Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4vuBuWF18oV1h3SawVngh0i3zhc.roa
File: 4vuBuWF18oV1h3SawVngh0i3zhc.roa (raw, json)
Hash identifier: N43AFE072LLqDKZxnW/IyozzAetnqIDvHrtG2AT2154=
Subject key identifier: E2:FB:81:B9:61:75:F2:85:75:87:74:9A:C1:59:E0:87:48:B7:CE:17
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01918CAC86A2019B48BBDBFAC5FF4577CFF4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4vuBuWF18oV1h3SawVngh0i3zhc.roa
Signing time: Mon 26 Aug 2024 03:13:22 +0000
ROA not before: Mon 26 Aug 2024 03:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8c:ac:86:a2:01:9b:48:bb:db:fa:c5:ff:45:77:cf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 26 03:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2fb81b96175f2857587749ac159e08748b7ce17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:e0:45:0b:fb:25:d6:3c:2f:1b:4a:27:3e:
30:84:33:f4:28:d1:d3:48:d1:3c:6e:5f:c1:5b:5b:
a8:4e:15:32:c1:3d:83:42:c8:31:4a:04:1e:10:d2:
6a:2a:af:24:4e:36:2b:23:11:1c:b2:48:61:7c:ea:
93:d2:58:d9:94:c7:bb:9f:cb:37:8e:38:9e:14:94:
6a:60:25:5d:35:0e:cd:01:0d:fe:58:33:06:a0:37:
bd:1e:81:d3:b4:52:8a:58:24:eb:81:d0:dd:93:a6:
40:4f:65:4c:04:dd:c3:db:ef:13:5f:45:9e:57:6b:
1e:1c:38:a5:d9:2f:c7:49:79:f4:63:a2:6e:36:32:
34:88:82:10:77:48:e1:8d:a2:13:77:be:b5:2b:e3:
01:ff:80:9d:73:90:da:9a:35:f1:21:57:50:8d:5c:
51:87:9c:f9:2b:3d:a3:3f:2a:08:4b:db:95:41:50:
3b:93:7b:d9:2c:39:ab:48:2e:01:dc:86:31:14:ad:
eb:17:be:22:d0:83:b4:67:f2:81:f4:95:80:6d:0b:
98:e2:a3:53:ed:b6:33:53:cc:e0:9e:3a:28:0b:86:
20:bb:66:f0:e8:44:bd:b8:f9:8e:87:c2:d6:60:65:
1e:4a:14:eb:96:fc:2d:3a:f0:bb:27:5f:69:a2:43:
29:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FB:81:B9:61:75:F2:85:75:87:74:9A:C1:59:E0:87:48:B7:CE:17
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4vuBuWF18oV1h3SawVngh0i3zhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
49:81:a1:09:79:05:57:b4:d3:7b:92:bb:9d:00:31:0d:5a:39:
bb:60:27:a9:0c:ff:1a:55:72:dc:4b:05:6b:71:ce:21:95:35:
2d:73:15:a6:45:b3:a3:29:e8:19:bc:84:52:2e:d7:b0:1c:e3:
8d:6d:75:ea:82:0a:51:6a:65:8f:b5:e0:5d:f0:a0:5f:00:60:
a8:82:c8:b6:8a:ef:2a:c2:cf:f5:ff:0d:c0:ef:57:17:a6:fd:
6e:53:73:c2:80:3e:4e:8c:90:69:89:a2:f5:60:38:1a:0e:a6:
74:6e:c4:5f:bd:d6:ed:ee:c0:6e:38:2e:aa:8b:62:4a:42:3b:
c6:a3:2d:f0:13:c8:95:48:c3:fe:10:8b:92:35:25:fd:6b:2e:
23:ac:63:9b:ed:b3:5c:a4:2e:b4:d2:48:5c:f1:c9:f7:4f:91:
36:e1:7f:fe:2f:43:88:96:72:0b:8d:58:c3:98:75:fd:e8:69:
cd:f8:57:87:cb:78:23:18:99:f5:3f:fc:19:d6:19:c5:2e:63:
fb:f3:3c:e8:82:78:0e:7f:cb:d0:48:e5:c7:59:c6:bc:e8:d8:
1a:c3:a5:6d:7d:c7:0a:cc:c4:19:e0:88:1f:36:e6:af:e3:43:
16:1c:05:91:4f:e8:57:1d:af:bc:cd:4f:5b:03:8b:d9:23:ee:
3c:49:53:e8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGMrIaiAZtIu9v6xf9Fd8/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI2MDMxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZiODFiOTYxNzVmMjg1NzU4Nzc0OWFjMTU5ZTA4NzQ4YjdjZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1zgRQv7JdY8LxtKJz4whDP0KNHT
SNE8bl/BW1uoThUywT2DQsgxSgQeENJqKq8kTjYrIxEcskhhfOqT0ljZlMe7n8s3
jjieFJRqYCVdNQ7NAQ3+WDMGoDe9HoHTtFKKWCTrgdDdk6ZAT2VMBN3D2+8TX0We
V2seHDil2S/HSXn0Y6JuNjI0iIIQd0jhjaITd761K+MB/4Cdc5DamjXxIVdQjVxR
h5z5Kz2jPyoIS9uVQVA7k3vZLDmrSC4B3IYxFK3rF74i0IO0Z/KB9JWAbQuY4qNT
7bYzU8zgnjooC4Ygu2bw6ES9uPmOh8LWYGUeShTrlvwtOvC7J19pokMpwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOL7gblhdfKFdYd0msFZ4IdIt84XMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHZ1QnVXRjE4b1YxaDNTYXdWbmdoMGkzemhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEASYGhCXkFV7TTe5K7nQAxDVo5
u2AnqQz/GlVy3EsFa3HOIZU1LXMVpkWzoynoGbyEUi7XsBzjjW116oIKUWplj7Xg
XfCgXwBgqILItorvKsLP9f8NwO9XF6b9blNzwoA+ToyQaYmi9WA4Gg6mdG7EX73W
7e7AbjguqotiSkI7xqMt8BPIlUjD/hCLkjUl/WsuI6xjm+2zXKQutNJIXPHJ90+R
NuF//i9DiJZyC41Yw5h1/ehpzfhXh8t4IxiZ9T/8GdYZxS5j+/M86IJ4Dn/L0Ejl
x1nGvOjYGsOlbX3HCszEGeCIHzbmr+NDFhwFkU/oVx2vvM1PWwOL2SPuPElT6A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:52:14 2025 by rpki-client