Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3kijSf3ibiTQr5nf8DkUCI3RyfE.roa
File: 3kijSf3ibiTQr5nf8DkUCI3RyfE.roa (raw, json)
Hash identifier: 52qDjrKCMBqeJA2EMmbSqqAmQrXKZznRnSIVtyKuIyc=
Subject key identifier: DE:48:A3:49:FD:E2:6E:24:D0:AF:99:DF:F0:39:14:08:8D:D1:C9:F1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192EC55D6CF82524EBBAE8901E9F754D03E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3kijSf3ibiTQr5nf8DkUCI3RyfE.roa
Signing time: Sat 02 Nov 2024 10:05:01 +0000
ROA not before: Sat 02 Nov 2024 10:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:ec55:542f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:55:d6:cf:82:52:4e:bb:ae:89:01:e9:f7:54:d0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 2 10:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de48a349fde26e24d0af99dff03914088dd1c9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:44:2b:3d:4c:0a:8e:38:ec:aa:64:00:fb:
49:7d:2c:7d:26:66:dc:57:7c:01:cf:fc:32:42:48:
c7:66:f9:2c:85:5e:11:ed:24:56:e5:49:be:96:f5:
dc:c7:53:5d:7f:d2:4c:49:15:2b:ca:24:ce:5c:4f:
e6:28:34:5d:fc:a3:b9:61:cb:ce:59:01:d9:cd:7b:
70:b0:f4:69:96:67:8f:1a:d0:92:d0:5f:19:8c:27:
6b:4f:4c:6b:42:8f:42:10:55:23:9d:58:48:6d:7c:
59:bb:8e:41:39:3d:67:30:b7:3f:b6:dc:e7:a8:94:
bc:e2:f0:d1:21:73:d7:f8:e4:59:91:22:42:75:6d:
74:1a:b6:37:ca:dc:5b:49:af:29:3f:c8:59:e4:0e:
ef:04:13:1d:8b:2c:f8:52:de:70:68:df:e5:8d:2d:
3c:fc:48:4c:93:e3:48:e8:63:a6:47:c9:de:ed:aa:
9f:ac:84:a9:9d:60:3c:c0:69:a3:34:11:44:13:3d:
64:ac:34:be:91:34:a8:78:9e:be:8f:58:5a:8c:89:
fc:99:9d:a7:6d:6b:3c:e1:7c:13:bd:7c:15:70:99:
4f:93:4d:d2:60:57:fe:16:2c:c1:8d:a9:4e:c3:4b:
0f:92:8b:be:38:2f:1b:44:89:c5:ed:b2:d1:46:6b:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:48:A3:49:FD:E2:6E:24:D0:AF:99:DF:F0:39:14:08:8D:D1:C9:F1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3kijSf3ibiTQr5nf8DkUCI3RyfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:ec55:542f/128
Signature Algorithm: sha256WithRSAEncryption
32:ab:2b:0b:5b:14:0a:2a:17:60:dc:f8:57:10:85:fb:c3:26:
91:33:ff:23:03:2c:47:83:b8:0a:4f:34:85:7b:d0:46:db:7a:
18:9c:4d:17:b9:1f:c5:09:02:4c:c9:b5:81:5a:3c:ef:72:ee:
1c:93:c4:50:94:e1:80:84:c5:7e:4e:57:d3:4d:1b:a5:85:19:
68:36:8d:99:4f:0c:92:fc:fd:c3:e5:f3:7c:a0:1d:9e:07:2c:
79:d3:13:f3:ac:87:c6:96:76:44:31:ee:43:df:33:47:89:c9:
b6:94:dd:62:56:cb:51:79:c9:3d:34:79:f1:53:70:f6:d3:38:
5a:92:dd:e9:9d:4b:ff:58:16:6e:77:f9:07:57:ee:67:0f:92:
c5:d0:db:86:95:95:ad:72:c8:f9:1d:d3:c9:c9:70:b9:c0:4d:
26:04:65:eb:ac:f5:58:73:dd:ee:3a:41:2f:bf:7a:ca:e9:09:
96:88:f9:70:db:fe:ca:8c:ab:b5:cc:d0:c3:f9:69:cb:4f:cd:
da:6a:92:2d:30:9d:0f:fa:eb:8d:49:e1:a8:ae:13:b7:63:ee:
87:58:65:06:f8:43:db:3e:d9:c9:bf:c4:94:a8:f3:3f:f6:d8:
ab:51:dc:96:be:71:57:b3:4f:20:6b:72:ee:38:e7:6b:f2:50:
1d:da:ac:89
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZLsVdbPglJOu66JAen3VNA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTAyMTAwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ4YTM0OWZkZTI2ZTI0ZDBhZjk5ZGZmMDM5MTQwODhkZDFjOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttREKz1MCo447KpkAPtJfSx9Jmbc
V3wBz/wyQkjHZvkshV4R7SRW5Um+lvXcx1Ndf9JMSRUryiTOXE/mKDRd/KO5YcvO
WQHZzXtwsPRplmePGtCS0F8ZjCdrT0xrQo9CEFUjnVhIbXxZu45BOT1nMLc/ttzn
qJS84vDRIXPX+ORZkSJCdW10GrY3ytxbSa8pP8hZ5A7vBBMdiyz4Ut5waN/ljS08
/EhMk+NI6GOmR8ne7aqfrISpnWA8wGmjNBFEEz1krDS+kTSoeJ6+j1hajIn8mZ2n
bWs84XwTvXwVcJlPk03SYFf+FizBjalOw0sPkou+OC8bRInF7bLRRmvCywIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN5Io0n94m4k0K+Z3/A5FAiN0cnxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM2tpalNmM2liaVRRcjVuZjhEa1VDSTNSeWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGS7FVULzANBgkqhkiG9w0BAQsFAAOCAQEAMqsrC1sUCioXYNz4VxCF+8Mm
kTP/IwMsR4O4Ck80hXvQRtt6GJxNF7kfxQkCTMm1gVo873LuHJPEUJThgITFfk5X
000bpYUZaDaNmU8Mkvz9w+XzfKAdngcsedMT86yHxpZ2RDHuQ98zR4nJtpTdYlbL
UXnJPTR58VNw9tM4WpLd6Z1L/1gWbnf5B1fuZw+SxdDbhpWVrXLI+R3TyclwucBN
JgRl66z1WHPd7jpBL796yukJloj5cNv+yoyrtczQw/lpy0/N2mqSLTCdD/rrjUnh
qK4Tt2Puh1hlBvhD2z7Zyb/ElKjzP/bYq1Hclr5xV7NPIGty7jjna/JQHdqsiQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:47:29 2025 by rpki-client