Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IF-9grzBttztZG7qf7BYFg-no0A.roa
File: IF-9grzBttztZG7qf7BYFg-no0A.roa (raw, json)
Hash identifier: dmprRkiMCd8zfvs7do8/eqDx9qEuKvpnLWkSHxh9vTc=
Subject key identifier: 20:5F:BD:82:BC:C1:B6:DC:ED:64:6E:EA:7F:B0:58:16:0F:A7:A3:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B2A2D5CC68008354B1B212F8B577BB4D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IF-9grzBttztZG7qf7BYFg-no0A.roa
Signing time: Sun 14 Jul 2024 19:05:34 +0000
ROA not before: Sun 14 Jul 2024 19:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:b2a2:10d2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b2:a2:d5:cc:68:00:83:54:b1:b2:12:f8:b5:77:bb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 14 19:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=205fbd82bcc1b6dced646eea7fb058160fa7a340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c3:10:60:74:96:b0:bd:36:1f:1e:5f:4c:57:
8c:a8:0f:01:b1:18:39:ea:7f:63:85:a5:af:d1:b4:
7f:e5:e5:f2:e6:4e:58:21:27:97:25:03:94:f9:87:
1a:8c:10:b6:35:a0:03:97:d6:51:18:eb:3b:04:2a:
cf:63:52:90:22:f7:56:05:7a:37:d6:ed:2a:b1:bd:
03:8d:9a:d5:7f:09:6f:83:36:77:a8:9b:82:26:b1:
98:e4:21:37:92:e1:42:d9:57:0c:4d:ec:26:c1:d0:
43:27:d1:1f:e7:a8:8a:e7:76:13:cc:f1:ae:d0:4b:
7c:67:30:25:5a:ed:4d:c2:16:d4:95:82:10:b6:d3:
7d:7c:3e:bb:77:41:d9:c5:12:d9:9e:c7:7e:7a:18:
83:7a:b4:64:6d:fb:b4:27:24:43:ee:35:ee:ce:9f:
50:72:79:16:34:5d:fd:8c:50:ca:c3:e2:8d:c4:bf:
81:bb:eb:8d:76:4e:8e:0c:41:59:5a:38:a2:39:81:
7c:c1:f3:46:6d:4a:c5:da:d2:7e:ef:8f:36:19:c2:
b5:85:cc:af:d0:d8:44:f5:df:19:fd:00:9c:df:0c:
57:ea:62:fc:cc:35:46:bf:ef:b5:9a:89:d9:8b:73:
0e:7c:2d:98:1d:cc:00:ea:66:ad:35:be:99:8b:53:
d9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5F:BD:82:BC:C1:B6:DC:ED:64:6E:EA:7F:B0:58:16:0F:A7:A3:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IF-9grzBttztZG7qf7BYFg-no0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:ff:9e:aa:fd:6b:b1:ed:91:01:d0:4a:e5:e6:66:b1:7c:fe:
b1:59:c8:1c:eb:3a:70:ba:e9:dc:77:5e:fd:bf:40:65:79:f4:
6d:63:07:b7:c7:a9:56:f4:5e:ae:88:b0:91:30:49:a3:ec:15:
41:9a:3d:39:c1:18:c4:02:a9:02:ce:85:7a:6d:80:ed:a8:9c:
ee:5c:09:d5:b8:87:96:f8:07:82:e0:a6:b7:fc:c0:7f:fa:01:
e2:25:25:a4:34:63:b9:36:6a:b7:b7:85:6f:13:45:bf:0f:58:
89:6e:a5:f6:1c:40:70:d8:04:38:4e:a2:83:47:50:1b:a6:64:
1c:8f:e6:d7:6d:51:9d:29:25:e4:34:ab:c4:56:31:7a:a9:68:
55:f1:ff:28:17:e7:43:55:08:ef:b7:3b:f1:de:a1:39:c5:4f:
0c:a5:5b:b3:a9:fb:e7:06:dd:39:3f:47:49:29:06:53:07:ca:
13:6b:01:6a:65:af:40:13:3b:5d:1e:8f:aa:37:35:50:c1:7b:
2d:18:15:5b:ee:7c:06:2f:05:be:90:be:1d:e3:2c:d2:53:a2:
c6:b4:a0:d2:8f:4b:80:90:f9:1c:cb:dc:4c:e4:f5:86:b6:0a:
0c:66:8c:18:a6:20:22:ec:b2:14:13:21:4f:5f:53:1f:b8:4c:
40:2b:59:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCyotXMaACDVLGyEvi1d7tNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE0MTkwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDVmYmQ4MmJjYzFiNmRjZWQ2NDZlZWE3ZmIwNTgxNjBmYTdhMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMMQYHSWsL02Hx5fTFeMqA8BsRg5
6n9jhaWv0bR/5eXy5k5YISeXJQOU+YcajBC2NaADl9ZRGOs7BCrPY1KQIvdWBXo3
1u0qsb0DjZrVfwlvgzZ3qJuCJrGY5CE3kuFC2VcMTewmwdBDJ9Ef56iK53YTzPGu
0Et8ZzAlWu1NwhbUlYIQttN9fD67d0HZxRLZnsd+ehiDerRkbfu0JyRD7jXuzp9Q
cnkWNF39jFDKw+KNxL+Bu+uNdk6ODEFZWjiiOYF8wfNGbUrF2tJ+7482GcK1hcyv
0NhE9d8Z/QCc3wxX6mL8zDVGv++1monZi3MOfC2YHcwA6matNb6Zi1PZmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCBfvYK8wbbc7WRu6n+wWBYPp6NAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSUYtOWdyekJ0dHp0Wkc3cWY3QllGZy1ubzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF//nqr9a7HtkQHQSuXm
ZrF8/rFZyBzrOnC66dx3Xv2/QGV59G1jB7fHqVb0Xq6IsJEwSaPsFUGaPTnBGMQC
qQLOhXptgO2onO5cCdW4h5b4B4Lgprf8wH/6AeIlJaQ0Y7k2are3hW8TRb8PWIlu
pfYcQHDYBDhOooNHUBumZByP5tdtUZ0pJeQ0q8RWMXqpaFXx/ygX50NVCO+3O/He
oTnFTwylW7Op++cG3Tk/R0kpBlMHyhNrAWplr0ATO10ej6o3NVDBey0YFVvufAYv
Bb6Qvh3jLNJTosa0oNKPS4CQ+RzL3Ezk9Ya2CgxmjBimICLsshQTIU9fUx+4TEAr
WXI=
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:48:22 2025 by rpki-client