Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xHki0sjh1zhCPYtzt0UjhU7Jvk0.roa
File: xHki0sjh1zhCPYtzt0UjhU7Jvk0.roa (raw, json)
Hash identifier: E5jts9hOoWI4kEnUk0yCPzG05QTr08I2qvuyQ8VJD30=
Subject key identifier: C4:79:22:D2:C8:E1:D7:38:42:3D:8B:73:B7:45:23:85:4E:C9:BE:4D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909204502038E8D7E0F9C02F6272F789CA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xHki0sjh1zhCPYtzt0UjhU7Jvk0.roa
Signing time: Mon 08 Jul 2024 11:04:34 +0000
ROA not before: Mon 08 Jul 2024 11:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:9204:227d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:04:50:20:38:e8:d7:e0:f9:c0:2f:62:72:f7:89:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 11:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c47922d2c8e1d738423d8b73b74523854ec9be4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:2d:16:2b:48:73:f9:a9:37:a5:3c:be:52:
56:9d:6f:c5:27:be:12:08:6b:c2:2b:ab:6e:ff:cc:
0e:59:ca:8f:e6:84:40:f6:72:ee:5f:52:9c:be:43:
18:87:8e:97:24:c7:81:88:56:f2:6f:76:2e:72:1b:
40:ec:a2:bc:eb:26:71:25:15:c9:a8:94:9f:08:22:
d5:fc:0e:37:90:e7:26:5a:b6:d5:83:f0:c2:95:6a:
81:f1:0a:20:7e:be:0b:6e:75:95:e6:36:73:e1:96:
f9:ae:ab:98:21:98:f9:60:1e:d9:a3:f3:99:dc:fd:
80:25:ae:c9:13:70:07:3e:67:ec:13:38:ae:4c:81:
f5:88:e8:1f:6e:04:73:c6:a3:89:94:bf:07:56:99:
47:d5:8e:91:fe:06:2d:cf:1e:6b:43:3b:10:05:ec:
03:0e:56:fe:a7:d7:b8:8b:19:71:56:ed:43:f4:88:
56:d3:e3:77:4e:d1:3b:43:e4:bc:73:d3:fd:73:f9:
d7:db:e4:1f:0e:9f:e7:ca:eb:48:b8:06:1b:dc:6e:
10:65:10:14:d1:d9:f5:f9:d4:ce:05:c7:e2:f2:4f:
4c:7d:05:99:7d:13:84:11:d4:67:de:d1:73:d0:bd:
e2:d8:c4:96:d9:ff:61:bb:b6:79:19:d1:a8:c5:10:
5c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:79:22:D2:C8:E1:D7:38:42:3D:8B:73:B7:45:23:85:4E:C9:BE:4D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xHki0sjh1zhCPYtzt0UjhU7Jvk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:fd:34:1f:bf:5c:d4:4f:fa:64:b7:1a:7b:43:c5:2c:0d:11:
9b:7e:56:a4:f8:a9:d6:62:6e:50:63:5b:23:9e:77:46:69:f7:
10:2a:37:73:03:18:f0:65:25:a4:27:6e:73:7b:17:b8:f9:0f:
0a:cd:eb:67:44:be:15:db:91:28:3e:ef:cf:91:34:18:89:71:
37:b6:82:b0:3e:46:8b:4e:01:b6:9f:b3:2f:56:2a:0d:22:3f:
b1:22:21:2f:fe:08:a7:6b:00:e6:3f:0b:78:01:70:6f:59:54:
a9:ad:94:aa:bf:71:49:23:ea:39:bb:93:bf:0d:ff:f7:a3:91:
80:4d:d6:9b:5e:54:13:58:85:bc:d5:84:81:d9:a3:ac:1c:86:
82:20:d4:c1:20:67:b2:48:06:46:06:b2:2d:d4:39:4c:1b:56:
77:c4:e8:a7:ad:81:ce:fd:a4:0e:98:08:39:d0:95:19:f7:72:
b9:48:8d:d3:f7:57:be:d6:5f:5a:58:2d:24:86:dd:45:2e:e0:
19:cc:34:b2:2a:08:50:17:b8:e3:c4:57:d6:0c:9d:69:94:69:
10:03:8c:0b:84:16:22:a4:e5:64:af:3c:bb:1b:13:c4:9b:fd:
0c:d7:4e:40:10:18:ee:09:07:1f:2d:6a:d5:a5:2f:a8:75:b6:
0e:1c:21:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCSBFAgOOjX4PnAL2Jy94nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MTEwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc5MjJkMmM4ZTFkNzM4NDIzZDhiNzNiNzQ1MjM4NTRlYzliZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZgtFitIc/mpN6U8vlJWnW/FJ74S
CGvCK6tu/8wOWcqP5oRA9nLuX1KcvkMYh46XJMeBiFbyb3YuchtA7KK86yZxJRXJ
qJSfCCLV/A43kOcmWrbVg/DClWqB8Qogfr4LbnWV5jZz4Zb5rquYIZj5YB7Zo/OZ
3P2AJa7JE3AHPmfsEziuTIH1iOgfbgRzxqOJlL8HVplH1Y6R/gYtzx5rQzsQBewD
Dlb+p9e4ixlxVu1D9IhW0+N3TtE7Q+S8c9P9c/nX2+QfDp/nyutIuAYb3G4QZRAU
0dn1+dTOBcfi8k9MfQWZfROEEdRn3tFz0L3i2MSW2f9hu7Z5GdGoxRBcXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMR5ItLI4dc4Qj2Lc7dFI4VOyb5NMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveEhraTBzamgxemhDUFl0enQwVWpoVTdKdmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC39NB+/XNRP+mS3GntD
xSwNEZt+VqT4qdZiblBjWyOed0Zp9xAqN3MDGPBlJaQnbnN7F7j5DwrN62dEvhXb
kSg+78+RNBiJcTe2grA+RotOAbafsy9WKg0iP7EiIS/+CKdrAOY/C3gBcG9ZVKmt
lKq/cUkj6jm7k78N//ejkYBN1pteVBNYhbzVhIHZo6wchoIg1MEgZ7JIBkYGsi3U
OUwbVnfE6Ketgc79pA6YCDnQlRn3crlIjdP3V77WX1pYLSSG3UUu4BnMNLIqCFAX
uOPEV9YMnWmUaRADjAuEFiKk5WSvPLsbE8Sb/QzXTkAQGO4JBx8tatWlL6h1tg4c
IQQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:41:39 2025 by rpki-client