Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CG95BnMIF-KJfIgsBFLgTf5p3aw.roa
File: CG95BnMIF-KJfIgsBFLgTf5p3aw.roa (raw, json)
Hash identifier: qmbdJh9GhasbpFUiyCbg9sZVpOmA02OM1fhFfs4bcqk=
Subject key identifier: 08:6F:79:06:73:08:17:E2:89:7C:88:2C:04:52:E0:4D:FE:69:DD:AC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190FE68949CD13493980FDCA4B95637EF51
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CG95BnMIF-KJfIgsBFLgTf5p3aw.roa
Signing time: Mon 29 Jul 2024 12:13:04 +0000
ROA not before: Mon 29 Jul 2024 12:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:68:94:9c:d1:34:93:98:0f:dc:a4:b9:56:37:ef:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 12:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086f7906730817e2897c882c0452e04dfe69ddac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9e:72:d9:1a:9e:09:44:79:78:82:8d:bd:eb:
33:0d:a2:29:72:c2:0e:8f:0a:80:3d:0a:dc:a1:86:
a5:cf:e4:44:1e:8e:1c:ba:39:f9:ff:67:c1:66:52:
70:1c:56:c7:17:4f:30:3b:2c:a9:72:4b:50:53:da:
cb:26:29:68:5d:25:a2:e3:85:7e:17:37:64:7d:ee:
7d:86:f4:04:89:27:00:ed:af:c5:f2:74:f5:2b:7f:
53:33:1d:fd:6e:36:ae:60:a0:7c:54:ba:36:4e:64:
5c:c2:fa:78:50:b0:2f:e1:c6:c8:ba:a1:00:da:22:
33:aa:25:43:e4:94:50:c0:76:85:01:5c:35:96:cc:
18:9f:19:f4:a3:d3:6e:71:9f:05:88:43:ad:15:9e:
34:81:0f:cd:55:a6:7a:e8:74:f1:47:e6:2e:88:2f:
7f:4c:f8:1f:5f:c7:94:f9:34:1a:19:00:96:5c:c6:
bf:d8:7c:25:2a:d0:6f:9d:06:02:41:62:25:8b:24:
ef:ea:76:3e:d3:2e:c9:b6:6f:e0:ae:8a:0c:c4:2f:
d3:23:88:05:82:7b:20:1c:29:be:39:1a:01:54:08:
6f:9b:5a:30:8d:76:fa:9a:74:43:28:e3:37:0d:7e:
5d:86:ea:a9:50:c7:92:1d:04:00:3e:9a:42:84:a5:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6F:79:06:73:08:17:E2:89:7C:88:2C:04:52:E0:4D:FE:69:DD:AC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CG95BnMIF-KJfIgsBFLgTf5p3aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
47:7c:29:d8:6a:36:61:96:e9:85:d7:fd:1d:15:2d:39:4d:ba:
42:26:7d:41:70:98:2f:b9:f7:04:3f:86:e8:64:3e:52:b4:01:
b3:99:55:53:98:eb:9e:db:62:2a:35:b3:93:26:e7:ef:0d:36:
a1:b0:b8:2c:10:3d:ab:31:b8:02:d6:9c:17:d1:8f:d8:c0:8b:
df:32:74:04:0a:8c:7a:22:9f:52:57:e2:d2:a7:dc:4a:3e:95:
a4:bf:f3:15:a7:67:e4:11:69:56:19:ae:3c:fa:02:b6:13:f8:
41:8a:f1:4e:44:83:aa:08:c6:40:7a:c9:0e:a4:82:e9:b7:60:
73:1e:12:0b:a5:13:3a:94:4b:d0:cc:9c:64:51:74:76:87:d3:
fe:4b:fb:75:9f:2d:f6:0a:8c:58:e1:d2:03:fd:02:53:bf:67:
df:4e:fc:fe:1a:c9:fa:d5:cd:e5:63:3b:bb:5e:2e:0e:85:c7:
3d:5d:76:eb:e7:04:2b:65:61:42:6a:d1:f2:d6:fe:87:c3:f6:
80:a8:1e:aa:0e:96:db:42:f5:55:a1:91:af:8d:0d:05:84:94:
95:b1:7c:d7:8f:d7:6c:cc:7e:2e:b7:19:cf:66:38:d6:ee:e4:
79:b1:80:bc:76:1e:3e:d5:79:6e:17:10:e2:54:78:ad:21:7f:
aa:0f:77:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZD+aJSc0TSTmA/cpLlWN+9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MTIxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZmNzkwNjczMDgxN2UyODk3Yzg4MmMwNDUyZTA0ZGZlNjlkZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA355y2RqeCUR5eIKNveszDaIpcsIO
jwqAPQrcoYalz+REHo4cujn5/2fBZlJwHFbHF08wOyypcktQU9rLJiloXSWi44V+
Fzdkfe59hvQEiScA7a/F8nT1K39TMx39bjauYKB8VLo2TmRcwvp4ULAv4cbIuqEA
2iIzqiVD5JRQwHaFAVw1lswYnxn0o9NucZ8FiEOtFZ40gQ/NVaZ66HTxR+YuiC9/
TPgfX8eU+TQaGQCWXMa/2HwlKtBvnQYCQWIliyTv6nY+0y7Jtm/grooMxC/TI4gF
gnsgHCm+ORoBVAhvm1owjXb6mnRDKOM3DX5dhuqpUMeSHQQAPppChKVHZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAhveQZzCBfiiXyILARS4E3+ad2sMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ0c5NUJuTUlGLUtKZklnc0JGTGdUZjVwM2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAR3wp2Go2YZbphdf9HRUtOU26
QiZ9QXCYL7n3BD+G6GQ+UrQBs5lVU5jrnttiKjWzkybn7w02obC4LBA9qzG4Atac
F9GP2MCL3zJ0BAqMeiKfUlfi0qfcSj6VpL/zFadn5BFpVhmuPPoCthP4QYrxTkSD
qgjGQHrJDqSC6bdgcx4SC6UTOpRL0MycZFF0dofT/kv7dZ8t9gqMWOHSA/0CU79n
3078/hrJ+tXN5WM7u14uDoXHPV126+cEK2VhQmrR8tb+h8P2gKgeqg6W20L1VaGR
r40NBYSUlbF814/XbMx+LrcZz2Y41u7kebGAvHYePtV5bhcQ4lR4rSF/qg93EQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:25 2025 by rpki-client