Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Dks7yynfi5O2E26zdG5OOrQ9IZI.roa
File: Dks7yynfi5O2E26zdG5OOrQ9IZI.roa (raw, json)
Hash identifier: 0zhl5MtXdQoQiBA9/javK6yxCdOU4LvV9xD68MqD8K8=
Subject key identifier: 0E:4B:3B:CB:29:DF:8B:93:B6:13:6E:B3:74:6E:4E:3A:B4:3D:21:92
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FEF99891E7D17AE7C5DC3331B4C461ADE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Dks7yynfi5O2E26zdG5OOrQ9IZI.roa
Signing time: Thu 06 Jun 2024 22:09:27 +0000
ROA not before: Thu 06 Jun 2024 22:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:99:89:1e:7d:17:ae:7c:5d:c3:33:1b:4c:46:1a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 6 22:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e4b3bcb29df8b93b6136eb3746e4e3ab43d2192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d5:04:b2:3b:d0:15:5c:72:e8:75:ea:95:f8:
b5:4e:50:9a:d1:fa:71:80:8b:88:d2:e3:26:68:62:
b4:23:63:ee:e6:d0:3f:91:fa:b9:ba:9c:fd:f7:1f:
6f:27:79:04:3b:eb:53:6d:06:25:25:2c:78:63:7f:
84:bf:4e:ae:f5:2a:1c:e0:3b:4e:19:35:e4:80:32:
c9:39:cb:40:de:c0:ba:d6:f4:91:6d:b4:d6:46:dc:
e7:6e:7b:f1:9c:16:a3:ec:18:4c:37:2b:a8:7f:fb:
ec:04:18:c9:3f:cb:01:47:a6:32:94:4b:da:5b:62:
bf:ea:cb:53:8b:8a:e8:2a:b5:44:58:e4:5d:5d:4e:
78:12:b5:4c:13:48:08:e5:e2:3a:4e:2d:a3:27:f2:
5d:d7:f7:d8:18:c3:4a:81:bc:f6:11:4c:62:c9:4e:
17:52:e9:42:b7:a8:22:e5:64:71:16:0c:c0:c5:09:
e7:5f:3d:b0:5c:52:d1:91:99:74:90:41:52:e9:66:
61:44:c1:fc:37:e0:e9:7b:80:af:07:0f:61:e6:b1:
5b:b4:98:3f:4c:0c:3f:b0:9e:b4:30:35:61:cb:68:
9c:87:ab:d2:f8:b1:b4:a6:fd:5d:77:88:0b:41:8f:
87:e2:52:7c:6b:20:60:d7:4a:26:e3:2b:2a:f9:a0:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4B:3B:CB:29:DF:8B:93:B6:13:6E:B3:74:6E:4E:3A:B4:3D:21:92
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Dks7yynfi5O2E26zdG5OOrQ9IZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:e9:f3:a6:40:2b:5a:d4:a9:82:ec:60:9d:c4:ba:bf:95:d9:
b7:56:65:3b:d6:41:d4:c0:4f:89:5c:66:f8:ea:8f:e6:97:f8:
62:ec:14:bd:d5:d7:59:db:df:0e:1e:2d:db:ae:b9:42:22:bc:
32:89:95:5c:59:c8:c8:2f:60:38:d2:0d:94:0d:13:33:d4:2b:
44:23:56:9d:8b:72:64:63:83:1c:d4:1e:27:a4:b4:ed:9e:b7:
9c:06:fe:66:20:c7:6b:44:2a:f5:11:76:35:09:a1:6d:e0:1c:
68:27:26:ec:2a:60:0a:e9:86:b9:aa:51:c3:1c:3e:48:6f:c8:
5e:2e:7e:35:f2:d5:89:94:eb:3b:0b:bc:38:0b:82:8d:92:14:
4e:22:66:22:0d:b3:09:d8:e4:c9:58:18:2e:a5:dc:20:81:c2:
65:e3:05:25:14:70:d9:02:51:34:d4:3e:98:9a:6b:79:4f:6f:
86:c5:eb:08:40:82:bb:38:dd:78:28:2f:7d:15:dc:ba:00:28:
9a:31:5f:ff:30:df:07:ce:85:db:5f:a3:0b:80:9b:46:ec:71:
45:09:17:b1:84:4b:1c:e0:e8:6b:b8:d6:a5:63:bf:32:6a:75:
65:ac:2b:34:31:6f:9d:19:b7:28:38:36:98:fe:44:e1:8d:86:
f5:f6:ca:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/vmYkefReufF3DMxtMRhreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA2MjIwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTRiM2JjYjI5ZGY4YjkzYjYxMzZlYjM3NDZlNGUzYWI0M2QyMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19UEsjvQFVxy6HXqlfi1TlCa0fpx
gIuI0uMmaGK0I2Pu5tA/kfq5upz99x9vJ3kEO+tTbQYlJSx4Y3+Ev06u9Soc4DtO
GTXkgDLJOctA3sC61vSRbbTWRtznbnvxnBaj7BhMNyuof/vsBBjJP8sBR6YylEva
W2K/6stTi4roKrVEWORdXU54ErVME0gI5eI6Ti2jJ/Jd1/fYGMNKgbz2EUxiyU4X
UulCt6gi5WRxFgzAxQnnXz2wXFLRkZl0kEFS6WZhRMH8N+Dpe4CvBw9h5rFbtJg/
TAw/sJ60MDVhy2ich6vS+LG0pv1dd4gLQY+H4lJ8ayBg10om4ysq+aC7+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA5LO8sp34uTthNus3RuTjq0PSGSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRGtzN3l5bmZpNU8yRTI2emRHNU9PclE5SVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACLp86ZAK1rUqYLsYJ3E
ur+V2bdWZTvWQdTAT4lcZvjqj+aX+GLsFL3V11nb3w4eLduuuUIivDKJlVxZyMgv
YDjSDZQNEzPUK0QjVp2LcmRjgxzUHiektO2et5wG/mYgx2tEKvURdjUJoW3gHGgn
JuwqYArphrmqUcMcPkhvyF4ufjXy1YmU6zsLvDgLgo2SFE4iZiINswnY5MlYGC6l
3CCBwmXjBSUUcNkCUTTUPpiaa3lPb4bF6whAgrs43XgoL30V3LoAKJoxX/8w3wfO
hdtfowuAm0bscUUJF7GESxzg6Gu41qVjvzJqdWWsKzQxb50Ztyg4Npj+ROGNhvX2
ylk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:06:39 2025 by rpki-client