Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3ci8bBoII4HpgVxflUNUl9H4kE4.roa
File: 3ci8bBoII4HpgVxflUNUl9H4kE4.roa (raw, json)
Hash identifier: 09hzXDsiwL+M9CsieTG8A6luc37NvabzqYrw3Phb7W8=
Subject key identifier: DD:C8:BC:6C:1A:08:23:81:E9:81:5C:5F:95:43:54:97:D1:F8:90:4E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191979B4BCA59D910A72460A82EF57B0EEF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3ci8bBoII4HpgVxflUNUl9H4kE4.roa
Signing time: Wed 28 Aug 2024 06:10:22 +0000
ROA not before: Wed 28 Aug 2024 06:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:9b:4b:ca:59:d9:10:a7:24:60:a8:2e:f5:7b:0e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 28 06:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddc8bc6c1a082381e9815c5f95435497d1f8904e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:14:f6:03:bc:ab:ce:9c:6e:58:e4:f0:57:4c:
e9:ca:b4:6e:03:e7:21:f2:7b:ef:b5:c3:1c:8e:42:
71:74:b0:aa:7f:04:6d:30:79:5b:7b:36:93:eb:54:
b3:21:c5:c3:d2:b4:76:e3:f8:e4:47:b4:5b:f3:a5:
c1:1e:b8:38:6c:46:05:47:0d:bf:84:3d:13:85:de:
6a:d7:d1:b4:a8:a9:55:19:62:5d:c3:c4:bd:e1:2c:
b4:39:29:a4:bc:d8:9f:26:7c:0b:f7:a6:77:6e:ad:
14:9f:2d:14:2b:a8:ba:86:b3:c2:2c:e9:83:b9:26:
4c:0e:53:3b:57:54:6a:f9:7f:bb:a2:e8:03:a6:36:
5f:5c:3e:9b:63:67:d8:05:3f:9d:18:cc:f1:0f:f3:
27:95:d3:2d:d9:71:f0:6d:be:24:90:23:d2:ec:45:
01:5e:97:06:05:60:b7:01:f2:e7:6c:ee:f3:fc:fd:
94:e7:1f:78:bf:7b:27:66:87:99:80:09:cc:ed:09:
01:56:bb:12:3b:05:e0:b6:97:08:e2:29:4d:ba:a1:
9f:aa:f6:10:bf:d4:b0:0c:09:56:e1:e9:c7:71:0a:
dc:f5:f7:1d:37:b4:40:b1:63:bb:03:3c:54:ab:7c:
50:b1:a4:9f:bc:bf:d9:01:55:09:45:ce:21:b0:dc:
45:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:BC:6C:1A:08:23:81:E9:81:5C:5F:95:43:54:97:D1:F8:90:4E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3ci8bBoII4HpgVxflUNUl9H4kE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
53:4b:c6:43:be:77:0a:a3:9b:f9:76:e0:b7:22:2f:d1:18:fa:
b4:c2:53:73:cf:55:5c:40:56:23:52:24:0c:bb:4b:52:d8:8e:
d5:3f:17:92:51:dc:d3:2f:0a:9b:ff:84:da:b0:69:45:40:01:
2b:a9:6f:1e:67:4b:ec:c1:50:47:6f:04:21:d0:a5:e3:a3:01:
61:f3:76:c1:41:20:f8:4d:62:80:ea:d9:8c:0f:b5:50:29:31:
51:2e:16:18:b9:59:e6:49:0b:57:06:85:fc:2e:af:15:c3:d7:
88:e6:11:54:20:6a:98:46:bf:84:17:db:5e:8a:b6:4c:69:25:
75:65:40:c9:88:60:e2:4d:5b:51:5f:21:1e:be:95:47:00:c9:
3e:fa:f2:51:ae:9e:95:4c:82:51:13:76:a2:34:e6:be:dc:d7:
81:b4:6d:2e:c0:16:77:84:95:0c:f8:f1:51:df:a6:6e:07:1d:
68:ed:da:4f:3c:20:f3:22:b2:fd:7a:ed:ea:61:cb:63:4e:e6:
df:ca:d9:b9:11:56:cb:7d:f9:fd:88:3a:12:c2:36:6b:07:40:
d1:f6:e6:67:57:93:4f:e3:11:d7:9f:98:c2:1a:45:30:bf:43:
b8:3f:e5:69:7d:8c:a1:e1:5b:bc:46:48:4c:f1:a1:a6:57:3d:
65:24:ed:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGXm0vKWdkQpyRgqC71ew7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI4MDYxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM4YmM2YzFhMDgyMzgxZTk4MTVjNWY5NTQzNTQ5N2QxZjg5MDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xT2A7yrzpxuWOTwV0zpyrRuA+ch
8nvvtcMcjkJxdLCqfwRtMHlbezaT61SzIcXD0rR24/jkR7Rb86XBHrg4bEYFRw2/
hD0Thd5q19G0qKlVGWJdw8S94Sy0OSmkvNifJnwL96Z3bq0Uny0UK6i6hrPCLOmD
uSZMDlM7V1Rq+X+7ougDpjZfXD6bY2fYBT+dGMzxD/MnldMt2XHwbb4kkCPS7EUB
XpcGBWC3AfLnbO7z/P2U5x94v3snZoeZgAnM7QkBVrsSOwXgtpcI4ilNuqGfqvYQ
v9SwDAlW4enHcQrc9fcdN7RAsWO7AzxUq3xQsaSfvL/ZAVUJRc4hsNxFzwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN3IvGwaCCOB6YFcX5VDVJfR+JBOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM2NpOGJCb0lJNEhwZ1Z4ZmxVTlVsOUg0a0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAU0vGQ753CqOb+XbgtyIv0Rj6
tMJTc89VXEBWI1IkDLtLUtiO1T8XklHc0y8Km/+E2rBpRUABK6lvHmdL7MFQR28E
IdCl46MBYfN2wUEg+E1igOrZjA+1UCkxUS4WGLlZ5kkLVwaF/C6vFcPXiOYRVCBq
mEa/hBfbXoq2TGkldWVAyYhg4k1bUV8hHr6VRwDJPvryUa6elUyCURN2ojTmvtzX
gbRtLsAWd4SVDPjxUd+mbgcdaO3aTzwg8yKy/Xrt6mHLY07m38rZuRFWy335/Yg6
EsI2awdA0fbmZ1eTT+MR15+YwhpFML9DuD/laX2MoeFbvEZITPGhplc9ZSTtIA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:13:04 2025 by rpki-client