Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2sAMpxgXHgKn55Vce1OaBuovx7M.roa
File: 2sAMpxgXHgKn55Vce1OaBuovx7M.roa (raw, json)
Hash identifier: rlEl84Ucd2mYSdqSDxuAynoC1URxk5Ngd1y5P88oUvA=
Subject key identifier: DA:C0:0C:A7:18:17:1E:02:A7:E7:95:5C:7B:53:9A:06:EA:2F:C7:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEA3894ED19BC9B88986E978818BF212C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2sAMpxgXHgKn55Vce1OaBuovx7M.roa
Signing time: Wed 05 Jun 2024 21:05:27 +0000
ROA not before: Wed 05 Jun 2024 21:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:ea37:c228/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ea:38:94:ed:19:bc:9b:88:98:6e:97:88:18:bf:21:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 5 21:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dac00ca718171e02a7e7955c7b539a06ea2fc7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:05:5a:16:17:a8:e3:16:09:de:df:47:90:13:
fe:d1:e4:8a:bd:9b:77:71:1c:38:59:1a:98:25:8e:
28:bf:26:9e:d6:50:c4:87:e4:05:44:c5:74:6b:a4:
7e:fc:be:09:c4:53:4a:8d:74:0b:ec:fb:5f:ab:19:
61:f1:0d:2e:39:fe:5a:23:45:0c:18:f9:70:da:d5:
20:2f:45:bd:6b:a6:f2:a8:7d:f5:a6:28:ac:fd:15:
6f:99:3a:9a:70:b2:78:ce:16:f5:16:11:3b:81:d0:
8d:ca:97:a2:7e:12:5b:c7:87:af:66:f1:03:c4:68:
3f:9b:0e:1a:f7:93:6a:94:3a:7b:fd:33:0e:d2:c6:
40:0d:f3:70:3a:33:d0:c2:91:cb:91:ec:29:98:48:
eb:61:55:aa:51:71:f7:33:b0:48:a1:33:0b:52:6e:
eb:f5:bb:0b:be:75:5e:ef:21:6c:d7:e0:b0:0a:a0:
d2:44:d6:c3:63:ea:37:8f:c9:10:4c:df:4f:c8:a9:
02:ab:de:29:47:84:5b:aa:7b:0e:54:00:c8:2b:29:
06:f4:83:e3:2c:bc:b1:75:f7:4d:ca:12:0c:7f:49:
fe:63:ad:1c:5c:63:b5:29:37:0a:a0:66:b0:d7:48:
0e:a4:52:b0:90:2f:ef:a5:a3:19:95:91:b1:3f:78:
2a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C0:0C:A7:18:17:1E:02:A7:E7:95:5C:7B:53:9A:06:EA:2F:C7:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2sAMpxgXHgKn55Vce1OaBuovx7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:73:51:4f:20:03:7d:c6:87:00:a6:c8:06:7c:72:37:ac:fc:
41:0b:31:8a:b4:7a:27:0f:a7:e0:57:e6:34:e5:c8:b0:39:7b:
6c:92:d9:af:c0:6c:c4:f5:63:f6:2f:d3:7c:72:85:aa:7b:bd:
4b:ad:1e:ef:4d:b8:ec:37:7b:0c:47:3c:34:7f:17:a9:d2:0c:
5a:24:e0:41:19:d4:b5:ff:3b:4f:0e:03:42:26:7e:0f:e0:81:
70:2b:7d:5c:cc:0a:df:78:b5:cb:54:80:99:19:ef:40:b6:78:
00:b4:9b:97:40:c2:28:b1:b1:b3:7d:89:db:a1:75:80:ae:0a:
10:e2:d0:fb:b0:aa:62:63:87:f7:49:7f:fa:e2:3f:48:8e:12:
5b:25:50:61:1f:26:b1:2d:91:b3:70:e2:96:08:19:32:fa:e3:
a9:50:8e:9e:76:22:0a:eb:78:7b:67:9a:4c:31:27:e7:73:54:
1e:70:ff:76:16:42:03:c6:8d:78:0a:36:cd:7b:85:fc:7f:ef:
cb:f8:b6:58:b9:67:9e:57:65:b4:f0:03:cf:ba:75:6c:df:6a:
08:d0:f5:2b:69:c6:15:1b:da:89:a4:fc:5a:e5:19:60:bb:d0:
29:60:d9:0a:dc:ec:26:90:f6:43:ea:99:53:69:03:83:55:6a:
ae:9d:81:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/qOJTtGbybiJhul4gYvyEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA1MjEwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMwMGNhNzE4MTcxZTAyYTdlNzk1NWM3YjUzOWEwNmVhMmZjN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QVaFheo4xYJ3t9HkBP+0eSKvZt3
cRw4WRqYJY4ovyae1lDEh+QFRMV0a6R+/L4JxFNKjXQL7Ptfqxlh8Q0uOf5aI0UM
GPlw2tUgL0W9a6byqH31piis/RVvmTqacLJ4zhb1FhE7gdCNypeifhJbx4evZvED
xGg/mw4a95NqlDp7/TMO0sZADfNwOjPQwpHLkewpmEjrYVWqUXH3M7BIoTMLUm7r
9bsLvnVe7yFs1+CwCqDSRNbDY+o3j8kQTN9PyKkCq94pR4RbqnsOVADIKykG9IPj
LLyxdfdNyhIMf0n+Y60cXGO1KTcKoGaw10gOpFKwkC/vpaMZlZGxP3gqvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNrADKcYFx4Cp+eVXHtTmgbqL8ezMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMnNBTXB4Z1hIZ0tuNTVWY2UxT2FCdW92eDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA1zUU8gA33GhwCmyAZ8
cjes/EELMYq0eicPp+BX5jTlyLA5e2yS2a/AbMT1Y/Yv03xyhap7vUutHu9NuOw3
ewxHPDR/F6nSDFok4EEZ1LX/O08OA0Imfg/ggXArfVzMCt94tctUgJkZ70C2eAC0
m5dAwiixsbN9iduhdYCuChDi0PuwqmJjh/dJf/riP0iOElslUGEfJrEtkbNw4pYI
GTL646lQjp52IgrreHtnmkwxJ+dzVB5w/3YWQgPGjXgKNs17hfx/78v4tli5Z55X
ZbTwA8+6dWzfagjQ9StpxhUb2omk/FrlGWC70Clg2Qrc7CaQ9kPqmVNpA4NVaq6d
gdo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:15:52 2025 by rpki-client