Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0PBmzeFXXrdHdkqwdXzrcVjdjqs.roa
File: 0PBmzeFXXrdHdkqwdXzrcVjdjqs.roa (raw, json)
Hash identifier: mp+O+B7WEjDmJKlb+XDzBeTYRAJuwuj4CZdx5Z1WtdI=
Subject key identifier: D0:F0:66:CD:E1:57:5E:B7:47:76:4A:B0:75:7C:EB:71:58:DD:8E:AB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A1456BD24DADF607EAEBF64679857E76
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0PBmzeFXXrdHdkqwdXzrcVjdjqs.roa
Signing time: Fri 30 Aug 2024 03:12:47 +0000
ROA not before: Fri 30 Aug 2024 03:12:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a1:45:6b:d2:4d:ad:f6:07:ea:eb:f6:46:79:85:7e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 03:12:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0f066cde1575eb747764ab0757ceb7158dd8eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:27:68:c5:d8:64:36:bb:21:db:4f:f9:47:
89:e8:2e:4d:c8:c0:fa:f6:18:84:48:07:bd:9c:b5:
88:98:be:1b:bb:8c:04:10:5e:ff:f2:e2:59:6e:8c:
14:67:1d:e3:a5:ce:3b:ab:7e:34:9b:2e:77:27:83:
4c:7d:eb:1f:fd:0d:46:2c:60:d3:6c:5b:3b:ff:7f:
25:cb:18:a9:3f:07:5a:8b:48:7c:5e:04:e3:6e:fe:
ff:0c:98:ac:90:ac:a3:c1:83:9a:15:67:1d:1a:d6:
a0:64:ca:92:e2:fe:d0:2f:ab:a1:a0:c8:bb:f6:69:
68:16:22:7b:7f:66:04:a7:1a:37:d0:4b:a9:19:c6:
0f:c9:a7:c8:43:44:90:c5:6f:50:a6:ee:a8:19:72:
6f:33:c5:db:5d:07:50:c5:8f:38:bf:6c:1e:c7:38:
e0:cd:4b:7f:d1:23:77:89:eb:eb:d1:8d:6c:ee:c8:
b5:2c:51:47:6c:64:4f:ff:76:f4:cf:d3:5a:e2:ff:
b7:29:5e:35:cf:da:32:a8:3a:8d:1c:b2:07:ab:0f:
4e:38:ec:dd:2b:e3:fc:1d:a5:63:12:12:5e:a4:ad:
41:eb:7e:60:cf:df:02:da:0b:26:b4:07:06:ab:13:
74:e4:13:a0:09:dc:b3:99:66:bc:7b:6e:b8:2e:6f:
b8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F0:66:CD:E1:57:5E:B7:47:76:4A:B0:75:7C:EB:71:58:DD:8E:AB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0PBmzeFXXrdHdkqwdXzrcVjdjqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
29:14:cf:67:02:94:80:3b:32:89:ed:6b:99:93:ca:25:1f:f4:
aa:73:cf:23:c2:93:59:46:4d:22:8e:45:15:a6:a5:56:a0:c2:
df:12:f2:b9:46:08:41:8f:22:9a:7d:96:c5:fd:86:b3:27:97:
a6:50:99:24:da:1b:99:e3:b8:07:bc:72:df:81:8f:4c:ac:6e:
ed:fb:09:f4:b3:75:9b:bf:74:03:d0:86:bb:3b:ef:c3:2e:8e:
d6:5f:6c:ad:cf:55:40:6a:07:b4:79:3d:0a:1f:b7:ea:a1:74:
c1:67:ef:69:bb:b8:57:bd:64:42:0f:97:d7:1d:45:3f:f3:16:
dd:9c:7c:3b:95:20:53:0f:bd:7b:20:ec:86:e6:0a:66:c4:a3:
f5:54:f5:43:5a:fc:17:d8:d6:24:6a:72:37:a6:8f:ad:0c:db:
f8:78:5b:3a:a4:ed:2b:72:ee:23:61:cc:c6:cf:f3:6d:df:1a:
7e:10:71:ae:23:20:7f:5c:d0:4f:72:a7:c4:d8:08:8a:96:e2:
d3:64:4b:4c:4c:6b:87:8f:87:34:ab:0e:0d:17:c4:3e:21:71:
26:92:17:28:1d:3c:be:03:6a:78:20:f6:2a:90:16:47:21:fe:
18:26:70:d9:4a:68:2b:65:c5:ca:25:4d:54:6b:2d:a7:b9:b1:
e8:13:d0:0e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGhRWvSTa32B+rr9kZ5hX52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMDMxMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYwNjZjZGUxNTc1ZWI3NDc3NjRhYjA3NTdjZWI3MTU4ZGQ4ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dUnaMXYZDa7IdtP+UeJ6C5NyMD6
9hiESAe9nLWImL4bu4wEEF7/8uJZbowUZx3jpc47q340my53J4NMfesf/Q1GLGDT
bFs7/38lyxipPwdai0h8XgTjbv7/DJiskKyjwYOaFWcdGtagZMqS4v7QL6uhoMi7
9mloFiJ7f2YEpxo30EupGcYPyafIQ0SQxW9Qpu6oGXJvM8XbXQdQxY84v2wexzjg
zUt/0SN3ievr0Y1s7si1LFFHbGRP/3b0z9Na4v+3KV41z9oyqDqNHLIHqw9OOOzd
K+P8HaVjEhJepK1B635gz98C2gsmtAcGqxN05BOgCdyzmWa8e264Lm+48wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNDwZs3hV163R3ZKsHV863FY3Y6rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMFBCbXplRlhYcmRIZGtxd2RYenJjVmpkanFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAKRTPZwKUgDsyie1rmZPKJR/0
qnPPI8KTWUZNIo5FFaalVqDC3xLyuUYIQY8imn2Wxf2GsyeXplCZJNobmeO4B7xy
34GPTKxu7fsJ9LN1m790A9CGuzvvwy6O1l9src9VQGoHtHk9Ch+36qF0wWfvabu4
V71kQg+X1x1FP/MW3Zx8O5UgUw+9eyDshuYKZsSj9VT1Q1r8F9jWJGpyN6aPrQzb
+HhbOqTtK3LuI2HMxs/zbd8afhBxriMgf1zQT3KnxNgIipbi02RLTExrh4+HNKsO
DRfEPiFxJpIXKB08vgNqeCD2KpAWRyH+GCZw2UpoK2XFyiVNVGstp7mx6BPQDg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:22:24 2025 by rpki-client