Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bLHN9jtxjfI82xvFYUOEgmEax0.roa
File: 9bLHN9jtxjfI82xvFYUOEgmEax0.roa (raw, json)
Hash identifier: A+kNqFhYmg7WmlmGNJ3ClXeT5ij8PyYQR/3fG7iL1rA=
Subject key identifier: F5:B2:C7:37:D8:ED:C6:37:C8:F3:6C:6F:15:85:0E:12:09:84:6B:1D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DCB583FA7830630CDA502C8D8BA7C1EE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bLHN9jtxjfI82xvFYUOEgmEax0.roa
Signing time: Tue 10 Sep 2024 16:12:48 +0000
ROA not before: Tue 10 Sep 2024 16:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:b5:83:fa:78:30:63:0c:da:50:2c:8d:8b:a7:c1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 16:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b2c737d8edc637c8f36c6f15850e1209846b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:31:42:33:0c:55:ef:92:59:5c:dd:1a:bc:
d1:c0:05:ea:77:b1:f3:ba:95:ea:e4:5e:25:f7:77:
58:c4:f7:cb:0e:75:30:c4:af:44:47:ca:bc:df:02:
9b:2b:7b:4c:07:4b:33:33:45:0f:1e:1f:2d:98:c4:
39:7a:f1:14:a4:7f:72:da:32:00:7b:5b:8f:d5:c8:
f8:fb:21:6e:ae:61:66:2f:21:10:20:19:0a:fa:51:
fd:0b:5f:37:6c:e8:32:c0:43:33:07:2e:a6:54:0e:
2c:25:74:16:eb:7e:11:b7:e2:83:f9:51:29:2b:c2:
07:cb:18:ac:94:a1:dc:3a:55:16:8c:f9:e4:fe:6a:
40:d3:b3:68:da:4c:5e:f1:09:95:41:04:e3:51:15:
db:06:e8:6f:01:53:67:87:13:97:98:58:95:51:9d:
38:fb:ce:bb:1b:2e:58:b4:df:8c:80:a9:47:a8:9b:
18:9d:d9:3f:f6:15:89:03:d6:66:d7:8b:1f:31:94:
5e:fb:9e:04:5d:08:63:07:c2:14:31:ff:20:3e:9f:
b6:1f:74:b8:aa:3c:f4:55:9a:d1:3f:82:f1:88:99:
c7:0b:bf:40:7b:23:22:f0:bc:b9:5a:a4:3c:e8:97:
da:6b:20:8b:56:0c:4c:c4:6b:dd:ec:b5:9d:cf:86:
99:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B2:C7:37:D8:ED:C6:37:C8:F3:6C:6F:15:85:0E:12:09:84:6B:1D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9bLHN9jtxjfI82xvFYUOEgmEax0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
3a:93:0c:77:ff:2a:20:e3:d4:7d:52:ef:e2:36:2a:11:1b:d8:
35:5b:fd:8d:f9:58:c4:18:f0:c0:2e:3f:b6:8c:d2:68:4d:25:
2f:08:51:a9:b5:0f:75:87:a3:d8:58:91:fb:50:cd:e9:15:1b:
58:84:e5:01:85:3e:1b:5e:0f:d6:fd:4c:e2:89:36:a4:e4:0d:
04:08:c0:e0:65:4a:97:0b:ee:26:2a:3e:c5:f5:b3:49:6c:55:
57:7f:83:b0:90:ff:e7:cc:66:0f:d6:ac:a4:81:80:33:1e:10:
7f:f2:e8:7c:44:a0:7d:9a:62:79:c6:5b:ff:c4:65:b4:01:5a:
c3:09:7f:b8:44:12:97:20:31:5c:5a:99:30:33:ba:42:e4:2d:
f2:13:d1:09:1d:ee:93:13:14:93:09:cb:59:30:cf:7a:69:2c:
cc:7b:45:1e:37:2b:12:6d:18:2d:b6:14:3e:b8:be:66:e9:e7:
56:f1:4e:61:c5:d3:a5:4d:72:73:e2:5c:71:46:d0:87:c9:52:
0b:6f:8c:8b:90:2c:42:94:53:fa:dd:53:66:6e:cf:fa:51:fe:
28:c1:06:6d:0b:05:fc:e8:05:c1:85:aa:54:91:a9:0c:44:02:
bb:3a:56:16:87:7a:14:8d:53:a0:1e:57:1b:62:67:f7:f0:4e:
b5:3d:dc:a0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHctYP6eDBjDNpQLI2Lp8HuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMTYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWIyYzczN2Q4ZWRjNjM3YzhmMzZjNmYxNTg1MGUxMjA5ODQ2YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrExQjMMVe+SWVzdGrzRwAXqd7Hz
upXq5F4l93dYxPfLDnUwxK9ER8q83wKbK3tMB0szM0UPHh8tmMQ5evEUpH9y2jIA
e1uP1cj4+yFurmFmLyEQIBkK+lH9C183bOgywEMzBy6mVA4sJXQW634Rt+KD+VEp
K8IHyxislKHcOlUWjPnk/mpA07No2kxe8QmVQQTjURXbBuhvAVNnhxOXmFiVUZ04
+867Gy5YtN+MgKlHqJsYndk/9hWJA9Zm14sfMZRe+54EXQhjB8IUMf8gPp+2H3S4
qjz0VZrRP4LxiJnHC79AeyMi8Ly5WqQ86JfaayCLVgxMxGvd7LWdz4aZ6wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPWyxzfY7cY3yPNsbxWFDhIJhGsdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOWJMSE45anR4amZJODJ4dkZZVU9FZ21FYXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQA6kwx3/yog49R9Uu/iNioRG9g1W/2N+VjEGPDA
Lj+2jNJoTSUvCFGptQ91h6PYWJH7UM3pFRtYhOUBhT4bXg/W/UziiTak5A0ECMDg
ZUqXC+4mKj7F9bNJbFVXf4OwkP/nzGYP1qykgYAzHhB/8uh8RKB9mmJ5xlv/xGW0
AVrDCX+4RBKXIDFcWpkwM7pC5C3yE9EJHe6TExSTCctZMM96aSzMe0UeNysSbRgt
thQ+uL5m6edW8U5hxdOlTXJz4lxxRtCHyVILb4yLkCxClFP63VNmbs/6Uf4owQZt
CwX86AXBhapUkakMRAK7OlYWh3oUjVOgHlcbYmf38E61Pdyg
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:33:57 2025 by rpki-client