Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-9dWq-D1PL3fFnTCU5saWtpYibs.roa
File: 1-9dWq-D1PL3fFnTCU5saWtpYibs.roa (raw, json)
Hash identifier: 3u7Lb3wGPm5GA/DG2tQVEBUhYkZO1VN5Vxdm8GI7qMo=
Subject key identifier: FB:D7:56:AB:E0:F5:3C:BD:DF:16:74:C2:53:9B:1A:5A:DA:58:89:BB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CFD362141B6D8F4E42E50A3708EE342B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-9dWq-D1PL3fFnTCU5saWtpYibs.roa
Signing time: Sun 08 Sep 2024 04:10:22 +0000
ROA not before: Sun 08 Sep 2024 04:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cf:d3:62:14:1b:6d:8f:4e:42:e5:0a:37:08:ee:34:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 8 04:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbd756abe0f53cbddf1674c2539b1a5ada5889bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:dd:73:9d:70:c1:75:ef:52:40:47:f3:c2:b1:
85:b4:e4:5f:50:6e:19:41:b3:20:ad:0f:d9:64:b2:
e0:d2:6e:29:4f:3c:de:9e:a5:5a:c4:a6:3b:68:2d:
9d:34:92:79:ef:d3:35:2d:c4:55:60:54:79:18:6a:
32:c3:a9:61:26:ea:e1:10:14:e8:0f:e6:e4:94:89:
54:12:ce:0d:b2:81:e7:9c:69:be:6d:bb:31:36:ab:
aa:2c:fe:ad:47:87:47:a1:66:df:b1:23:89:f9:7a:
ec:04:d9:28:73:b9:4a:be:0b:91:83:55:1d:d0:a6:
19:d7:7f:81:51:16:c6:e8:1f:96:f5:e8:fb:f4:8b:
4b:f3:b6:21:db:a1:18:84:bf:5c:c1:97:07:58:b2:
33:92:22:11:c4:67:85:b9:33:16:c3:8a:5d:34:40:
2f:7d:f6:de:3f:01:b8:3a:a4:44:fb:b0:33:f7:8f:
5f:57:6f:01:9d:53:30:7c:4f:91:41:7d:b9:7a:55:
52:cd:e9:ce:dc:cc:03:6e:aa:cc:75:28:77:2a:87:
5f:49:46:59:d5:b1:49:f4:04:f1:7a:3d:20:c0:f2:
d8:d7:ed:4b:d1:c8:00:1f:c9:f6:2c:4d:a1:96:50:
83:ee:92:c1:9e:be:89:6e:82:4d:0d:cc:c8:72:41:
f0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D7:56:AB:E0:F5:3C:BD:DF:16:74:C2:53:9B:1A:5A:DA:58:89:BB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-9dWq-D1PL3fFnTCU5saWtpYibs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2c:b0:49:ac:c6:64:af:5d:c6:22:25:31:23:f3:14:82:9c:cc:
f8:e3:e9:81:e3:d3:7a:ec:ac:a0:e8:f8:ee:09:62:9a:9f:31:
e0:db:80:92:e5:38:b6:df:0a:65:6b:b0:6b:a2:57:38:69:41:
03:b1:70:46:a2:80:b4:83:4f:00:9f:53:9d:f2:e6:a7:93:ca:
b2:b8:fb:05:e3:ac:df:8b:60:7a:19:54:b1:35:05:17:3a:3b:
94:2d:b0:12:46:ca:7c:07:de:d6:f8:bd:a3:bd:32:81:37:c0:
59:d9:cc:b3:79:fa:7c:74:38:ab:92:72:6c:c9:3a:08:46:0b:
d6:07:b7:0b:6d:12:ea:ff:6d:49:80:b6:51:50:a0:94:12:21:
40:67:0c:d5:70:c6:66:cf:2f:33:33:96:30:e1:1e:8b:ed:b0:
2a:09:ee:e0:e4:7f:32:e6:03:7d:cb:95:58:69:87:15:e5:1c:
a7:87:3e:94:9a:b9:c7:2a:c7:87:95:c7:c6:29:a5:91:87:98:
c6:5e:ae:25:2c:de:5f:0f:65:fc:c0:46:26:31:c8:44:08:cd:
57:f2:31:4f:02:d5:5b:4f:73:2d:1b:e5:95:2d:34:c5:7c:a9:
31:5a:f4:a5:33:61:2e:a6:04:3c:63:7e:25:8d:18:d2:53:72:
05:94:24:28
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHP02IUG22PTkLlCjcI7jQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA4MDQxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQ3NTZhYmUwZjUzY2JkZGYxNjc0YzI1MzliMWE1YWRhNTg4OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t1znXDBde9SQEfzwrGFtORfUG4Z
QbMgrQ/ZZLLg0m4pTzzenqVaxKY7aC2dNJJ579M1LcRVYFR5GGoyw6lhJurhEBTo
D+bklIlUEs4NsoHnnGm+bbsxNquqLP6tR4dHoWbfsSOJ+XrsBNkoc7lKvguRg1Ud
0KYZ13+BURbG6B+W9ej79ItL87Yh26EYhL9cwZcHWLIzkiIRxGeFuTMWw4pdNEAv
ffbePwG4OqRE+7Az949fV28BnVMwfE+RQX25elVSzenO3MwDbqrMdSh3KodfSUZZ
1bFJ9ATxej0gwPLY1+1L0cgAH8n2LE2hllCD7pLBnr6JboJNDczIckHwJQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPvXVqvg9Ty93xZ0wlObGlraWIm7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS05ZFdxLUQxUEwzZkZuVENVNXNhV3RwWWlicy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABkP3y8wIwDQYJKoZIhvcNAQELBQADggEBACywSazGZK9dxiIlMSPzFIKc
zPjj6YHj03rsrKDo+O4JYpqfMeDbgJLlOLbfCmVrsGuiVzhpQQOxcEaigLSDTwCf
U53y5qeTyrK4+wXjrN+LYHoZVLE1BRc6O5QtsBJGynwH3tb4vaO9MoE3wFnZzLN5
+nx0OKuScmzJOghGC9YHtwttEur/bUmAtlFQoJQSIUBnDNVwxmbPLzMzljDhHovt
sCoJ7uDkfzLmA33LlVhphxXlHKeHPpSauccqx4eVx8YppZGHmMZeriUs3l8PZfzA
RiYxyEQIzVfyMU8C1VtPcy0b5ZUtNMV8qTFa9KUzYS6mBDxjfiWNGNJTcgWUJCg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:04:12 2025 by rpki-client