Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dxLF6UL0VUvPn8VwF5qvYrOw4TU.roa
File: dxLF6UL0VUvPn8VwF5qvYrOw4TU.roa (raw, json)
Hash identifier: LRUuypjgGfqo0JEZ1oDSeoEkxNgMCBn5TE+/Go5+SU4=
Subject key identifier: 77:12:C5:E9:42:F4:55:4B:CF:9F:C5:70:17:9A:AF:62:B3:B0:E1:35
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB2DB87EBE1F21B54AFCDD957FBBC8000
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dxLF6UL0VUvPn8VwF5qvYrOw4TU.roa
Signing time: Sun 26 May 2024 03:04:42 +0000
ROA not before: Sun 26 May 2024 03:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:b2db:6662/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b2:db:87:eb:e1:f2:1b:54:af:cd:d9:57:fb:bc:80:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 26 03:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7712c5e942f4554bcf9fc570179aaf62b3b0e135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:27:24:eb:ba:07:a2:bd:9a:a9:f0:0b:18:0f:
b0:31:2a:a6:08:78:0f:78:b6:3d:17:8d:65:f9:2a:
65:02:66:4a:ea:c5:b2:8d:88:08:ef:75:75:9f:9a:
80:9a:6f:e4:73:ca:89:b6:21:2a:3e:8f:62:f8:df:
21:d5:62:08:40:e4:84:63:83:14:f1:36:ed:6b:87:
d7:92:2f:45:31:f6:06:c3:a7:9f:a6:e9:50:64:0b:
de:ad:78:c7:65:78:61:87:de:f6:91:6b:86:87:56:
1c:90:d1:6d:b7:ee:d7:dd:0a:43:b5:1a:ca:bb:33:
9f:50:49:e5:65:5d:36:df:8e:7c:b9:8f:2d:4f:8c:
fc:1d:b9:c0:24:3d:2d:42:a4:12:68:65:f3:6e:3a:
a8:01:9d:12:b6:02:45:cf:17:19:8d:20:e1:c9:fc:
6a:b7:26:b2:21:45:d2:48:65:f9:e1:9c:b1:bf:90:
0b:93:44:fa:56:c9:81:59:05:32:51:6f:6e:e7:15:
55:06:07:ee:4d:71:48:68:f4:e6:98:1f:11:c5:a9:
ce:1a:02:e8:bb:0c:07:5a:ac:5c:85:41:19:95:28:
30:03:26:a5:2d:e1:53:1c:23:f4:8e:67:a5:ea:0f:
cf:97:26:54:86:d8:9a:2d:4a:88:35:6b:8d:11:38:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:12:C5:E9:42:F4:55:4B:CF:9F:C5:70:17:9A:AF:62:B3:B0:E1:35
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dxLF6UL0VUvPn8VwF5qvYrOw4TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:ff:f4:11:c4:0b:d7:41:a5:b6:79:e7:0e:8e:ab:35:c0:24:
3b:3e:27:b6:52:4d:2e:dc:05:df:11:00:43:a0:11:07:bf:8d:
11:0b:7d:59:1c:23:f8:e5:4f:db:55:26:14:1f:f9:90:de:e8:
6e:15:7b:1d:e3:80:a0:ef:3f:c4:cb:8d:6e:85:ce:10:85:47:
2e:71:cb:21:22:02:a8:35:9d:dd:46:d9:7f:cc:6f:2d:a3:bc:
36:46:ad:69:61:f0:c3:e0:91:ea:ba:0c:ca:eb:0e:35:c4:45:
12:1f:5b:d1:80:94:a0:bb:0a:26:50:55:90:c6:9e:0f:31:11:
30:ce:f4:c8:15:2a:98:41:05:97:c0:4a:63:22:86:63:0b:77:
0d:f5:60:86:81:48:3a:87:df:98:bf:64:25:06:23:e2:a9:34:
b6:f8:63:6f:15:a2:ba:ad:bd:08:07:77:8a:db:d2:fd:80:77:
20:8d:fd:49:ae:4d:9d:8f:5b:7d:fa:1e:e4:d7:d4:1a:80:c1:
f3:68:63:9b:64:37:58:1d:00:e4:4d:51:b8:18:6b:c2:aa:30:
a6:fc:da:d3:07:fb:ea:77:b0:74:06:20:c4:e8:13:ba:3a:d6:
89:24:71:7a:d3:7b:1a:f8:de:f9:ba:29:c4:08:bf:90:d4:6a:
34:e3:43:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+y24fr4fIbVK/N2Vf7vIAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI2MDMwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEyYzVlOTQyZjQ1NTRiY2Y5ZmM1NzAxNzlhYWY2MmIzYjBlMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCck67oHor2aqfALGA+wMSqmCHgP
eLY9F41l+SplAmZK6sWyjYgI73V1n5qAmm/kc8qJtiEqPo9i+N8h1WIIQOSEY4MU
8Tbta4fXki9FMfYGw6efpulQZAverXjHZXhhh972kWuGh1YckNFtt+7X3QpDtRrK
uzOfUEnlZV023458uY8tT4z8HbnAJD0tQqQSaGXzbjqoAZ0StgJFzxcZjSDhyfxq
tyayIUXSSGX54Zyxv5ALk0T6VsmBWQUyUW9u5xVVBgfuTXFIaPTmmB8RxanOGgLo
uwwHWqxchUEZlSgwAyalLeFTHCP0jmel6g/PlyZUhtiaLUqINWuNETj8PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHcSxelC9FVLz5/FcBear2KzsOE1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZHhMRjZVTDBWVXZQbjhWd0Y1cXZZck93NFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAET/9BHEC9dBpbZ55w6O
qzXAJDs+J7ZSTS7cBd8RAEOgEQe/jRELfVkcI/jlT9tVJhQf+ZDe6G4Vex3jgKDv
P8TLjW6FzhCFRy5xyyEiAqg1nd1G2X/Mby2jvDZGrWlh8MPgkeq6DMrrDjXERRIf
W9GAlKC7CiZQVZDGng8xETDO9MgVKphBBZfASmMihmMLdw31YIaBSDqH35i/ZCUG
I+KpNLb4Y28VorqtvQgHd4rb0v2AdyCN/UmuTZ2PW336HuTX1BqAwfNoY5tkN1gd
AORNUbgYa8KqMKb82tMH++p3sHQGIMToE7o61okkcXrTexr43vm6KcQIv5DUajTj
Q9Y=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:49:22 2025 by rpki-client