Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfDDlS0RtcVoDskwackAhoYaN0U.roa
File: AfDDlS0RtcVoDskwackAhoYaN0U.roa (raw, json)
Hash identifier: zb2U4hFbrxa4BvrXXVxbFPv4UNmPDnJvZ7rcs2IKQ24=
Subject key identifier: 01:F0:C3:95:2D:11:B5:C5:68:0E:C9:30:69:C9:00:86:86:1A:37:45
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C393B473C36466466F5A577D9708C611
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfDDlS0RtcVoDskwackAhoYaN0U.roa
Signing time: Thu 05 Sep 2024 19:05:22 +0000
ROA not before: Thu 05 Sep 2024 19:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:c392:c869/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:93:b4:73:c3:64:66:46:6f:5a:57:7d:97:08:c6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 19:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f0c3952d11b5c5680ec93069c90086861a3745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:83:4d:1a:88:20:ce:13:ac:c7:f4:d9:43:03:
53:0a:f9:65:ab:19:f5:50:6b:eb:1b:02:ab:fd:4f:
cc:a1:3e:7f:83:ce:43:79:1b:f9:1e:cd:fa:87:22:
96:3a:d1:8c:91:f8:c4:65:cd:ec:f2:ba:25:a9:04:
50:e7:14:92:c6:cf:9a:63:e1:6c:85:b9:8c:c0:1e:
a0:14:c6:57:af:91:14:ed:ae:62:15:89:6d:68:56:
8c:2f:e9:bb:46:d2:9b:d5:27:f5:78:b5:f5:6c:1c:
aa:d9:85:ad:91:42:7d:12:4a:91:42:ba:3b:67:83:
04:ea:93:91:4f:77:57:67:c1:6d:bf:8f:22:51:85:
bc:57:d8:88:f2:55:34:ff:15:e8:20:17:52:9a:14:
c1:fd:9f:7a:2f:dd:90:22:96:17:50:b1:f2:76:e1:
97:4e:05:22:73:d0:58:64:dd:57:98:ab:d4:77:34:
4b:00:84:7d:5f:37:da:6b:10:25:2e:4c:ba:6f:4a:
2a:4f:ab:ce:8a:38:35:10:dd:17:65:21:3f:08:a0:
2a:3b:da:f5:7f:ab:b0:77:97:d8:48:f5:96:40:24:
d1:a1:a7:8a:5e:68:38:32:c2:40:91:34:ed:7c:2e:
cb:f3:6c:9a:c9:d5:ef:80:d8:74:d6:a9:3f:03:f2:
46:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F0:C3:95:2D:11:B5:C5:68:0E:C9:30:69:C9:00:86:86:1A:37:45
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfDDlS0RtcVoDskwackAhoYaN0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:c392:c869/128
Signature Algorithm: sha256WithRSAEncryption
0d:d5:f0:d2:d3:1b:4c:8f:7c:fc:c2:62:ab:37:6f:b8:91:30:
5f:79:83:35:16:86:44:20:bd:28:82:1c:3f:94:b8:6c:c5:30:
6c:c7:4b:61:62:be:2c:9f:bd:fb:ff:dd:b6:8f:23:01:a8:71:
8d:c1:7a:48:a5:9c:a2:6b:75:eb:ce:f0:a5:50:85:10:75:96:
02:4e:97:ed:1d:5c:84:72:9c:1b:b4:2a:ca:4a:83:38:95:8b:
12:90:a3:ae:38:46:9c:4a:85:58:e2:f5:77:db:e0:c9:63:ce:
d4:62:2a:66:31:5c:13:dd:b5:7d:29:c1:a0:ce:9b:e8:2e:13:
c6:49:61:69:4d:9d:c0:c7:2c:a3:37:52:e0:ac:ee:72:5d:4b:
02:3e:8d:12:77:92:94:4f:40:77:8a:b8:bd:c3:2e:a3:24:ea:
1f:64:a0:bb:22:fd:8d:01:44:5f:d2:2c:ea:ce:93:df:ee:ac:
66:f0:9c:9a:6e:e0:88:ab:eb:85:23:59:0b:41:4f:a9:98:89:
29:4e:4e:e1:7a:31:cc:04:8d:fb:4c:05:dc:40:3a:4c:dc:73:
d4:63:91:8a:c3:e2:50:a9:57:8a:bf:f2:91:be:72:b6:28:a4:
18:70:1f:57:f8:0a:bc:02:af:64:02:38:96:a2:61:77:8b:d4:
a4:3b:99:5b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHDk7Rzw2RmRm9aV32XCMYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MTkwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWYwYzM5NTJkMTFiNWM1NjgwZWM5MzA2OWM5MDA4Njg2MWEzNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYNNGoggzhOsx/TZQwNTCvllqxn1
UGvrGwKr/U/MoT5/g85DeRv5Hs36hyKWOtGMkfjEZc3s8rolqQRQ5xSSxs+aY+Fs
hbmMwB6gFMZXr5EU7a5iFYltaFaML+m7RtKb1Sf1eLX1bByq2YWtkUJ9EkqRQro7
Z4ME6pORT3dXZ8Ftv48iUYW8V9iI8lU0/xXoIBdSmhTB/Z96L92QIpYXULHyduGX
TgUic9BYZN1XmKvUdzRLAIR9XzfaaxAlLky6b0oqT6vOijg1EN0XZSE/CKAqO9r1
f6uwd5fYSPWWQCTRoaeKXmg4MsJAkTTtfC7L82yaydXvgNh01qk/A/JGaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAHww5UtEbXFaA7JMGnJAIaGGjdFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQWZERGxTMFJ0Y1ZvRHNrd2Fja0Fob1lhTjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkcOSyGkwDQYJKoZIhvcNAQELBQADggEB
AA3V8NLTG0yPfPzCYqs3b7iRMF95gzUWhkQgvSiCHD+UuGzFMGzHS2Fiviyfvfv/
3baPIwGocY3BekilnKJrdevO8KVQhRB1lgJOl+0dXIRynBu0KspKgziVixKQo644
RpxKhVji9Xfb4MljztRiKmYxXBPdtX0pwaDOm+guE8ZJYWlNncDHLKM3UuCs7nJd
SwI+jRJ3kpRPQHeKuL3DLqMk6h9koLsi/Y0BRF/SLOrOk9/urGbwnJpu4Iir64Uj
WQtBT6mYiSlOTuF6McwEjftMBdxAOkzcc9RjkYrD4lCpV4q/8pG+crYopBhwH1f4
CrwCr2QCOJaiYXeL1KQ7mVs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:28:24 2025 by rpki-client