Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zPmj5qx-OeTYHx0eWyJgPaX7MZg.roa
File: zPmj5qx-OeTYHx0eWyJgPaX7MZg.roa (raw, json)
Hash identifier: t7/Ooh20+6k00LC+DaRwUThBZszqBf9BgTHLWtYYBvU=
Subject key identifier: CC:F9:A3:E6:AC:7E:39:E4:D8:1F:1D:1E:5B:22:60:3D:A5:FB:31:98
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190931D61436866B9BDDA3A23E88645FA3F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zPmj5qx-OeTYHx0eWyJgPaX7MZg.roa
Signing time: Mon 08 Jul 2024 16:11:34 +0000
ROA not before: Mon 08 Jul 2024 16:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:93:1d:61:43:68:66:b9:bd:da:3a:23:e8:86:45:fa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 8 16:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccf9a3e6ac7e39e4d81f1d1e5b22603da5fb3198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ae:9c:3c:1f:4e:18:53:49:e6:95:7d:1c:3b:
40:49:e1:9a:7f:2f:4b:07:19:6a:e1:64:f1:16:e0:
3e:bc:c5:02:7d:a7:4b:ac:5a:bc:f0:ae:02:7e:47:
8c:2f:73:06:f1:3c:09:38:91:38:40:94:a2:66:bd:
58:0b:69:4b:2f:40:77:98:18:d4:0c:79:19:8c:6e:
06:8d:d3:7d:0f:23:25:7b:02:04:43:58:33:ae:66:
bc:80:83:90:11:3e:ae:87:91:9f:f4:0e:09:13:2d:
d1:56:1c:e0:c2:f2:d4:9c:5d:b2:88:ef:cb:b5:31:
95:73:8a:1e:2b:74:1b:f2:b3:26:86:f0:9b:46:22:
55:f5:8b:21:3e:46:d2:32:80:ab:14:e1:fb:06:03:
da:94:6e:5b:9f:8f:79:19:8a:a5:4b:d4:a6:9f:29:
01:bf:bb:91:67:19:6f:7f:0f:99:97:7a:19:92:83:
b3:1e:e0:ea:cf:0d:97:c3:48:a8:99:0e:60:65:79:
48:a2:b8:4e:9a:d8:15:48:fb:1f:11:3a:fb:0f:8e:
df:16:ec:fb:d6:6e:49:46:40:4e:f5:6a:a0:dc:99:
27:44:da:20:d8:40:6e:8c:ae:73:a9:a0:3a:5d:c1:
64:a7:56:b8:4b:79:9d:4f:41:50:65:e4:f1:c7:86:
74:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F9:A3:E6:AC:7E:39:E4:D8:1F:1D:1E:5B:22:60:3D:A5:FB:31:98
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zPmj5qx-OeTYHx0eWyJgPaX7MZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:73:f2:27:d7:21:04:d9:b0:80:0f:8a:04:2e:5a:eb:44:9e:
e1:a3:f6:fc:15:4c:3d:d8:f5:0c:5a:91:f1:6c:cf:6f:50:db:
73:83:71:5d:ad:b5:fd:63:0e:18:fb:be:f3:6a:db:17:92:c0:
82:9d:2a:14:52:ce:55:99:50:6e:85:c5:a4:34:d7:de:b2:4a:
a2:18:be:38:3b:36:25:56:66:ed:ec:a3:72:52:91:1d:a7:2c:
a4:08:87:be:51:24:52:c0:f4:56:53:a7:be:ab:5c:e0:1b:3a:
a1:7b:ef:f4:3b:f8:18:86:5d:c7:d8:0f:0b:ff:93:16:6a:77:
1e:d9:b7:6c:27:58:95:e5:9f:a0:49:b6:b6:82:eb:bf:79:50:
a4:fc:07:5e:e6:4b:38:f6:23:1c:94:d9:e6:03:a1:2b:e7:80:
2d:4f:cd:19:24:4b:ae:5e:85:b1:ff:93:c1:27:14:f5:65:d2:
08:9d:d7:63:e8:aa:18:2c:e8:ba:85:9f:9a:eb:6f:10:d7:8a:
1a:f6:f0:6e:23:cf:46:9c:7d:36:cb:58:64:1f:07:fc:56:e4:
cd:a3:8b:20:0a:5b:c7:c6:fd:bc:64:f1:01:60:bc:72:f4:53:
41:3c:c8:71:14:9e:28:54:9a:62:5b:e2:3b:d2:92:36:73:c9:
14:90:d3:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCTHWFDaGa5vdo6I+iGRfo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA4MTYxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Y5YTNlNmFjN2UzOWU0ZDgxZjFkMWU1YjIyNjAzZGE1ZmIzMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq6cPB9OGFNJ5pV9HDtASeGafy9L
Bxlq4WTxFuA+vMUCfadLrFq88K4CfkeML3MG8TwJOJE4QJSiZr1YC2lLL0B3mBjU
DHkZjG4GjdN9DyMlewIEQ1gzrma8gIOQET6uh5Gf9A4JEy3RVhzgwvLUnF2yiO/L
tTGVc4oeK3Qb8rMmhvCbRiJV9YshPkbSMoCrFOH7BgPalG5bn495GYqlS9SmnykB
v7uRZxlvfw+Zl3oZkoOzHuDqzw2Xw0iomQ5gZXlIorhOmtgVSPsfETr7D47fFuz7
1m5JRkBO9Wqg3JknRNog2EBujK5zqaA6XcFkp1a4S3mdT0FQZeTxx4Z0GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMz5o+asfjnk2B8dHlsiYD2l+zGYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvelBtajVxeC1PZVRZSHgwZVd5SmdQYVg3TVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZz8ifXIQTZsIAPigQu
WutEnuGj9vwVTD3Y9QxakfFsz29Q23ODcV2ttf1jDhj7vvNq2xeSwIKdKhRSzlWZ
UG6FxaQ0196ySqIYvjg7NiVWZu3so3JSkR2nLKQIh75RJFLA9FZTp76rXOAbOqF7
7/Q7+BiGXcfYDwv/kxZqdx7Zt2wnWJXln6BJtraC6795UKT8B17mSzj2IxyU2eYD
oSvngC1PzRkkS65ehbH/k8EnFPVl0gid12Poqhgs6LqFn5rrbxDXihr28G4jz0ac
fTbLWGQfB/xW5M2jiyAKW8fG/bxk8QFgvHL0U0E8yHEUnihUmmJb4jvSkjZzyRSQ
03I=
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:53:02 2025 by rpki-client