Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dnzNjJcaKNfRkGkjp-TFaRs01Q.roa
File: 8dnzNjJcaKNfRkGkjp-TFaRs01Q.roa (raw, json)
Hash identifier: xKbHizErKdF5dtL4jXp9Vcl/3f2n0vqfaxCiTIbV30M=
Subject key identifier: F1:D9:F3:36:32:5C:68:A3:5F:46:41:A4:8E:9F:93:15:A4:6C:D3:54
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019141FE83F913ADBA12688A037D3F0338E1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dnzNjJcaKNfRkGkjp-TFaRs01Q.roa
Signing time: Sun 11 Aug 2024 15:11:24 +0000
ROA not before: Sun 11 Aug 2024 15:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:fe:83:f9:13:ad:ba:12:68:8a:03:7d:3f:03:38:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 15:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d9f336325c68a35f4641a48e9f9315a46cd354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7a:76:8a:03:2e:08:cc:f7:05:0e:73:47:9b:
bd:60:fc:a5:d6:fd:58:4e:82:cb:3a:48:11:79:1c:
19:22:ed:c3:81:80:ae:21:2d:51:f6:80:54:a4:35:
86:5a:23:35:e9:6e:5a:00:99:68:21:32:ad:e0:71:
5b:a7:22:ed:32:ea:aa:95:4a:47:9b:39:30:69:a1:
22:4e:25:07:d7:05:dd:31:6b:ad:61:a6:86:aa:77:
2e:47:93:6d:f8:8a:7e:ed:48:f5:18:6f:b1:b6:65:
9b:26:5d:97:d1:62:47:ff:1c:6a:e4:03:31:84:40:
a0:90:ab:a4:96:1d:b6:f1:3d:ff:9f:d8:43:f9:45:
2b:ac:07:fb:88:82:49:27:28:d2:21:b6:73:e9:e7:
0f:59:54:e0:24:69:cc:2e:d3:c8:ac:2c:92:75:10:
66:36:1b:c1:19:cc:02:94:63:70:37:31:c8:ea:72:
5d:d7:25:a3:e1:00:ce:0c:e1:ab:0b:f5:3e:40:47:
c0:64:fc:71:07:64:0a:0c:dd:db:93:db:ee:55:a8:
e7:fb:86:62:f8:11:6d:fc:c0:6c:79:8b:89:02:f5:
b1:66:a3:aa:bc:a9:c4:7d:57:fc:c7:ea:06:ad:4d:
6c:74:fd:32:43:d8:3c:e7:3a:32:0f:a7:53:12:da:
20:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D9:F3:36:32:5C:68:A3:5F:46:41:A4:8E:9F:93:15:A4:6C:D3:54
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dnzNjJcaKNfRkGkjp-TFaRs01Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5b:61:99:92:8b:2e:09:59:97:45:db:33:4e:2d:80:ea:05:2d:
71:99:38:e3:6a:7e:b4:41:06:9f:2b:ac:3f:bf:7d:82:d7:41:
b4:42:c8:1c:5d:cf:b0:a2:7b:da:25:24:be:d6:0d:ec:05:84:
ff:dd:b3:c8:43:28:ea:b3:8c:61:57:20:27:e6:06:57:87:ea:
91:60:a1:a1:24:ac:da:d4:a4:0d:b1:20:ae:82:85:b6:c2:ef:
28:25:bb:b8:d2:b3:45:cd:9c:61:3d:59:20:39:ae:d4:d6:cc:
57:f9:d5:fb:79:9e:48:20:bd:a3:0c:52:d6:1c:3e:02:f9:b9:
a1:f2:81:11:8f:1f:65:0e:80:ab:a3:14:c6:0c:99:8d:2d:e2:
61:56:37:8f:ae:0c:57:2e:ec:88:85:d1:2e:f4:61:88:00:ec:
8c:c3:b0:f0:e2:3c:7a:40:f9:eb:fa:31:7a:bf:10:5e:08:70:
90:ea:a6:80:8c:e8:9d:13:69:d8:75:f0:a7:79:96:f3:45:d1:
a9:57:22:0b:48:27:07:8c:97:92:1f:75:7f:c6:84:e8:6e:90:
08:2a:12:c7:17:ea:d6:e3:53:67:c8:3b:50:ac:dc:48:27:b1:
4b:6b:84:7c:3e:87:fc:d5:d9:23:05:6f:0c:21:71:99:04:38:
bb:6a:45:c4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFB/oP5E626EmiKA30/AzjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMTUxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ5ZjMzNjMyNWM2OGEzNWY0NjQxYTQ4ZTlmOTMxNWE0NmNkMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3p2igMuCMz3BQ5zR5u9YPyl1v1Y
ToLLOkgReRwZIu3DgYCuIS1R9oBUpDWGWiM16W5aAJloITKt4HFbpyLtMuqqlUpH
mzkwaaEiTiUH1wXdMWutYaaGqncuR5Nt+Ip+7Uj1GG+xtmWbJl2X0WJH/xxq5AMx
hECgkKuklh228T3/n9hD+UUrrAf7iIJJJyjSIbZz6ecPWVTgJGnMLtPIrCySdRBm
NhvBGcwClGNwNzHI6nJd1yWj4QDODOGrC/U+QEfAZPxxB2QKDN3bk9vuVajn+4Zi
+BFt/MBseYuJAvWxZqOqvKnEfVf8x+oGrU1sdP0yQ9g85zoyD6dTEtogFwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPHZ8zYyXGijX0ZBpI6fkxWkbNNUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOGRuek5qSmNhS05mUmtHa2pwLVRGYVJzMDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAW2GZkosuCVmXRdszTi2A6gUt
cZk442p+tEEGnyusP799gtdBtELIHF3PsKJ72iUkvtYN7AWE/92zyEMo6rOMYVcg
J+YGV4fqkWChoSSs2tSkDbEgroKFtsLvKCW7uNKzRc2cYT1ZIDmu1NbMV/nV+3me
SCC9owxS1hw+Avm5ofKBEY8fZQ6Aq6MUxgyZjS3iYVY3j64MVy7siIXRLvRhiADs
jMOw8OI8ekD56/oxer8QXghwkOqmgIzonRNp2HXwp3mW80XRqVciC0gnB4yXkh91
f8aE6G6QCCoSxxfq1uNTZ8g7UKzcSCexS2uEfD6H/NXZIwVvDCFxmQQ4u2pFxA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:41:57 2025 by rpki-client