Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5jP6XP1uagUoE06vOszho8hg0nM.roa
File: 5jP6XP1uagUoE06vOszho8hg0nM.roa (raw, json)
Hash identifier: e/QG+1OaLwJnTxIZM7LyXIwHkuU3QOP6CNsF7VQXf3s=
Subject key identifier: E6:33:FA:5C:FD:6E:6A:05:28:13:4E:AF:3A:CC:E1:A3:C8:60:D2:73
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DC47A63729FB4B5F87020340595A0D38
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5jP6XP1uagUoE06vOszho8hg0nM.roa
Signing time: Tue 10 Sep 2024 14:12:48 +0000
ROA not before: Tue 10 Sep 2024 14:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:47:a6:37:29:fb:4b:5f:87:02:03:40:59:5a:0d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 14:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e633fa5cfd6e6a0528134eaf3acce1a3c860d273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:43:4d:f8:4b:dc:ef:b7:92:2d:68:c8:39:fe:
7f:2d:7e:fa:e9:1a:58:88:e2:7c:91:3a:24:b2:83:
3e:f1:b7:7a:e2:33:81:53:87:85:5e:7f:6a:93:1b:
a8:f9:5b:7f:f9:f3:6c:e7:ae:15:ad:f8:d1:a7:34:
35:b1:91:d9:e2:4e:76:d1:26:65:17:3a:b0:97:a1:
43:3e:d3:2d:12:2b:93:ee:aa:ac:f4:c3:20:6e:90:
4a:1b:74:83:9f:38:57:b8:69:b7:37:4c:4e:0b:70:
8d:47:12:b3:90:9d:04:77:b0:54:a5:25:45:72:70:
d3:92:f6:a2:8b:bd:0d:6a:6b:ad:d5:3a:74:35:b7:
22:66:b9:89:a5:2e:96:2a:d5:10:91:bf:ad:43:be:
db:dd:b1:0f:f8:9d:dd:18:f0:0b:f3:f6:d2:e1:57:
65:c9:99:9f:d3:7d:35:e4:8e:7f:ba:74:88:31:4b:
f3:93:f1:30:db:c3:80:ed:5a:19:5d:cb:ba:69:91:
4c:c6:90:3c:59:6b:c3:09:19:ee:28:b7:3a:a7:70:
be:02:4c:f3:73:b6:db:b0:34:79:32:41:3b:a0:b9:
31:f1:12:9e:66:c8:74:8b:0f:0d:6e:19:75:97:b9:
99:5b:1e:68:02:bc:46:10:ca:a1:c3:2d:94:6c:50:
3e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:33:FA:5C:FD:6E:6A:05:28:13:4E:AF:3A:CC:E1:A3:C8:60:D2:73
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5jP6XP1uagUoE06vOszho8hg0nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
1b:d2:c3:f3:84:64:de:3d:b5:e0:24:07:df:67:c7:15:29:b1:
ec:9b:99:53:03:fe:66:21:7e:86:57:02:b9:f2:78:a4:2e:f8:
f2:79:2c:ea:3d:18:7a:12:d7:cf:a7:38:97:bc:81:fd:2e:f9:
bd:37:d0:9c:8f:43:1d:f3:f9:89:5b:75:50:86:a4:21:db:e0:
f1:27:5b:17:de:cd:30:93:a8:51:6b:ce:a8:3c:9f:d0:cb:ce:
02:74:ba:49:ad:49:9c:0f:59:01:ee:ef:3e:94:dc:99:b5:6d:
7a:60:e1:a7:d4:ac:f8:ee:4e:e1:10:8d:43:21:40:0d:ad:62:
f7:51:1e:4f:1e:ab:4a:01:35:64:a5:6e:5a:5f:13:e5:ce:27:
b8:12:a7:76:6a:2c:52:9c:60:b5:9f:27:30:6b:7b:75:26:70:
a5:f9:40:48:4b:04:13:f0:9e:51:39:d4:84:c7:a5:83:ac:b8:
85:ce:54:e2:f0:10:1f:46:d3:34:d1:9c:cd:76:41:49:00:c8:
d5:be:52:28:a3:7a:94:76:07:26:cc:ea:78:8a:24:32:f8:a7:
51:8b:84:0e:8b:f8:0d:03:f6:b2:f5:eb:2e:43:6c:15:6a:7c:
00:53:6f:61:b2:11:f7:22:f7:a3:ad:76:4d:e5:6a:fe:3e:06:
5d:02:61:c8
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHcR6Y3KftLX4cCA0BZWg04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMTQxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjMzZmE1Y2ZkNmU2YTA1MjgxMzRlYWYzYWNjZTFhM2M4NjBkMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzENN+Evc77eSLWjIOf5/LX766RpY
iOJ8kToksoM+8bd64jOBU4eFXn9qkxuo+Vt/+fNs564VrfjRpzQ1sZHZ4k520SZl
Fzqwl6FDPtMtEiuT7qqs9MMgbpBKG3SDnzhXuGm3N0xOC3CNRxKzkJ0Ed7BUpSVF
cnDTkvaii70Namut1Tp0NbciZrmJpS6WKtUQkb+tQ77b3bEP+J3dGPAL8/bS4Vdl
yZmf03015I5/unSIMUvzk/Ew28OA7VoZXcu6aZFMxpA8WWvDCRnuKLc6p3C+Akzz
c7bbsDR5MkE7oLkx8RKeZsh0iw8Nbhl1l7mZWx5oArxGEMqhwy2UbFA+awIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOYz+lz9bmoFKBNOrzrM4aPIYNJzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNWpQNlhQMXVhZ1VvRTA2dk9zemhvOGhnMG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQAb0sPzhGTePbXgJAffZ8cVKbHsm5lTA/5mIX6G
VwK58nikLvjyeSzqPRh6EtfPpziXvIH9Lvm9N9Ccj0Md8/mJW3VQhqQh2+DxJ1sX
3s0wk6hRa86oPJ/Qy84CdLpJrUmcD1kB7u8+lNyZtW16YOGn1Kz47k7hEI1DIUAN
rWL3UR5PHqtKATVkpW5aXxPlzie4Eqd2aixSnGC1nycwa3t1JnCl+UBISwQT8J5R
OdSEx6WDrLiFzlTi8BAfRtM00ZzNdkFJAMjVvlIoo3qUdgcmzOp4iiQy+KdRi4QO
i/gNA/ay9esuQ2wVanwAU29hshH3IvejrXZN5Wr+PgZdAmHI
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:10:39 2025 by rpki-client