:57:32:6b:b0:26:e6:bf:
b8:67:20:8b:e8:7e:23:f7:f1:7c:f7:2e:18:71:9b:14:3e:7a:
e0:40:df:58:9b:7f:ff:f2:ac:c2:0f:7f:e9:87:8e:e7:00:17:
10:d2:e4:51:03:9e:29:b3:7f:60:08:6c:0f:01:79:b8:8f:0f:
a4:ae:06:31:6f:d2:f4:f8:59:3c:83:be:e6:52:74:8e:23:fb:
b2:27:7f:54:fd:fa:75:84:63:eb:51:07:3e:4b:5a:c1:40:f3:
fd:b5:af:7a:69:a4:57:45:46:b2:5d:73:28:75:5b:29:6a:f7:
e5:7f:b3:9a:79:3a:f1:b4:4c:24:7f:ea:3d:6e:08:f9:51:3e:
11:b3:4e:21:ce:38:b8:aa:f5:88:f7:a7:19:4d:c6:69:59:ca:
af:1a:c2:5c:04:4f:65:8a:6d:43:19:ef:6d:b9:15:41:10:00:
cd:7b:1b:bc:cc:78:9c:82:00:40:42:ad:1f:8b:23:8a:b7:c2:
21:e9:be:ce:c5:1c:1e:f5:ea:05:c6:55:04:c7:47:6b:92:7f:
89:ad:5b:69:31:39:5b:c9:70:7d:40:dc:c1:85:5b:df:20:c4:
d2:1c:1a:dd:f3:49:1e:31:35:d0:85:f8:27:7a:f8:fa:7b:8c:
a5:44:b6:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBS9NHFgpg7X/btH9MMxSztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI2MDUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTk1OTc5NjJmNzA2OThlMjkyZTIxOTU2OWMyYjM0MzEwNjY1ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KcRAA5ZA9aUDm7vsw86kSoXUStr
xG8V70eISsMkrfJf3CQ3xknBdNzQGyb2895ze8ETqaaSV+SAnujN1M1fN8GXTSz5
EO1ABzZ6tEBskTd1VEgCjJkNOSQXuZIFSsCU+gzOsdf31SK/fHv50OlXdwCKhthH
Z3gzZtZgiFbndxNilUtBpZc6NJkAbwLilhvUeIFxixp/bOEUpcdFK+n8j6YCMYui
++5UW8OSpnvvBpx+3QhaisaKivKCidB+r9E4z0+aPwqDYHj6FYKh4h8j6C09ICpl
djK04iBqdOiuCPFWccVTCW9vsHIR/VSHRyWPl4zu0fGoGNyYu7Cr99avIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL6Vl5YvcGmOKS4hlWnCs0MQZl9rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdnBXWGxpOXdhWTRwTGlHVmFjS3pReEJtWDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI8SUMjUzzGNo1epVzJr
sCbmv7hnIIvofiP38Xz3LhhxmxQ+euBA31ibf//yrMIPf+mHjucAFxDS5FEDnimz
f2AIbA8BebiPD6SuBjFv0vT4WTyDvuZSdI4j+7Inf1T9+nWEY+tRBz5LWsFA8/21
r3pppFdFRrJdcyh1Wylq9+V/s5p5OvG0TCR/6j1uCPlRPhGzTiHOOLiq9Yj3pxlN
xmlZyq8awlwET2WKbUMZ7225FUEQAM17G7zMeJyCAEBCrR+LI4q3wiHpvs7FHB71
6gXGVQTHR2uSf4mtW2kxOVvJcH1A3MGFW98gxNIcGt3zSR4xNdCF+Cd6+Pp7jKVE
tmI=
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:50:45 2025 by rpki-client