Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Z8RFA2ils2DGvvMslHey5mhHlI.roa
File: 0Z8RFA2ils2DGvvMslHey5mhHlI.roa (raw, json)
Hash identifier: EEAeDzTP97B+piMi4E7qGLUDzCp+kI0EJJWXu/HwGKs=
Subject key identifier: D1:9F:11:14:0D:A2:96:CD:83:1A:FB:CC:B2:51:DE:CB:99:A1:1E:52
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911C34BFF57CB241A648AF11F5243AAA05
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Z8RFA2ils2DGvvMslHey5mhHlI.roa
Signing time: Sun 04 Aug 2024 07:05:04 +0000
ROA not before: Sun 04 Aug 2024 07:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:1c34:7d7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1c:34:bf:f5:7c:b2:41:a6:48:af:11:f5:24:3a:aa:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 4 07:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d19f11140da296cd831afbccb251decb99a11e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1a:39:ac:c2:7f:51:ed:63:6f:b4:35:7f:46:
f2:9a:d7:99:f6:4d:61:db:81:b8:d2:31:97:30:09:
4e:c5:7b:f7:43:46:31:54:d1:28:4b:cd:ff:ed:10:
e9:24:dd:b3:1a:53:ca:35:11:74:e1:76:c1:c4:0c:
b3:16:9b:7f:aa:af:0c:81:64:bf:9b:a5:94:03:6f:
fb:66:25:9a:11:51:f3:f4:92:0d:14:9f:ec:9f:1f:
37:b3:35:1a:d7:4e:b6:ff:04:e8:1b:de:30:55:c8:
7f:4f:a8:9f:f6:4d:b6:0c:0f:8c:d2:bd:87:c1:12:
b6:74:18:9c:35:59:49:6e:e8:24:33:b2:03:8d:58:
a2:59:e2:0a:d2:c3:59:0e:47:37:2c:a7:15:62:ad:
9d:dc:cc:72:cd:da:04:11:26:28:1b:cc:af:ef:b9:
3b:b7:fa:a5:a4:ab:e0:86:92:ad:4d:11:a3:6b:cb:
6f:bb:74:a8:75:df:5e:0e:e0:01:ec:39:eb:f0:a1:
fe:84:c8:7e:6e:56:58:2f:00:20:89:d4:7b:9e:4e:
90:b3:13:57:90:f2:c3:ac:80:d4:ee:1b:d6:e5:06:
8e:29:99:3f:fe:5b:22:19:2b:06:e8:74:c9:14:2a:
a8:86:ff:7a:b0:2d:ac:6c:f5:8d:71:6b:4b:1c:4f:
63:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9F:11:14:0D:A2:96:CD:83:1A:FB:CC:B2:51:DE:CB:99:A1:1E:52
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0Z8RFA2ils2DGvvMslHey5mhHlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:1c34:7d7d/128
Signature Algorithm: sha256WithRSAEncryption
42:08:7c:6b:24:d8:6a:a1:db:2d:24:7d:ff:bb:4c:5d:cc:ca:
d0:19:86:66:61:77:69:71:38:e7:2f:88:1b:58:3d:77:0b:43:
2f:ef:4b:70:d3:e7:dc:1a:c5:d9:c6:6f:8e:b1:4f:5f:a0:f2:
3b:b3:2e:94:7b:01:d6:41:1e:94:2d:ce:51:5f:1e:f6:a3:9e:
6b:6c:91:d7:da:14:9e:71:f1:50:92:eb:2d:b0:7c:c1:ec:73:
a2:b5:2b:9a:ef:88:fe:c8:85:18:3f:18:05:fe:e3:07:a2:c8:
6b:50:90:53:c6:82:b5:a6:c6:f9:5a:61:ec:83:ac:2c:e3:80:
b9:47:cc:88:f2:03:f3:47:98:0f:e1:25:f1:a7:57:37:64:17:
60:a2:b1:5c:a3:ff:49:e4:1c:5a:33:c3:90:b1:98:6b:73:65:
69:42:d8:e8:71:63:5c:95:7a:2f:33:30:ba:60:de:a4:72:64:
0e:91:d2:3b:7a:4a:7f:a2:60:cc:4c:63:16:19:f7:88:94:ba:
93:16:42:fd:85:e8:84:2d:1d:60:3b:d5:9d:82:d1:2f:f2:d7:
aa:26:ca:92:c9:be:d4:9c:1a:58:3d:f1:bd:74:10:cb:2a:b0:
1c:ac:b4:94:2f:74:24:c8:d1:81:45:c1:4b:9a:74:48:cb:6e:
e9:13:b9:f0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEcNL/1fLJBpkivEfUkOqoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA0MDcwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmMTExNDBkYTI5NmNkODMxYWZiY2NiMjUxZGVjYjk5YTExZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xo5rMJ/Ue1jb7Q1f0bymteZ9k1h
24G40jGXMAlOxXv3Q0YxVNEoS83/7RDpJN2zGlPKNRF04XbBxAyzFpt/qq8MgWS/
m6WUA2/7ZiWaEVHz9JINFJ/snx83szUa1062/wToG94wVch/T6if9k22DA+M0r2H
wRK2dBicNVlJbugkM7IDjViiWeIK0sNZDkc3LKcVYq2d3MxyzdoEESYoG8yv77k7
t/qlpKvghpKtTRGja8tvu3Sodd9eDuAB7Dnr8KH+hMh+blZYLwAgidR7nk6QsxNX
kPLDrIDU7hvW5QaOKZk//lsiGSsG6HTJFCqohv96sC2sbPWNcWtLHE9jEQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNGfERQNopbNgxr7zLJR3suZoR5SMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMFo4UkZBMmlsczJER3Z2TXNsSGV5NW1oSGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkRw0fX0wDQYJKoZIhvcNAQELBQADggEB
AEIIfGsk2Gqh2y0kff+7TF3MytAZhmZhd2lxOOcviBtYPXcLQy/vS3DT59waxdnG
b46xT1+g8juzLpR7AdZBHpQtzlFfHvajnmtskdfaFJ5x8VCS6y2wfMHsc6K1K5rv
iP7IhRg/GAX+4weiyGtQkFPGgrWmxvlaYeyDrCzjgLlHzIjyA/NHmA/hJfGnVzdk
F2CisVyj/0nkHFozw5CxmGtzZWlC2OhxY1yVei8zMLpg3qRyZA6R0jt6Sn+iYMxM
YxYZ94iUupMWQv2F6IQtHWA71Z2C0S/y16omypLJvtScGlg98b10EMsqsBystJQv
dCTI0YFFwUuadEjLbukTufA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:29 2025 by rpki-client