Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1MH4XC6xo4G38pDytuBcNtGMRGo.roa
File: 1MH4XC6xo4G38pDytuBcNtGMRGo.roa (raw, json)
Hash identifier: OPCuwSEIwQWXE7uTXowbaVaBw03dFga6EgvwihiFSSY=
Subject key identifier: D4:C1:F8:5C:2E:B1:A3:81:B7:F2:90:F2:B6:E0:5C:36:D1:8C:44:6A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01916CEA495285599063AEF61286EC92CEE1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1MH4XC6xo4G38pDytuBcNtGMRGo.roa
Signing time: Mon 19 Aug 2024 23:12:59 +0000
ROA not before: Mon 19 Aug 2024 23:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:ea:49:52:85:59:90:63:ae:f6:12:86:ec:92:ce:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 19 23:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4c1f85c2eb1a381b7f290f2b6e05c36d18c446a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ea:3f:47:44:76:7d:33:ca:24:4d:e1:c2:54:
69:98:38:10:32:e1:07:30:ef:25:c6:5a:09:51:96:
80:2c:d4:0e:f6:81:01:11:1b:ff:43:88:86:c8:b5:
23:90:12:1a:8b:bb:1a:3d:de:44:92:c8:ef:d1:01:
81:b5:2a:00:3d:e7:9e:fb:3f:ba:05:0a:b9:d8:82:
80:30:2a:a6:44:05:ce:02:27:7e:d9:6a:dd:46:80:
12:c4:ff:68:fa:58:06:b1:13:9a:11:aa:96:67:06:
5e:df:d4:08:1a:4f:e7:08:74:77:28:bc:dc:d8:38:
e5:c2:9f:33:95:61:2d:b3:ae:ee:a0:17:34:4f:f2:
28:fb:81:d2:66:31:9c:b4:d4:bb:71:4d:22:a5:5d:
87:ed:af:d5:24:59:22:29:70:30:14:29:da:f2:12:
40:fe:c1:f4:7a:5f:8a:78:f8:26:a2:5a:40:ca:bd:
39:c5:db:84:d1:31:de:84:79:0d:bf:3c:fa:be:2e:
39:d3:84:04:8e:a1:6f:e4:de:af:0a:c8:c5:54:c5:
36:fa:83:14:c5:b4:af:9b:6e:e1:d6:af:39:04:34:
ca:ca:e3:8f:de:aa:4e:c9:c3:39:df:31:bf:1a:f3:
b0:5d:03:a3:c1:05:91:b7:bc:43:71:ff:b8:b8:56:
8b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C1:F8:5C:2E:B1:A3:81:B7:F2:90:F2:B6:E0:5C:36:D1:8C:44:6A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1MH4XC6xo4G38pDytuBcNtGMRGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
92:bd:6f:37:44:03:6d:29:02:d7:6f:b2:7a:71:fd:02:99:0d:
fe:ae:fe:70:57:01:87:26:1c:cc:ad:48:46:0e:b0:f0:6c:84:
b5:61:55:2e:63:1a:ce:d2:2f:24:dc:cb:4e:fc:99:5b:59:a4:
3a:4e:2d:0b:af:b0:46:a6:f0:ff:48:c1:1a:5a:5d:ee:ba:0c:
ff:fa:84:4e:a6:11:63:19:72:e3:d0:55:55:ce:57:c3:34:7f:
0e:3f:50:80:ac:d8:f9:37:ae:4c:58:32:df:d9:99:eb:9d:f5:
08:b5:a6:bd:e5:52:d6:28:21:64:8d:fd:04:e5:1e:87:09:28:
b2:ae:13:b8:e8:79:e9:50:02:64:6f:94:6f:3f:c6:80:a8:64:
b7:ae:b5:52:5c:ce:10:a7:72:95:62:3c:13:ec:22:79:ee:7b:
a2:ef:86:17:42:d5:19:d8:03:ba:cc:fa:77:aa:81:7d:3a:d5:
92:92:91:2c:ef:e4:af:83:ac:5c:f7:a9:c6:83:14:7a:74:30:
76:10:0a:85:0c:27:94:14:7f:3b:a1:6a:15:55:61:c3:95:77:
6a:bb:05:5e:2e:45:5a:a8:3d:c9:82:97:99:7d:7f:c1:83:73:
78:c8:e8:bb:6b:e9:6b:96:31:d5:3a:d5:c5:0f:f5:a6:d8:99:
4d:9c:e7:e4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFs6klShVmQY672Eobsks7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE5MjMxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMxZjg1YzJlYjFhMzgxYjdmMjkwZjJiNmUwNWMzNmQxOGM0NDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+o/R0R2fTPKJE3hwlRpmDgQMuEH
MO8lxloJUZaALNQO9oEBERv/Q4iGyLUjkBIai7saPd5Eksjv0QGBtSoAPeee+z+6
BQq52IKAMCqmRAXOAid+2WrdRoASxP9o+lgGsROaEaqWZwZe39QIGk/nCHR3KLzc
2Djlwp8zlWEts67uoBc0T/Io+4HSZjGctNS7cU0ipV2H7a/VJFkiKXAwFCna8hJA
/sH0el+KePgmolpAyr05xduE0THehHkNvzz6vi4504QEjqFv5N6vCsjFVMU2+oMU
xbSvm27h1q85BDTKyuOP3qpOycM53zG/GvOwXQOjwQWRt7xDcf+4uFaLPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNTB+FwusaOBt/KQ8rbgXDbRjERqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMU1INFhDNnhvNEczOHBEeXR1QmNOdEdNUkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAkr1vN0QDbSkC12+yenH9ApkN
/q7+cFcBhyYczK1IRg6w8GyEtWFVLmMaztIvJNzLTvyZW1mkOk4tC6+wRqbw/0jB
Glpd7roM//qETqYRYxly49BVVc5XwzR/Dj9QgKzY+TeuTFgy39mZ6531CLWmveVS
1ighZI39BOUehwkosq4TuOh56VACZG+Ubz/GgKhkt661UlzOEKdylWI8E+wiee57
ou+GF0LVGdgDusz6d6qBfTrVkpKRLO/kr4OsXPepxoMUenQwdhAKhQwnlBR/O6Fq
FVVhw5V3arsFXi5FWqg9yYKXmX1/wYNzeMjou2vpa5Yx1TrVxQ/1ptiZTZzn5A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:04:36 2025 by rpki-client