Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yrI2e3eaHLEP1ykc9ueXRHloGyY.roa
File: yrI2e3eaHLEP1ykc9ueXRHloGyY.roa (raw, json)
Hash identifier: 7lR6LZ7tObTlJfV2HIIpM8NdGse90Tlj7jENUEuP/TM=
Subject key identifier: CA:B2:36:7B:77:9A:1C:B1:0F:D7:29:1C:F6:E7:97:44:79:68:1B:26
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907DA8E2F7A1C105F75E84CF6DCFA6316A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yrI2e3eaHLEP1ykc9ueXRHloGyY.roa
Signing time: Thu 04 Jul 2024 12:12:18 +0000
ROA not before: Thu 04 Jul 2024 12:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:a8:e2:f7:a1:c1:05:f7:5e:84:cf:6d:cf:a6:31:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 4 12:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cab2367b779a1cb10fd7291cf6e7974479681b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9a:44:fb:3a:f8:8f:da:6d:d1:32:72:23:95:
7b:86:9d:26:06:8c:27:81:17:ec:2f:ec:d8:84:a5:
89:d1:c1:62:92:fc:d2:56:cd:64:e7:86:6e:e4:54:
ef:ca:d1:0f:43:f1:8d:e8:14:58:31:aa:b2:d0:9c:
66:31:c4:5d:81:61:47:9b:67:08:c5:f7:8a:3a:77:
fe:f4:4a:b0:dc:78:60:29:06:5c:c9:eb:30:7c:55:
d5:73:15:05:41:aa:a8:19:7a:91:28:85:da:9d:21:
59:a9:30:ae:69:fb:2a:9e:d1:e2:6a:46:68:2a:da:
9d:9b:44:99:8d:4d:f3:c1:89:21:5b:39:db:38:13:
0c:13:f1:54:1d:c3:97:dd:8e:98:64:ad:28:9c:74:
08:c1:32:18:f4:28:11:8b:5e:7d:69:6f:cf:48:cc:
9f:97:f2:b4:9d:d3:cd:25:97:61:34:ff:96:f9:34:
0c:8c:42:9e:d3:ae:c6:cd:e4:bf:79:4d:9c:3c:34:
81:d1:8e:09:6d:ec:18:62:48:aa:13:e9:a0:63:d7:
46:01:0b:7a:af:c4:ad:2a:e4:27:01:f6:ae:77:11:
2d:ed:0b:b8:9c:b0:7a:d6:3c:2d:bd:30:c4:e3:26:
9f:17:ca:ef:6a:10:0a:44:88:d4:a3:0e:eb:a4:9b:
47:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B2:36:7B:77:9A:1C:B1:0F:D7:29:1C:F6:E7:97:44:79:68:1B:26
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yrI2e3eaHLEP1ykc9ueXRHloGyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:47:fa:a4:48:22:e3:c0:7f:56:e1:38:3c:49:3c:ad:6e:35:
a0:2e:a9:bf:85:92:a7:d5:c2:98:61:85:ca:b9:c0:80:ed:ff:
dd:ea:dc:b8:94:3e:f1:b5:34:1e:2d:50:55:a2:15:a7:38:21:
e2:fc:43:91:ae:9d:5f:43:df:38:d3:e6:44:c2:da:2e:43:d4:
04:1e:6e:bf:1e:e2:25:3a:b3:c3:47:c8:dd:49:6c:a0:7d:81:
9d:48:e7:7c:4e:ce:6f:6c:b5:b9:e7:e2:c5:ec:60:2e:a5:2a:
0b:9d:c9:ad:7a:fb:0b:80:35:ee:c3:6f:fd:14:fa:3b:ad:d1:
ba:6c:b7:84:50:38:8c:61:fa:ce:ae:34:21:56:0a:f4:4d:3d:
d5:34:16:23:3e:eb:9c:3a:d5:d4:61:1b:b4:bf:65:e1:95:59:
f7:25:55:c0:c5:15:4d:d1:ff:2a:fe:4c:2d:e3:c9:1a:f6:53:
66:42:83:f8:e7:ca:b5:7d:45:63:81:9e:f7:2f:3c:39:39:a5:
28:6c:2e:e2:a3:00:c1:3e:59:32:c9:4e:5a:94:22:e0:51:b9:
99:3a:a0:8a:94:29:37:fc:df:e6:53:18:f8:97:ad:5a:44:a8:
9c:59:8a:0a:68:67:c7:0d:fb:71:90:0b:71:23:d6:16:e0:8e:
91:a8:fb:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB9qOL3ocEF916Ez23PpjFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA0MTIxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIyMzY3Yjc3OWExY2IxMGZkNzI5MWNmNmU3OTc0NDc5NjgxYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZpE+zr4j9pt0TJyI5V7hp0mBown
gRfsL+zYhKWJ0cFikvzSVs1k54Zu5FTvytEPQ/GN6BRYMaqy0JxmMcRdgWFHm2cI
xfeKOnf+9Eqw3HhgKQZcyeswfFXVcxUFQaqoGXqRKIXanSFZqTCuafsqntHiakZo
Ktqdm0SZjU3zwYkhWznbOBMME/FUHcOX3Y6YZK0onHQIwTIY9CgRi159aW/PSMyf
l/K0ndPNJZdhNP+W+TQMjEKe067GzeS/eU2cPDSB0Y4JbewYYkiqE+mgY9dGAQt6
r8StKuQnAfaudxEt7Qu4nLB61jwtvTDE4yafF8rvahAKRIjUow7rpJtHwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqyNnt3mhyxD9cpHPbnl0R5aBsmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveXJJMmUzZWFITEVQMXlrYzl1ZVhSSGxvR3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIJH+qRIIuPAf1bhODxJ
PK1uNaAuqb+FkqfVwphhhcq5wIDt/93q3LiUPvG1NB4tUFWiFac4IeL8Q5GunV9D
3zjT5kTC2i5D1AQebr8e4iU6s8NHyN1JbKB9gZ1I53xOzm9stbnn4sXsYC6lKgud
ya16+wuANe7Db/0U+jut0bpst4RQOIxh+s6uNCFWCvRNPdU0FiM+65w61dRhG7S/
ZeGVWfclVcDFFU3R/yr+TC3jyRr2U2ZCg/jnyrV9RWOBnvcvPDk5pShsLuKjAME+
WTLJTlqUIuBRuZk6oIqUKTf83+ZTGPiXrVpEqJxZigpoZ8cN+3GQC3Ej1hbgjpGo
+wE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:22 2025 by rpki-client