Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0JZqUXcrcmeOUXMwXxelAnTPhSo.roa
File: 0JZqUXcrcmeOUXMwXxelAnTPhSo.roa (raw, json)
Hash identifier: UAz5YCbY9DSEOnfmIFtN1UJ8GGc8d5NbtiO25705snY=
Subject key identifier: D0:96:6A:51:77:2B:72:67:8E:51:73:30:5F:17:A5:02:74:CF:85:2A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01914914B66F5F8F0DE2648501B8C5AA9954
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0JZqUXcrcmeOUXMwXxelAnTPhSo.roa
Signing time: Tue 13 Aug 2024 00:12:59 +0000
ROA not before: Tue 13 Aug 2024 00:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:49:14:b6:6f:5f:8f:0d:e2:64:85:01:b8:c5:aa:99:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 13 00:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0966a51772b72678e5173305f17a50274cf852a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:13:0a:95:c6:71:4f:44:ee:43:81:3a:4b:7e:
70:04:5f:85:79:c1:0a:f7:55:97:43:96:09:fb:20:
bb:a3:f9:91:28:5c:64:20:76:ad:17:98:db:e3:58:
66:8b:5f:ed:85:db:2e:09:3e:3a:0d:0b:dd:f7:09:
00:50:0e:f0:87:1b:24:64:aa:cf:2b:b1:17:84:f6:
7e:be:24:70:ac:22:38:47:a4:b6:7f:dc:c3:43:95:
53:b8:69:b9:d0:e1:f7:88:4f:f4:5b:3e:2d:22:22:
94:d3:e7:01:b8:8d:cf:33:53:c5:92:b7:8b:f8:13:
39:f5:fc:f6:0b:9e:0a:82:56:53:59:bc:92:77:4b:
27:db:37:55:62:32:1b:9f:64:fc:5c:eb:45:f8:2e:
7d:75:68:f2:e1:cb:b9:0e:93:09:e0:d7:43:80:96:
c5:cd:cc:a2:50:c9:56:61:8f:94:34:74:f7:55:ea:
53:93:bc:d5:43:a5:cf:7b:90:ce:47:26:86:b2:50:
7c:b7:cb:4c:8b:d9:83:3c:db:c0:78:32:48:07:53:
ac:4e:f2:6c:6d:e9:dd:54:f2:f2:ba:b1:69:8d:c7:
06:13:cf:b4:cd:69:8c:e0:4b:66:a7:63:b5:76:bf:
bd:aa:f5:0a:db:52:55:5e:7b:30:9c:c2:c4:87:b8:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:96:6A:51:77:2B:72:67:8E:51:73:30:5F:17:A5:02:74:CF:85:2A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0JZqUXcrcmeOUXMwXxelAnTPhSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
02:70:4b:57:0b:74:0f:e0:3d:72:e4:31:97:bd:24:ad:f6:81:
7c:80:72:06:45:ce:88:3b:7e:b9:88:b6:11:ec:dc:13:3a:d6:
47:2f:16:32:ec:58:02:2f:c9:61:b3:f2:0a:bc:7e:10:4e:7e:
a1:87:21:22:b3:84:0e:25:eb:96:33:b1:35:48:e6:5f:e9:9d:
95:c2:e8:e5:8e:9e:b0:79:64:f6:7f:b5:04:8e:4c:4b:dd:ec:
69:e4:a5:75:cc:07:7f:b2:33:35:27:a6:a3:a1:83:89:fd:f4:
7c:e6:da:2b:00:47:5f:63:0d:e2:42:64:6f:6c:09:8d:8e:65:
34:59:8b:99:e5:67:5b:1a:5e:6d:12:46:a2:c2:1d:cf:a4:b3:
41:fe:1b:1e:d5:6d:d1:1a:7e:f0:62:f7:86:cc:8e:fb:13:e4:
d8:cf:93:71:ec:5e:b6:d1:e8:61:09:77:9c:ae:32:e0:8e:39:
01:80:5b:c1:c8:c5:0a:45:70:f1:be:e7:4e:ee:c5:77:1f:44:
d0:f2:0e:62:dc:27:81:a2:cb:16:4e:3a:ab:06:64:aa:ed:f6:
48:6b:32:8a:72:54:7d:4e:75:42:c4:89:49:32:8f:60:01:69:
5a:33:6d:3d:0f:d4:75:d9:0a:e7:d4:52:a5:cb:ee:64:a0:da:
dd:0e:96:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFJFLZvX48N4mSFAbjFqplUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEzMDAxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk2NmE1MTc3MmI3MjY3OGU1MTczMzA1ZjE3YTUwMjc0Y2Y4NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRMKlcZxT0TuQ4E6S35wBF+FecEK
91WXQ5YJ+yC7o/mRKFxkIHatF5jb41hmi1/thdsuCT46DQvd9wkAUA7whxskZKrP
K7EXhPZ+viRwrCI4R6S2f9zDQ5VTuGm50OH3iE/0Wz4tIiKU0+cBuI3PM1PFkreL
+BM59fz2C54KglZTWbySd0sn2zdVYjIbn2T8XOtF+C59dWjy4cu5DpMJ4NdDgJbF
zcyiUMlWYY+UNHT3VepTk7zVQ6XPe5DORyaGslB8t8tMi9mDPNvAeDJIB1OsTvJs
bendVPLyurFpjccGE8+0zWmM4Etmp2O1dr+9qvUK21JVXnswnMLEh7il+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNCWalF3K3JnjlFzMF8XpQJ0z4UqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMEpacVVYY3JjbWVPVVhNd1h4ZWxBblRQaFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAAnBLVwt0D+A9cuQxl70krfaB
fIByBkXOiDt+uYi2EezcEzrWRy8WMuxYAi/JYbPyCrx+EE5+oYchIrOEDiXrljOx
NUjmX+mdlcLo5Y6esHlk9n+1BI5MS93saeSldcwHf7IzNSemo6GDif30fObaKwBH
X2MN4kJkb2wJjY5lNFmLmeVnWxpebRJGosIdz6SzQf4bHtVt0Rp+8GL3hsyO+xPk
2M+TcexettHoYQl3nK4y4I45AYBbwcjFCkVw8b7nTu7Fdx9E0PIOYtwngaLLFk46
qwZkqu32SGsyinJUfU51QsSJSTKPYAFpWjNtPQ/UddkK59RSpcvuZKDa3Q6WmA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:08:47 2025 by rpki-client