Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DTFLEZbU53RUxpbGCJ7xpH1wiT4.roa
File: DTFLEZbU53RUxpbGCJ7xpH1wiT4.roa (raw, json)
Hash identifier: ijyiWI9NCfuTWvoi057x4Mhna5X/5xBxTCKG7ZnDJYo=
Subject key identifier: 0D:31:4B:11:96:D4:E7:74:54:C6:96:C6:08:9E:F1:A4:7D:70:89:3E
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019426D9ED40FB666BC514DDA965765E9F3F
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DTFLEZbU53RUxpbGCJ7xpH1wiT4.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21473
IP address blocks: 152.89.92.0/22 maxlen: 24
2a0c:6b00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ed:40:fb:66:6b:c5:14:dd:a9:65:76:5e:9f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d314b1196d4e77454c696c6089ef1a47d70893e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:64:a7:d5:85:9a:65:27:5f:67:a9:b0:6c:99:
59:4f:97:dc:50:6e:d9:f1:c2:68:0e:54:53:e2:cc:
4e:63:ca:f9:c4:b0:a9:de:c8:79:e4:6e:35:39:f4:
53:ec:cc:b9:a8:bc:10:df:71:be:da:37:98:b6:af:
85:96:14:68:85:49:c8:50:16:34:8b:1f:13:e9:2d:
35:0b:db:96:f4:f4:12:99:b8:47:68:78:58:06:94:
c1:0e:28:3a:2d:f5:98:58:e0:35:a3:28:f3:0e:f1:
17:d7:24:ee:86:49:a2:df:72:79:b2:8c:b8:a3:36:
8c:6f:35:14:75:26:b9:28:e5:be:c0:ba:22:8e:21:
60:c7:21:2b:90:a5:dd:c5:31:d7:01:37:8d:ba:e9:
64:27:86:60:83:ca:d1:42:17:f0:da:2b:0d:66:10:
f4:07:81:74:36:18:21:68:af:15:dc:b7:33:0b:33:
a3:02:32:a9:8d:2f:46:6e:6c:4b:57:0a:25:fc:f0:
4f:54:f7:a9:50:cc:a5:9d:fb:56:b9:ae:1f:0c:ec:
63:11:91:3d:a1:6b:6b:10:32:65:ef:3f:e9:be:92:
4f:ca:ef:e0:de:b9:d1:09:d2:3a:c4:da:bf:85:af:
b4:79:4b:03:59:20:89:30:2c:e9:45:14:c0:6e:cb:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:31:4B:11:96:D4:E7:74:54:C6:96:C6:08:9E:F1:A4:7D:70:89:3E
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DTFLEZbU53RUxpbGCJ7xpH1wiT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.92.0/22
IPv6:
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
69:a4:28:1c:7b:5a:8b:31:c9:3e:0d:d0:92:5e:62:cb:d2:d6:
16:74:b4:38:64:d3:08:59:8a:8a:f3:65:c9:ad:c9:62:47:e6:
d5:ea:0d:f3:7b:4d:94:48:78:6d:88:21:86:2e:be:20:be:ff:
3d:54:36:35:cb:76:a5:49:c8:5b:18:94:e8:cd:29:9c:a7:b2:
5c:97:dc:66:61:2e:08:83:03:bb:04:90:e2:55:66:9f:1d:fd:
00:8e:73:28:15:86:b5:2e:06:34:98:df:6e:f8:a1:a2:93:95:
49:3c:71:9a:53:56:c1:5e:be:06:92:50:a4:e2:ed:0d:6e:21:
bf:00:0b:e4:89:e3:72:21:9a:95:d2:90:ea:be:2a:9c:60:64:
44:d4:f9:0b:42:74:09:0f:d1:be:a5:0f:8b:4e:ae:98:af:a0:
f4:7d:41:ee:00:d5:fe:15:9a:25:06:19:90:22:97:ef:6b:9d:
c3:e6:6e:d5:31:c8:bd:16:0b:77:f7:b1:93:51:47:c6:77:53:
c1:5f:5d:b9:c1:ca:ab:44:9a:1f:b8:7a:01:e8:b4:26:1b:a5:
bb:f6:fd:ec:2a:e2:55:c2:63:8e:d9:a3:a5:e6:29:4a:16:dd:
46:b6:59:ef:3d:e5:cf:98:bc:ae:b1:bd:9c:e8:cb:e6:0c:d2:
18:fb:1a:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2e1A+2ZrxRTdqWV2Xp8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMxNGIxMTk2ZDRlNzc0NTRjNjk2YzYwODllZjFhNDdkNzA4OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WSn1YWaZSdfZ6mwbJlZT5fcUG7Z
8cJoDlRT4sxOY8r5xLCp3sh55G41OfRT7My5qLwQ33G+2jeYtq+FlhRohUnIUBY0
ix8T6S01C9uW9PQSmbhHaHhYBpTBDig6LfWYWOA1oyjzDvEX1yTuhkmi33J5soy4
ozaMbzUUdSa5KOW+wLoijiFgxyErkKXdxTHXATeNuulkJ4Zgg8rRQhfw2isNZhD0
B4F0NhghaK8V3LczCzOjAjKpjS9GbmxLVwol/PBPVPepUMylnftWua4fDOxjEZE9
oWtrEDJl7z/pvpJPyu/g3rnRCdI6xNq/ha+0eUsDWSCJMCzpRRTAbss3QQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA0xSxGW1Od0VMaWxgie8aR9cIk+MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvRFRGTEVaYlU1M1JVeHBiR0NKN3hwSDF3aVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFlcMA0E
AgACMAcDBQAqDGsAMA0GCSqGSIb3DQEBCwUAA4IBAQBppCgce1qLMck+DdCSXmLL
0tYWdLQ4ZNMIWYqK82XJrcliR+bV6g3ze02USHhtiCGGLr4gvv89VDY1y3alSchb
GJTozSmcp7Jcl9xmYS4IgwO7BJDiVWafHf0AjnMoFYa1LgY0mN9u+KGik5VJPHGa
U1bBXr4GklCk4u0NbiG/AAvkieNyIZqV0pDqviqcYGRE1PkLQnQJD9G+pQ+LTq6Y
r6D0fUHuANX+FZolBhmQIpfva53D5m7VMci9Fgt397GTUUfGd1PBX125wcqrRJof
uHoB6LQmG6W79v3sKuJVwmOO2aOl5ilKFt1GtlnvPeXPmLyusb2c6MvmDNIY+xoK
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:03:50 2025 by rpki-client