Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U6ER38OQiOPQX41m_6wZ2jjN_ek.roa
File: U6ER38OQiOPQX41m_6wZ2jjN_ek.roa (raw, json)
Hash identifier: KEm0DWKswYuY4JQppXdeeziYxGwcoQh5q0ZIATlZoVw=
Subject key identifier: 53:A1:11:DF:C3:90:88:E3:D0:5F:8D:66:FF:AC:19:DA:38:CD:FD:E9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190204A8AB6B878E03216BF77ED672F42C2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U6ER38OQiOPQX41m_6wZ2jjN_ek.roa
Signing time: Sun 16 Jun 2024 09:04:34 +0000
ROA not before: Sun 16 Jun 2024 09:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:204a:6fee/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:20:4a:8a:b6:b8:78:e0:32:16:bf:77:ed:67:2f:42:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 09:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53a111dfc39088e3d05f8d66ffac19da38cdfde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:eb:12:c1:fa:22:96:4b:eb:59:0d:24:e6:ea:
5c:dc:a1:93:58:d9:1a:7f:db:48:f4:93:b8:d2:3c:
51:56:5e:35:7a:7e:1c:fa:4b:13:b6:26:87:05:86:
72:9b:16:b9:1e:67:43:34:9b:51:d4:44:ab:1e:77:
9c:7b:11:35:90:e9:5f:b3:85:50:73:92:de:22:25:
06:ea:67:29:af:8e:d5:7e:97:8d:ce:cc:f6:d0:8e:
9a:dd:97:99:4a:93:36:2f:af:e6:fa:48:ab:b1:f5:
75:e7:9b:6e:ff:8c:0e:3f:f9:08:dc:17:94:f4:0f:
0a:b8:be:50:35:2d:80:e0:99:a3:30:ac:02:5b:3d:
f4:3e:8c:5d:40:42:93:30:46:22:f9:be:ba:7b:34:
49:9e:86:b2:2d:e2:7d:26:82:eb:82:ed:cb:ca:e2:
e4:9f:4e:40:a2:b6:2e:3e:02:77:65:49:2e:32:db:
70:03:f8:dc:ae:22:65:f2:d3:d7:82:02:06:a9:99:
df:d6:12:08:f9:1d:b6:3e:a4:21:9b:05:69:d1:4e:
69:64:e2:c1:b5:ed:34:a0:a1:55:17:f1:40:da:4a:
41:5b:01:ee:ba:cf:c7:92:20:f8:64:6f:29:72:45:
b9:3d:9c:36:51:b1:1e:a7:37:4a:a7:1c:9a:a2:0e:
8a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A1:11:DF:C3:90:88:E3:D0:5F:8D:66:FF:AC:19:DA:38:CD:FD:E9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U6ER38OQiOPQX41m_6wZ2jjN_ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:c5:a0:db:c2:8f:ff:ee:16:8e:5b:84:f4:a2:df:f3:d3:c4:
d9:60:10:ab:c2:86:38:40:6e:ed:24:6e:ba:9e:e7:aa:9d:63:
9c:29:1c:d6:2a:bb:e9:0f:ac:f0:c0:e6:23:8c:f8:67:58:fc:
09:aa:33:40:71:43:82:42:0a:f6:39:43:5f:f4:f0:fa:00:72:
5c:51:6c:ec:44:c8:63:83:9a:80:70:a1:9d:fa:48:89:d1:d1:
9f:89:72:53:ba:d0:e1:f8:41:b7:b4:42:bd:13:ea:d5:19:68:
70:a5:a6:a5:34:08:2f:81:71:e4:d6:5b:49:cd:a7:69:eb:bd:
6c:46:cd:71:32:da:81:11:77:a0:e1:dd:11:f1:93:be:d6:13:
0c:37:e1:10:14:81:dc:99:82:da:12:b2:90:8b:de:36:b2:8b:
2f:be:44:02:4b:b7:20:0b:09:04:1c:cd:3d:02:ec:1f:59:3e:
e5:07:64:86:20:8b:c9:c6:2d:45:b0:7b:6a:e6:db:bd:a3:20:
01:16:5b:cb:29:b8:e8:e3:b4:b0:32:aa:52:a2:8e:98:47:7e:
b9:70:12:2a:a7:bf:6f:26:f4:7f:9a:68:d1:02:df:c3:57:b3:
b0:2d:8b:01:f5:60:bb:1f:52:e4:8c:c7:36:ae:31:33:85:e9:
92:6f:51:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAgSoq2uHjgMha/d+1nL0LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MDkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ExMTFkZmMzOTA4OGUzZDA1ZjhkNjZmZmFjMTlkYTM4Y2RmZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOsSwfoilkvrWQ0k5upc3KGTWNka
f9tI9JO40jxRVl41en4c+ksTtiaHBYZymxa5HmdDNJtR1ESrHnecexE1kOlfs4VQ
c5LeIiUG6mcpr47VfpeNzsz20I6a3ZeZSpM2L6/m+kirsfV155tu/4wOP/kI3BeU
9A8KuL5QNS2A4JmjMKwCWz30PoxdQEKTMEYi+b66ezRJnoayLeJ9JoLrgu3LyuLk
n05AorYuPgJ3ZUkuMttwA/jcriJl8tPXggIGqZnf1hII+R22PqQhmwVp0U5pZOLB
te00oKFVF/FA2kpBWwHuus/HkiD4ZG8pckW5PZw2UbEepzdKpxyaog6KKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOhEd/DkIjj0F+NZv+sGdo4zf3pMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVTZFUjM4T1FpT1BRWDQxbV82d1oyampOX2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGrFoNvCj//uFo5bhPSi
3/PTxNlgEKvChjhAbu0kbrqe56qdY5wpHNYqu+kPrPDA5iOM+GdY/AmqM0BxQ4JC
CvY5Q1/08PoAclxRbOxEyGODmoBwoZ36SInR0Z+JclO60OH4Qbe0Qr0T6tUZaHCl
pqU0CC+BceTWW0nNp2nrvWxGzXEy2oERd6Dh3RHxk77WEww34RAUgdyZgtoSspCL
3jayiy++RAJLtyALCQQczT0C7B9ZPuUHZIYgi8nGLUWwe2rm272jIAEWW8spuOjj
tLAyqlKijphHfrlwEiqnv28m9H+aaNEC38NXs7AtiwH1YLsfUuSMxzauMTOF6ZJv
UbE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:20:34 2025 by rpki-client