Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4Ja8Y_hz-XjDSjVZ3-C5cP0VzTg.roa
File: 4Ja8Y_hz-XjDSjVZ3-C5cP0VzTg.roa (raw, json)
Hash identifier: U4tZFWjqthdxdnNy3n1Pa7a1qPoxSgJ9zyqMB/cEslw=
Subject key identifier: E0:96:BC:63:F8:73:F9:78:C3:4A:35:59:DF:E0:B9:70:FD:15:CD:38
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BBE0AFB94651E54BDCC9CC708B35CD50
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4Ja8Y_hz-XjDSjVZ3-C5cP0VzTg.roa
Signing time: Wed 04 Sep 2024 07:12:30 +0000
ROA not before: Wed 04 Sep 2024 07:12:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:e0:af:b9:46:51:e5:4b:dc:c9:cc:70:8b:35:cd:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 07:12:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e096bc63f873f978c34a3559dfe0b970fd15cd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:9f:36:18:0c:a9:ca:2f:8e:3a:53:30:30:
21:f3:25:df:5b:f7:e0:ae:57:6e:47:84:4c:ec:35:
8e:18:c4:9f:26:e0:64:cc:dc:04:b1:cb:87:ad:73:
e6:db:7b:ec:20:92:f3:ad:ee:09:63:f2:ac:7b:23:
01:9e:80:ba:d3:a9:09:64:85:07:64:d7:19:7d:48:
d7:d8:38:1c:ae:01:ee:55:ff:af:95:bb:89:bf:39:
39:f6:fd:fa:d1:ee:27:f8:c5:bc:b5:07:6f:05:33:
d0:7d:64:45:ca:f1:4a:07:8c:6f:1a:a9:99:1a:b2:
29:9d:78:2d:c2:ea:e0:63:8e:27:43:4f:3c:a0:cd:
70:0f:18:a2:26:75:18:4f:cd:85:68:d3:02:de:c8:
8c:c4:bf:39:8a:4c:be:9f:72:61:a5:5c:d6:fc:ed:
a3:90:12:52:c2:c5:0e:1f:87:14:4f:91:a6:e0:6d:
ff:41:72:25:ec:2f:d5:4f:74:5b:09:aa:0a:3a:00:
9b:ec:41:72:ae:09:a5:5c:1e:8f:bb:09:8c:7a:25:
d7:73:62:28:b9:7e:d5:5e:82:4a:68:e1:84:a0:bf:
84:36:a7:a3:41:00:1c:d8:37:a2:50:5a:3a:d4:40:
65:22:ae:5a:ec:ce:37:34:58:9b:7b:22:58:fc:83:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:96:BC:63:F8:73:F9:78:C3:4A:35:59:DF:E0:B9:70:FD:15:CD:38
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4Ja8Y_hz-XjDSjVZ3-C5cP0VzTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
52:3e:7c:bc:52:2a:fa:10:86:2e:fa:58:50:cf:c3:a5:24:78:
42:bd:4f:f7:86:b3:7c:de:b9:21:d2:17:6a:5e:b2:56:ba:b8:
59:c9:ca:8a:84:8f:71:69:c7:69:56:78:fc:3e:75:c7:fc:fc:
6c:94:3a:f0:36:26:bb:ce:ae:f2:7d:19:ad:62:61:ab:94:89:
1a:f2:c7:d2:1c:b0:76:d4:bd:bc:65:08:8e:59:51:81:c8:42:
d7:5f:65:6e:b2:65:c7:d6:c3:1a:6a:e9:5c:41:43:8e:cc:c6:
84:01:0b:40:70:08:34:44:cc:79:65:cb:7b:d2:37:d3:b6:d6:
8c:39:99:48:3f:3b:c7:be:e8:5c:01:a2:94:cf:82:7b:1c:e8:
86:f2:5b:27:42:03:6b:14:c4:98:1f:1a:9c:2a:c8:9c:3d:16:
b5:ae:67:c1:28:b5:42:79:35:0b:02:cd:b3:18:0c:86:0c:e2:
2a:44:3f:9c:e0:fb:54:a1:c4:30:29:5c:a5:0b:59:84:9e:9b:
ca:ad:a5:c8:7d:12:fe:00:7f:e3:17:8c:6c:59:44:3f:39:93:
db:7b:15:ee:3b:a8:a0:cd:0e:3d:2a:f1:d8:87:b1:f7:55:ad:
51:21:b2:6f:05:83:9e:b8:ed:28:27:db:28:48:8b:c4:85:cb:
04:45:ea:92
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG74K+5RlHlS9zJzHCLNc1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MDcxMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk2YmM2M2Y4NzNmOTc4YzM0YTM1NTlkZmUwYjk3MGZkMTVjZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxGfNhgMqcovjjpTMDAh8yXfW/fg
rlduR4RM7DWOGMSfJuBkzNwEscuHrXPm23vsIJLzre4JY/KseyMBnoC606kJZIUH
ZNcZfUjX2DgcrgHuVf+vlbuJvzk59v360e4n+MW8tQdvBTPQfWRFyvFKB4xvGqmZ
GrIpnXgtwurgY44nQ088oM1wDxiiJnUYT82FaNMC3siMxL85iky+n3JhpVzW/O2j
kBJSwsUOH4cUT5Gm4G3/QXIl7C/VT3RbCaoKOgCb7EFyrgmlXB6PuwmMeiXXc2Io
uX7VXoJKaOGEoL+ENqejQQAc2DeiUFo61EBlIq5a7M43NFibeyJY/IOAbwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOCWvGP4c/l4w0o1Wd/guXD9Fc04MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNEphOFlfaHotWGpEU2pWWjMtQzVjUDBWelRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAUj58vFIq+hCGLvpYUM/DpSR4
Qr1P94azfN65IdIXal6yVrq4WcnKioSPcWnHaVZ4/D51x/z8bJQ68DYmu86u8n0Z
rWJhq5SJGvLH0hywdtS9vGUIjllRgchC119lbrJlx9bDGmrpXEFDjszGhAELQHAI
NETMeWXLe9I307bWjDmZSD87x77oXAGilM+CexzohvJbJ0IDaxTEmB8anCrInD0W
ta5nwSi1Qnk1CwLNsxgMhgziKkQ/nOD7VKHEMClcpQtZhJ6byq2lyH0S/gB/4xeM
bFlEPzmT23sV7juooM0OPSrx2Iex91WtUSGybwWDnrjtKCfbKEiLxIXLBEXqkg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:42 2025 by rpki-client