Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BwM62TNEDY6maEHC3pw-aLyRpO4.roa
File: BwM62TNEDY6maEHC3pw-aLyRpO4.roa (raw, json)
Hash identifier: octJViilr8TSNmMteJw/WzxkoNPaA8tWzeSNRYsvX0I=
Subject key identifier: 07:03:3A:D9:33:44:0D:8E:A6:68:41:C2:DE:9C:3E:68:BC:91:A4:EE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D569712E81E1BD994DCEC353F1833E66
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BwM62TNEDY6maEHC3pw-aLyRpO4.roa
Signing time: Mon 09 Sep 2024 06:12:22 +0000
ROA not before: Mon 09 Sep 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:69:71:2e:81:e1:bd:99:4d:ce:c3:53:f1:83:3e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07033ad933440d8ea66841c2de9c3e68bc91a4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a2:e9:e9:ea:09:d5:39:9e:2a:c8:ab:0b:fd:
8f:42:9e:92:21:cd:41:a4:26:0b:9f:d3:a3:d8:eb:
3b:10:fb:96:8e:f3:4a:69:48:2e:a7:84:ee:1c:ff:
05:23:60:f3:75:e1:96:af:4f:0a:5f:06:27:6b:61:
40:fa:39:0c:e6:6c:8a:1b:ec:63:b4:43:73:48:b2:
93:71:e2:31:d9:8b:0b:95:6b:9a:d1:c4:f5:b0:4f:
ff:bc:95:da:f2:2c:07:54:2d:0d:8e:98:bf:5e:f2:
38:61:f3:52:6e:2e:57:09:58:7b:76:e4:22:11:cf:
cb:7a:8c:d4:bb:10:d6:11:81:f2:ad:55:3a:6a:76:
b8:59:15:e2:46:6b:4f:8f:ce:01:78:68:50:7c:aa:
3b:57:29:07:5c:0b:12:d0:a4:9c:4b:3c:04:8f:a9:
92:ea:af:d1:a2:39:1d:d0:49:8e:f3:c2:2c:f7:69:
f0:e5:9a:5a:a7:fd:ad:fd:9d:fe:ea:f5:e9:65:0b:
7b:a6:fe:24:92:2a:25:ea:73:cc:db:e4:6c:10:51:
1a:a6:d8:cd:13:ce:60:e6:7e:22:97:6d:35:3d:0d:
70:84:31:15:dc:96:03:98:87:17:b1:86:2d:8a:29:
77:41:9c:35:c1:6e:40:85:93:72:08:ee:c9:d4:98:
79:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:03:3A:D9:33:44:0D:8E:A6:68:41:C2:DE:9C:3E:68:BC:91:A4:EE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BwM62TNEDY6maEHC3pw-aLyRpO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
45:a6:81:fa:41:6c:2c:4f:4a:89:19:33:3f:94:74:7c:f3:ae:
af:df:e2:03:5e:07:32:70:1d:38:a1:dc:41:0a:cf:c5:a5:c5:
4c:7a:b0:a0:1a:97:62:92:a7:f5:5e:aa:a3:f0:ad:a5:40:30:
f9:ee:5b:1c:86:13:d9:d8:21:6d:6f:68:30:e9:73:1c:0a:c0:
80:f5:f5:75:de:8a:f7:a6:f3:d0:75:14:81:3d:ff:99:6d:65:
a7:ec:c0:00:3a:c3:6e:e8:41:3d:63:83:5e:19:75:b0:3b:59:
8e:50:ba:eb:47:72:ce:09:60:0b:e1:20:b8:86:49:e9:5d:f4:
ed:bb:70:0d:f5:0d:64:3e:27:82:86:ea:cc:ad:93:3e:06:e7:
e6:cd:50:7d:77:8c:5f:82:f0:4c:50:39:21:6f:78:34:d5:4d:
d4:bf:f7:f7:ad:ad:8b:d6:62:d4:00:b3:b9:cf:5e:13:c2:58:
c9:4d:cc:95:a9:ec:d0:4a:fd:98:48:ec:34:a0:75:f5:3a:ca:
c1:ce:f1:3f:c2:8e:28:77:13:cb:29:56:4a:1e:be:08:af:7d:
13:31:e3:7c:ce:d4:b7:95:ed:5d:a5:4a:86:ad:a7:c7:39:e4:
60:45:82:0a:f3:96:ce:f2:2c:ce:b2:5d:f3:1f:ae:04:c7:0d:
72:4f:45:3a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHVaXEugeG9mU3Ow1Pxgz5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzAzM2FkOTMzNDQwZDhlYTY2ODQxYzJkZTljM2U2OGJjOTFhNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaLp6eoJ1TmeKsirC/2PQp6SIc1B
pCYLn9Oj2Os7EPuWjvNKaUgup4TuHP8FI2DzdeGWr08KXwYna2FA+jkM5myKG+xj
tENzSLKTceIx2YsLlWua0cT1sE//vJXa8iwHVC0Njpi/XvI4YfNSbi5XCVh7duQi
Ec/LeozUuxDWEYHyrVU6ana4WRXiRmtPj84BeGhQfKo7VykHXAsS0KScSzwEj6mS
6q/Rojkd0EmO88Is92nw5Zpap/2t/Z3+6vXpZQt7pv4kkiol6nPM2+RsEFEaptjN
E85g5n4il201PQ1whDEV3JYDmIcXsYYtiil3QZw1wW5AhZNyCO7J1Jh5NwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAcDOtkzRA2OpmhBwt6cPmi8kaTuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQndNNjJUTkVEWTZtYUVIQzNwdy1hTHlScE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEARaaB+kFsLE9KiRkzP5R0fPOu
r9/iA14HMnAdOKHcQQrPxaXFTHqwoBqXYpKn9V6qo/CtpUAw+e5bHIYT2dghbW9o
MOlzHArAgPX1dd6K96bz0HUUgT3/mW1lp+zAADrDbuhBPWODXhl1sDtZjlC660dy
zglgC+EguIZJ6V307btwDfUNZD4ngobqzK2TPgbn5s1QfXeMX4LwTFA5IW94NNVN
1L/3962ti9Zi1ACzuc9eE8JYyU3Mlans0Er9mEjsNKB19TrKwc7xP8KOKHcTyylW
Sh6+CK99EzHjfM7Ut5XtXaVKhq2nxznkYEWCCvOWzvIszrJd8x+uBMcNck9FOg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:04:31 2025 by rpki-client