Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-HiY5iZ-emzliNUDVCuo_4qdE8U.roa
File: 1-HiY5iZ-emzliNUDVCuo_4qdE8U.roa (raw, json)
Hash identifier: cuOmQcwvEnQ96CP+XbUJ3Bqn+ztacVjhTCBGLOTaWPI=
Subject key identifier: F8:78:98:E6:26:7E:7A:6C:E5:88:D5:03:54:2B:A8:FF:8A:9D:13:C5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019123180DDCD27699274C4091F744D5AADB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-HiY5iZ-emzliNUDVCuo_4qdE8U.roa
Signing time: Mon 05 Aug 2024 15:11:04 +0000
ROA not before: Mon 05 Aug 2024 15:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:18:0d:dc:d2:76:99:27:4c:40:91:f7:44:d5:aa:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 15:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f87898e6267e7a6ce588d503542ba8ff8a9d13c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ff:3d:8d:6a:a2:a7:ca:07:21:f9:63:17:c9:
64:d4:b9:d0:3e:dd:5d:c9:09:1d:08:4d:54:69:08:
ec:6f:4d:e1:c8:37:e4:90:93:c6:15:33:f4:40:95:
b3:f8:0c:97:f9:ab:f5:27:78:3c:42:c4:ec:65:e5:
ef:44:73:68:44:e7:9c:3d:70:6c:db:ed:63:bf:53:
45:4b:87:d5:91:73:61:27:5b:cf:a0:8c:51:67:73:
22:eb:9c:62:af:47:74:f9:bf:14:af:a6:19:80:9f:
47:22:c2:13:5a:bf:ee:c4:f0:a8:18:69:97:32:9c:
cd:91:48:86:00:53:61:88:a1:39:de:bd:35:d5:c4:
37:20:9e:f2:38:26:c9:a9:de:e4:f5:e1:69:51:3d:
ea:ad:e4:fb:29:c9:21:36:b1:48:ec:ec:10:88:13:
56:02:09:6b:a5:5d:e2:76:0c:cf:4c:44:ec:4b:a7:
cf:e3:bb:e8:29:ec:f5:69:77:77:79:96:b9:25:2e:
c9:98:42:06:eb:9b:d3:10:2d:11:49:c0:c8:6c:22:
5f:dd:25:5d:37:a5:18:eb:67:16:76:83:02:64:ee:
5e:e3:81:cb:59:00:67:50:fb:f8:c5:d1:6e:1f:a1:
be:af:b3:c3:ef:01:f8:b5:cd:74:e6:d1:02:03:54:
4a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:78:98:E6:26:7E:7A:6C:E5:88:D5:03:54:2B:A8:FF:8A:9D:13:C5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-HiY5iZ-emzliNUDVCuo_4qdE8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
33:3a:b5:7a:c7:fb:be:02:bc:ec:c0:35:06:1f:2e:70:34:e6:
d9:9e:ec:a1:33:41:8f:5b:d0:18:2b:7c:85:dd:ed:cf:9c:b6:
16:56:0d:e3:de:f4:87:84:34:6d:24:3a:99:03:bc:19:cb:45:
da:fb:c7:45:51:c5:09:6a:75:24:a4:2a:67:80:10:11:61:98:
c6:3a:0e:9c:f6:d8:20:b2:d3:5c:c9:a1:e9:0e:56:cb:a9:63:
85:65:28:81:b1:9f:e8:ea:4d:e3:eb:31:41:0a:2e:97:ce:ec:
71:37:cf:80:0f:ee:31:e6:ab:39:bb:df:7e:aa:54:17:93:70:
1d:3f:35:3f:57:c6:e8:ad:e2:0c:73:49:a6:c6:13:3c:23:c9:
89:bc:77:81:c3:ed:63:bf:d3:2e:00:87:bc:ca:d7:49:fe:a7:
c0:7e:01:58:15:dc:1b:fb:79:55:b3:05:ef:e1:d6:23:57:ea:
cd:9b:16:2a:9b:06:7f:1e:b1:a4:a8:ba:23:8b:54:84:d0:87:
cb:57:ac:95:16:b4:91:7b:cb:0a:16:08:69:94:b7:1a:b9:29:
e7:cb:5e:30:9e:40:80:7c:fd:ad:a6:37:24:59:ea:c0:17:b5:
ef:c2:df:67:e2:f0:a1:89:6c:08:9b:b9:4c:c5:d8:3f:c4:fe:
66:47:0a:53
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZEjGA3c0naZJ0xAkfdE1arbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MTUxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc4OThlNjI2N2U3YTZjZTU4OGQ1MDM1NDJiYThmZjhhOWQxM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP89jWqip8oHIfljF8lk1LnQPt1d
yQkdCE1UaQjsb03hyDfkkJPGFTP0QJWz+AyX+av1J3g8QsTsZeXvRHNoROecPXBs
2+1jv1NFS4fVkXNhJ1vPoIxRZ3Mi65xir0d0+b8Ur6YZgJ9HIsITWr/uxPCoGGmX
MpzNkUiGAFNhiKE53r011cQ3IJ7yOCbJqd7k9eFpUT3qreT7KckhNrFI7OwQiBNW
AglrpV3idgzPTETsS6fP47voKez1aXd3eZa5JS7JmEIG65vTEC0RScDIbCJf3SVd
N6UY62cWdoMCZO5e44HLWQBnUPv4xdFuH6G+r7PD7wH4tc105tECA1RKbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPh4mOYmfnps5YjVA1QrqP+KnRPFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1IaVk1aVotZW16bGlOVURWQ3VvXzRxZEU4VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABkP3y8wIwDQYJKoZIhvcNAQELBQADggEBADM6tXrH+74CvOzANQYfLnA0
5tme7KEzQY9b0BgrfIXd7c+cthZWDePe9IeENG0kOpkDvBnLRdr7x0VRxQlqdSSk
KmeAEBFhmMY6Dpz22CCy01zJoekOVsupY4VlKIGxn+jqTePrMUEKLpfO7HE3z4AP
7jHmqzm7336qVBeTcB0/NT9Xxuit4gxzSabGEzwjyYm8d4HD7WO/0y4Ah7zK10n+
p8B+AVgV3Bv7eVWzBe/h1iNX6s2bFiqbBn8esaSouiOLVITQh8tXrJUWtJF7ywoW
CGmUtxq5KefLXjCeQIB8/a2mNyRZ6sAXte/C32fi8KGJbAibuUzF2D/E/mZHClM=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:30:59 2025 by rpki-client