Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5R02nFvLXy4BJLZbQUoiDYmqJTQ.roa
File: 5R02nFvLXy4BJLZbQUoiDYmqJTQ.roa (raw, json)
Hash identifier: SasfZfFliUkhUAKqzX5Pj3BT0YIa9gSAGbU6ISOLGU8=
Subject key identifier: E5:1D:36:9C:5B:CB:5F:2E:01:24:B6:5B:41:4A:22:0D:89:AA:25:34
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191370DEC2D0F55B7CC826CF67CDA83E8D7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5R02nFvLXy4BJLZbQUoiDYmqJTQ.roa
Signing time: Fri 09 Aug 2024 12:12:24 +0000
ROA not before: Fri 09 Aug 2024 12:12:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:0d:ec:2d:0f:55:b7:cc:82:6c:f6:7c:da:83:e8:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 9 12:12:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e51d369c5bcb5f2e0124b65b414a220d89aa2534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:09:3c:4b:0f:32:ce:51:fb:98:b0:4e:f0:be:
8c:5e:08:19:6d:51:c2:fd:c0:6d:a1:0a:3f:37:2a:
c6:78:15:c9:20:6a:f1:b0:18:ed:93:0c:39:e6:a8:
66:7b:6c:99:95:ee:39:0e:4e:77:fe:fb:99:9e:c5:
f5:2a:de:d8:3c:3e:a5:c7:34:1b:6b:d7:46:9c:61:
17:20:32:86:4c:0c:eb:7b:ba:28:2d:33:4d:54:25:
21:73:b2:89:87:51:50:75:00:bf:de:aa:1b:b4:31:
1f:e2:c0:d2:a6:99:3c:a7:84:57:6c:ff:ee:78:4e:
c6:ef:89:08:71:b1:0e:ff:c7:db:10:7a:b6:cf:a5:
27:fa:5b:76:53:d9:6f:fa:8d:bb:cb:bb:ea:9c:68:
16:7b:72:62:de:48:cc:12:63:c5:f7:1c:f7:40:06:
65:04:60:d9:1f:24:4c:bd:85:19:d6:3d:46:03:01:
82:e7:da:64:08:e1:23:ae:b9:bf:0f:15:23:04:a2:
1a:7e:7a:d0:0a:91:8b:7b:70:a6:fa:27:b0:0d:ab:
b5:0e:82:64:d0:04:0b:cc:fc:56:ea:91:04:87:fa:
74:69:80:17:88:4c:27:c5:61:07:b4:64:78:c3:f7:
0c:ff:e0:80:2a:24:6d:e5:b2:57:56:48:38:d1:f7:
12:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:36:9C:5B:CB:5F:2E:01:24:B6:5B:41:4A:22:0D:89:AA:25:34
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5R02nFvLXy4BJLZbQUoiDYmqJTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
61:b2:21:b8:31:e7:96:cc:2a:c6:9e:ef:0f:c4:da:76:57:fa:
5c:7d:92:d5:b0:81:57:ca:a5:a3:ea:13:47:bc:ab:40:51:1d:
59:d1:68:c9:a1:da:12:1a:c9:57:65:bf:cd:a4:fb:36:9c:0a:
c5:e1:2f:fa:65:bf:e3:41:c1:27:bb:c5:c3:ad:b6:37:c7:d0:
52:5c:5b:0a:29:c1:49:34:fb:ee:38:5c:1e:9f:41:50:14:b6:
2f:3d:58:75:fb:d8:38:96:5e:2e:27:d5:64:9f:d8:c1:fc:07:
88:40:5c:84:42:32:e2:10:0f:dd:79:bc:1e:c5:2b:72:d7:eb:
af:9b:e2:d2:94:74:e6:b9:0b:e9:d0:8b:fb:12:73:32:72:05:
01:9a:9a:e2:74:90:58:8f:57:5b:b0:ba:df:91:df:66:c7:4f:
ff:77:d4:28:fe:38:ce:47:e2:42:21:31:cf:47:32:f6:f9:25:
26:d5:13:24:18:e4:d0:15:c6:c8:af:d0:58:ea:87:ad:45:f0:
55:c1:0b:3b:fb:01:4a:1f:79:a0:3d:e6:46:56:6c:a0:71:2a:
12:2c:2d:41:e1:18:1d:d9:5b:e8:5d:b3:26:b6:c7:c6:89:18:
d7:29:d9:cc:da:92:ad:78:6b:14:94:8f:73:d1:98:d1:1f:ac:
4d:2d:3c:f8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE3DewtD1W3zIJs9nzag+jXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA5MTIxMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkMzY5YzViY2I1ZjJlMDEyNGI2NWI0MTRhMjIwZDg5YWEyNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wk8Sw8yzlH7mLBO8L6MXggZbVHC
/cBtoQo/NyrGeBXJIGrxsBjtkww55qhme2yZle45Dk53/vuZnsX1Kt7YPD6lxzQb
a9dGnGEXIDKGTAzre7ooLTNNVCUhc7KJh1FQdQC/3qobtDEf4sDSppk8p4RXbP/u
eE7G74kIcbEO/8fbEHq2z6Un+lt2U9lv+o27y7vqnGgWe3Ji3kjMEmPF9xz3QAZl
BGDZHyRMvYUZ1j1GAwGC59pkCOEjrrm/DxUjBKIafnrQCpGLe3Cm+iewDau1DoJk
0AQLzPxW6pEEh/p0aYAXiEwnxWEHtGR4w/cM/+CAKiRt5bJXVkg40fcS3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOUdNpxby18uASS2W0FKIg2JqiU0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNVIwMm5GdkxYeTRCSkxaYlFVb2lEWW1xSlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYbIhuDHnlswqxp7vD8Tadlf6
XH2S1bCBV8qlo+oTR7yrQFEdWdFoyaHaEhrJV2W/zaT7NpwKxeEv+mW/40HBJ7vF
w622N8fQUlxbCinBSTT77jhcHp9BUBS2Lz1YdfvYOJZeLifVZJ/YwfwHiEBchEIy
4hAP3Xm8HsUrctfrr5vi0pR05rkL6dCL+xJzMnIFAZqa4nSQWI9XW7C635HfZsdP
/3fUKP44zkfiQiExz0cy9vklJtUTJBjk0BXGyK/QWOqHrUXwVcELO/sBSh95oD3m
RlZsoHEqEiwtQeEYHdlb6F2zJrbHxokY1ynZzNqSrXhrFJSPc9GY0R+sTS08+A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:34:47 2025 by rpki-client