Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3R8xlrZjB1FfgfAKhHc3RhkgfdU.roa
File: 3R8xlrZjB1FfgfAKhHc3RhkgfdU.roa (raw, json)
Hash identifier: 4nmSW1UEfrIoeFMLXUvzpX4SgXGHpos/V3FVkvvLBMc=
Subject key identifier: DD:1F:31:96:B6:63:07:51:5F:81:F0:0A:84:77:37:46:19:20:7D:D5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019420E4E4B0AC16DF3F9509839DE3048B3E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3R8xlrZjB1FfgfAKhHc3RhkgfdU.roa
Signing time: Wed 01 Jan 2025 08:04:19 +0000
ROA not before: Wed 01 Jan 2025 08:04:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:20e4:c882/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:e4:e4:b0:ac:16:df:3f:95:09:83:9d:e3:04:8b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 1 08:04:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd1f3196b66307515f81f00a8477374619207dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:d4:0f:c9:56:60:1f:04:ae:bc:67:e7:00:
b5:20:98:ca:aa:fb:fb:52:2b:2b:3f:09:e9:51:cd:
48:66:7d:0e:69:13:c3:98:eb:34:53:1f:42:19:85:
55:0e:d6:1e:76:67:47:0d:d7:d2:33:d4:bf:35:17:
44:6e:2c:10:29:be:66:7b:4d:a3:a8:04:e7:09:48:
89:eb:31:1e:7d:77:7d:04:c7:02:13:63:d0:c3:36:
88:8c:d9:79:6a:ae:a5:a5:1e:03:d7:15:ed:00:c9:
75:17:d1:96:b8:39:b7:35:d4:f8:81:03:33:46:be:
24:ac:26:45:ce:23:9a:59:5c:c1:d3:70:64:c0:f9:
36:59:a7:ab:34:dd:d5:03:dd:e5:a4:0d:13:e6:5a:
39:e4:a5:72:ed:2c:0a:55:6d:a9:a6:68:3a:39:db:
46:7b:2b:c7:c8:7d:a0:b9:f3:a8:dc:3b:83:bf:9c:
f8:fc:21:4c:77:a2:17:dd:ae:ab:4e:ad:c5:08:94:
a1:04:b6:f3:ac:2d:7d:eb:1e:62:16:22:8d:62:ee:
15:af:9f:b4:ad:e2:18:6a:c2:ac:2a:05:a4:3e:08:
a4:63:1c:15:83:14:06:54:2c:08:12:f6:87:d4:cb:
12:ab:dc:f9:dd:91:3d:da:69:65:32:0b:0f:d0:84:
b8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1F:31:96:B6:63:07:51:5F:81:F0:0A:84:77:37:46:19:20:7D:D5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3R8xlrZjB1FfgfAKhHc3RhkgfdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:20e4:c882/128
Signature Algorithm: sha256WithRSAEncryption
6c:51:0b:5b:72:3a:52:1d:62:df:a0:78:43:1d:6c:29:17:45:
ec:3f:6b:26:aa:f4:01:34:0a:86:54:87:d4:6c:2b:73:86:10:
bd:f8:30:24:b5:11:e5:f3:d1:0f:5b:9c:d0:51:dc:5a:0a:20:
7d:d7:8f:f5:d0:4d:9b:1d:3a:04:39:7b:98:e5:7c:bb:2e:0c:
45:66:e6:7f:9c:46:23:9a:79:25:a2:bc:59:41:b9:63:98:e0:
be:aa:82:69:e8:a2:67:42:b8:de:0a:12:30:41:bb:c0:3c:ab:
30:e4:cb:ed:38:a6:f8:7f:fa:32:39:07:0c:0b:c7:f6:9e:07:
35:c1:68:f0:af:08:41:b6:93:32:05:09:bc:d6:1e:9d:80:2a:
f2:07:14:90:28:fc:14:ae:d9:e1:b6:a2:98:5b:be:47:0b:b7:
20:75:fc:7a:57:0c:51:29:ea:0d:0f:f3:09:cf:95:4d:f1:1c:
64:eb:38:14:5a:b4:1d:36:14:b6:a3:2a:e1:ba:d8:16:37:98:
74:fc:35:4e:3c:c5:6e:de:74:e7:88:ad:b8:bb:82:74:21:40:
84:b5:b9:3d:1b:c9:44:ae:08:2c:08:02:a6:af:1f:dc:c0:df:
78:62:ce:1f:92:68:5e:45:62:a3:25:86:4a:86:fb:3e:55:50:
fc:12:ab:44
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQg5OSwrBbfP5UJg53jBIs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTAxMDgwNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFmMzE5NmI2NjMwNzUxNWY4MWYwMGE4NDc3Mzc0NjE5MjA3ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGrUD8lWYB8Errxn5wC1IJjKqvv7
UisrPwnpUc1IZn0OaRPDmOs0Ux9CGYVVDtYedmdHDdfSM9S/NRdEbiwQKb5me02j
qATnCUiJ6zEefXd9BMcCE2PQwzaIjNl5aq6lpR4D1xXtAMl1F9GWuDm3NdT4gQMz
Rr4krCZFziOaWVzB03BkwPk2WaerNN3VA93lpA0T5lo55KVy7SwKVW2ppmg6OdtG
eyvHyH2gufOo3DuDv5z4/CFMd6IX3a6rTq3FCJShBLbzrC196x5iFiKNYu4Vr5+0
reIYasKsKgWkPgikYxwVgxQGVCwIEvaH1MsSq9z53ZE92mllMgsP0IS4qwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN0fMZa2YwdRX4HwCoR3N0YZIH3VMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM1I4eGxyWmpCMUZmZ2ZBS2hIYzNSaGtnZmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUIOTIgjANBgkqhkiG9w0BAQsFAAOCAQEAbFELW3I6Uh1i36B4Qx1sKRdF
7D9rJqr0ATQKhlSH1Gwrc4YQvfgwJLUR5fPRD1uc0FHcWgogfdeP9dBNmx06BDl7
mOV8uy4MRWbmf5xGI5p5JaK8WUG5Y5jgvqqCaeiiZ0K43goSMEG7wDyrMOTL7Tim
+H/6MjkHDAvH9p4HNcFo8K8IQbaTMgUJvNYenYAq8gcUkCj8FK7Z4baimFu+Rwu3
IHX8elcMUSnqDQ/zCc+VTfEcZOs4FFq0HTYUtqMq4brYFjeYdPw1TjzFbt5054it
uLuCdCFAhLW5PRvJRK4ILAgCpq8f3MDfeGLOH5JoXkVioyWGSob7PlVQ/BKrRA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:20:00 2025 by rpki-client