Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0htA9TD68ARHmoTD0lKMjvGY95I.roa
File: 0htA9TD68ARHmoTD0lKMjvGY95I.roa (raw, json)
Hash identifier: Ok9tkQGAxCXF/Ib6QEIVHybMPgJSzAYh4d9LNioOW1Q=
Subject key identifier: D2:1B:40:F5:30:FA:F0:04:47:9A:84:C3:D2:52:8C:8E:F1:98:F7:92
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01915FD2E5DD1567B26E07E7A6F9142C5C9B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0htA9TD68ARHmoTD0lKMjvGY95I.roa
Signing time: Sat 17 Aug 2024 10:12:22 +0000
ROA not before: Sat 17 Aug 2024 10:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5f:d2:e5:dd:15:67:b2:6e:07:e7:a6:f9:14:2c:5c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 17 10:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21b40f530faf004479a84c3d2528c8ef198f792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dc:40:78:23:93:02:ac:ff:64:5b:ea:e9:4a:
d8:42:74:b1:97:e1:03:88:e6:04:4c:0a:84:91:aa:
fc:74:b0:a7:7e:83:b8:51:3b:dc:8c:b2:ad:97:c4:
de:56:84:a6:4e:58:f7:56:79:8b:c3:3c:da:21:6c:
39:f1:5a:98:45:0d:1f:35:34:95:97:4f:01:d4:3d:
29:2b:d2:b2:a9:5a:bd:ba:9d:f5:ae:c1:a2:e4:d1:
92:94:5a:69:ca:75:be:86:a3:cc:79:fd:b9:b7:56:
09:0f:23:dc:b0:55:c4:6e:43:62:26:43:23:05:86:
46:61:77:c5:0f:50:e8:d3:ce:0c:30:85:4a:a3:14:
ee:34:ea:59:33:81:09:50:7b:45:61:7d:5e:f8:07:
ef:e7:98:cd:57:94:f8:a1:e7:44:fc:ff:e1:4e:84:
cc:bd:2e:d8:1e:d7:b0:4c:19:a9:5e:62:9d:16:39:
dc:62:c4:0f:67:d6:a4:62:53:ab:04:e8:a1:46:58:
ec:ac:a1:73:65:51:7b:42:ec:2e:2a:d9:1a:95:28:
78:e7:7c:d5:e5:ea:90:96:93:4e:01:95:f4:b1:91:
90:26:a3:c9:f1:e0:c2:70:ec:3c:4b:4e:7d:2b:13:
b3:68:9f:10:c3:28:29:b1:76:9f:6b:0e:f5:ab:f5:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1B:40:F5:30:FA:F0:04:47:9A:84:C3:D2:52:8C:8E:F1:98:F7:92
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0htA9TD68ARHmoTD0lKMjvGY95I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
48:97:43:98:bf:32:90:fe:a6:57:2c:c6:bf:a9:b2:e4:63:da:
8e:d9:96:e2:bb:2f:f6:66:91:48:b0:38:1d:55:3f:34:29:5e:
62:6a:de:c5:71:94:4d:43:a6:28:25:a8:d8:e2:68:01:68:26:
fd:08:43:8a:e4:46:7d:5f:8e:86:89:db:ee:a8:2f:8b:82:0c:
f0:6c:18:c7:a4:69:ab:a8:d8:50:a0:9d:4c:60:ff:91:97:55:
9f:57:04:2c:14:6a:51:0a:31:c5:15:bc:24:69:ea:c6:7e:1c:
6b:cd:a5:b2:a0:b4:18:0a:5e:aa:7a:e3:42:fd:b1:a2:e0:b1:
89:2e:a0:95:16:96:1a:82:39:42:35:99:d3:cf:a9:c6:04:56:
af:d4:a8:8c:9c:e1:41:aa:f3:a4:e8:24:e3:7a:52:27:c9:6d:
4f:fd:23:d4:e3:8d:fd:0d:4d:f7:63:73:a1:47:ed:e2:94:c0:
ce:52:28:f3:c5:12:51:01:35:da:62:e6:a6:fa:78:ab:d0:8d:
12:a5:7c:9a:29:59:ed:4a:b8:53:0f:f2:48:c8:f2:c9:19:fa:
29:32:96:20:2a:34:20:c3:a0:7b:e4:71:f9:8f:50:ce:98:10:
91:ec:e9:fb:8d:8b:53:70:85:c8:fe:a8:53:34:fb:5e:df:77:
aa:50:84:bb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFf0uXdFWeybgfnpvkULFybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE3MTAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFiNDBmNTMwZmFmMDA0NDc5YTg0YzNkMjUyOGM4ZWYxOThmNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtxAeCOTAqz/ZFvq6UrYQnSxl+ED
iOYETAqEkar8dLCnfoO4UTvcjLKtl8TeVoSmTlj3VnmLwzzaIWw58VqYRQ0fNTSV
l08B1D0pK9KyqVq9up31rsGi5NGSlFppynW+hqPMef25t1YJDyPcsFXEbkNiJkMj
BYZGYXfFD1Do084MMIVKoxTuNOpZM4EJUHtFYX1e+Afv55jNV5T4oedE/P/hToTM
vS7YHtewTBmpXmKdFjncYsQPZ9akYlOrBOihRljsrKFzZVF7QuwuKtkalSh453zV
5eqQlpNOAZX0sZGQJqPJ8eDCcOw8S059KxOzaJ8QwygpsXafaw71q/W+tQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNIbQPUw+vAER5qEw9JSjI7xmPeSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMGh0QTlURDY4QVJIbW9URDBsS01qdkdZOTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEASJdDmL8ykP6mVyzGv6my5GPa
jtmW4rsv9maRSLA4HVU/NCleYmrexXGUTUOmKCWo2OJoAWgm/QhDiuRGfV+Ohonb
7qgvi4IM8GwYx6Rpq6jYUKCdTGD/kZdVn1cELBRqUQoxxRW8JGnqxn4ca82lsqC0
GApeqnrjQv2xouCxiS6glRaWGoI5QjWZ08+pxgRWr9SojJzhQarzpOgk43pSJ8lt
T/0j1OON/Q1N92NzoUft4pTAzlIo88USUQE12mLmpvp4q9CNEqV8milZ7Uq4Uw/y
SMjyyRn6KTKWICo0IMOge+Rx+Y9QzpgQkezp+42LU3CFyP6oUzT7Xt93qlCEuw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:18:17 2025 by rpki-client