Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/UMkZpOpvHmhbxpLNxp6NEtMmvOY.roa
File: UMkZpOpvHmhbxpLNxp6NEtMmvOY.roa (raw, json)
Hash identifier: n0CAMj0MrrrHuy9p1Fey3YrEkTs3IPLnW7IlKkvtbdQ=
Subject key identifier: 50:C9:19:A4:EA:6F:1E:68:5B:C6:92:CD:C6:9E:8D:12:D3:26:BC:E6
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 0184D4DBDEA2D19D8B7E22C2FAE02FBF1C87
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/UMkZpOpvHmhbxpLNxp6NEtMmvOY.roa
Signing time: Fri 02 Dec 2022 22:01:29 +0000
ROA not before: Fri 02 Dec 2022 22:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200957
IP address blocks: 2a0a:6040:ef00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d4:db:de:a2:d1:9d:8b:7e:22:c2:fa:e0:2f:bf:1c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Dec 2 22:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50c919a4ea6f1e685bc692cdc69e8d12d326bce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:07:5a:0a:56:e8:55:72:6a:33:d0:68:35:
68:2b:16:4e:d4:d3:23:17:01:c7:bc:f3:10:03:8b:
86:a1:69:d3:a2:20:fd:7e:92:fb:51:ea:5c:0f:c6:
5b:16:05:4b:e7:73:0f:95:93:4f:7e:3a:b3:39:c6:
21:34:43:ba:17:39:01:e9:0c:c8:21:b6:96:25:60:
b4:a3:b5:ab:8a:f0:40:b3:1d:a5:c9:ea:de:96:f7:
43:ba:57:f6:86:17:b9:c1:1d:34:6d:f4:69:05:b6:
cf:2f:bd:64:fa:73:eb:78:bc:46:a1:4f:56:e1:be:
a8:80:ab:02:01:ec:f9:e3:f1:7f:9e:8c:e8:b6:0b:
7c:d6:96:9b:a0:00:2f:44:4b:db:f4:c9:e3:d3:1a:
7d:48:74:7a:e1:e6:f0:61:1e:44:2b:f8:a9:b2:a5:
34:4b:4b:82:48:37:be:ec:3d:c9:e9:6b:f1:cb:08:
bf:c3:d2:1a:3a:cc:5a:aa:6e:85:e7:95:49:c6:8f:
04:7a:42:46:58:f5:42:b9:4a:07:e1:5f:50:ba:6e:
e5:2e:93:bb:09:fd:86:73:7c:23:d1:d3:e8:6d:1d:
bd:c3:1c:f0:2b:c8:b7:a2:ba:ae:5a:ce:b0:29:84:
ad:c8:a1:5f:dd:77:66:37:ce:41:97:65:03:7b:34:
41:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C9:19:A4:EA:6F:1E:68:5B:C6:92:CD:C6:9E:8D:12:D3:26:BC:E6
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/UMkZpOpvHmhbxpLNxp6NEtMmvOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6040:ef00::/40
Signature Algorithm: sha256WithRSAEncryption
2a:16:04:69:61:2a:70:75:a6:1a:2a:72:95:ef:ff:18:48:5b:
83:36:c4:de:0d:e1:cc:6a:fe:2f:53:60:0a:8f:c3:b8:2c:05:
43:d0:f0:05:fe:d0:75:88:71:71:d5:ee:c4:a3:56:0c:e7:e5:
0a:85:e1:9b:da:05:24:bb:8c:11:c1:77:35:ab:3c:eb:29:42:
53:61:cd:9e:d1:94:64:92:c8:d0:53:a8:ca:27:73:b6:8c:45:
05:0e:ff:56:fe:25:bf:69:cd:5a:e5:f0:a3:6c:f8:52:18:9f:
61:1a:40:3f:98:56:24:b3:52:37:36:fd:83:89:2e:f1:3f:3f:
49:73:5d:e8:aa:b5:92:17:f3:7e:97:27:96:a4:8c:8e:94:78:
22:06:97:a3:9e:01:22:d5:0d:0e:d5:7d:16:c9:6e:85:af:99:
f5:64:db:c6:bc:54:4d:5e:74:fd:b0:40:f7:26:93:e7:a4:9c:
f0:d3:25:b5:8d:a1:3b:f2:95:4b:26:46:9b:c3:d4:c4:54:7d:
8a:9b:14:91:56:ba:b6:c4:c6:d3:39:2c:54:bf:1f:5d:6f:55:
63:45:10:56:46:fc:4d:cb:41:ca:b2:5d:5d:92:ac:f6:a0:af:
40:17:af:d5:04:0c:89:4f:4d:ac:83:96:0a:17:bf:45:98:e3:
83:a8:fb:28
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYTU296i0Z2LfiLC+uAvvxyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIxMjAyMjIwMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM5MTlhNGVhNmYxZTY4NWJjNjkyY2RjNjllOGQxMmQzMjZiY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DEHWgpW6FVyajPQaDVoKxZO1NMj
FwHHvPMQA4uGoWnToiD9fpL7UepcD8ZbFgVL53MPlZNPfjqzOcYhNEO6FzkB6QzI
IbaWJWC0o7WrivBAsx2lyerelvdDulf2hhe5wR00bfRpBbbPL71k+nPreLxGoU9W
4b6ogKsCAez54/F/nozotgt81paboAAvREvb9Mnj0xp9SHR64ebwYR5EK/ipsqU0
S0uCSDe+7D3J6Wvxywi/w9IaOsxaqm6F55VJxo8EekJGWPVCuUoH4V9Qum7lLpO7
Cf2Gc3wj0dPobR29wxzwK8i3orquWs6wKYStyKFf3XdmN85Bl2UDezRB0QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFDJGaTqbx5oW8aSzcaejRLTJrzmMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvVU1rWnBPcHZIbWhieHBMTnhwNk5FdE1tdk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQO8w
DQYJKoZIhvcNAQELBQADggEBACoWBGlhKnB1phoqcpXv/xhIW4M2xN4N4cxq/i9T
YAqPw7gsBUPQ8AX+0HWIcXHV7sSjVgzn5QqF4ZvaBSS7jBHBdzWrPOspQlNhzZ7R
lGSSyNBTqMonc7aMRQUO/1b+Jb9pzVrl8KNs+FIYn2EaQD+YViSzUjc2/YOJLvE/
P0lzXeiqtZIX836XJ5akjI6UeCIGl6OeASLVDQ7VfRbJboWvmfVk28a8VE1edP2w
QPcmk+eknPDTJbWNoTvylUsmRpvD1MRUfYqbFJFWurbExtM5LFS/H11vVWNFEFZG
/E3LQcqyXV2SrPagr0AXr9UEDIlPTayDlgoXv0WY44Oo+yg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:03:30 2025 by rpki-client