Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbflKpTugW5mzAPjbjLPmOjeAR4.roa
File: CbflKpTugW5mzAPjbjLPmOjeAR4.roa (raw, json)
Hash identifier: ghFo222bm5L3XNX2ZNCfvD098HvMhxl0a8eg9dtAvjg=
Subject key identifier: 09:B7:E5:2A:94:EE:81:6E:66:CC:03:E3:6E:32:CF:98:E8:DE:01:1E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191690D218471FB8834C9633864452E2A48
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbflKpTugW5mzAPjbjLPmOjeAR4.roa
Signing time: Mon 19 Aug 2024 05:12:33 +0000
ROA not before: Mon 19 Aug 2024 05:12:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:0d:21:84:71:fb:88:34:c9:63:38:64:45:2e:2a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 19 05:12:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b7e52a94ee816e66cc03e36e32cf98e8de011e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:73:84:f8:8f:09:43:72:ea:b4:18:60:77:
78:cf:cd:b4:54:ab:2d:1a:cf:87:2b:4e:bc:f7:fb:
79:8e:d8:1a:5c:27:60:77:02:cc:4f:34:94:86:39:
d0:cc:bd:ba:57:f2:1a:91:bc:ec:16:28:5c:de:6e:
1e:8d:fe:84:40:9a:a1:ef:e3:ec:28:6e:aa:89:81:
ce:35:0b:69:b7:01:b7:76:f7:bc:85:c3:4d:f0:17:
96:d9:84:d7:84:6b:e6:5a:c9:9a:c8:18:4f:3d:9a:
16:d3:ee:ea:3a:12:4f:8f:fb:33:dc:df:11:7a:38:
e0:6a:c7:38:82:eb:c2:ec:b5:98:86:86:16:c2:43:
5b:40:d4:29:f0:23:dc:6b:6b:7a:03:47:12:ab:da:
56:6b:f2:b3:43:5e:2d:fc:dd:31:22:d2:34:f8:65:
d5:a7:c4:ef:ac:6b:03:8b:cd:41:0b:f9:77:c2:a4:
fd:77:88:11:d3:08:38:34:a0:fa:76:7d:2f:25:fc:
1b:10:30:04:50:93:7c:0e:40:33:ec:1f:37:7f:cd:
0b:d9:90:fe:2c:20:27:3f:49:d5:f6:a9:13:40:ff:
8b:d1:1f:2b:f3:3a:4a:74:d4:60:f5:97:47:26:68:
0c:d6:f3:f0:b6:10:95:13:c2:96:9e:87:93:28:03:
b5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B7:E5:2A:94:EE:81:6E:66:CC:03:E3:6E:32:CF:98:E8:DE:01:1E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CbflKpTugW5mzAPjbjLPmOjeAR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
29:a2:35:43:b7:8f:f3:3d:bc:a1:fa:c2:cd:53:36:d6:70:e5:
ae:03:0c:ab:3d:44:d9:c1:d5:9d:d9:19:7b:14:93:44:97:1c:
f6:ab:5e:87:81:da:33:f3:ed:d4:d5:11:be:a9:60:5d:fc:7b:
23:bd:01:a2:af:31:d8:b4:8e:16:cc:39:05:58:ab:7d:a9:df:
75:31:fa:55:fd:23:89:4e:50:fc:b4:dd:c8:b2:7b:1d:2b:cf:
3b:66:c6:66:84:23:a1:43:52:25:7b:74:7c:1a:d6:66:71:cf:
87:12:08:70:40:11:a8:08:a8:bf:ac:41:ea:e8:e8:5a:35:e8:
e5:5b:20:ae:e2:68:1a:f7:3d:75:4c:00:ab:fa:f9:b7:63:e5:
b4:80:d5:7b:33:42:58:09:41:0e:cc:f6:da:ea:59:97:f8:e2:
e1:e4:b5:01:0c:ae:73:e6:b0:dc:81:6e:b4:2c:42:13:bd:12:
20:4a:f1:0c:94:27:de:33:1c:78:3d:d4:bf:84:56:7f:f4:a8:
da:63:60:43:d7:b4:de:be:f2:60:ce:f4:f2:7e:1b:23:a4:1b:
f4:de:a1:4f:44:e0:e8:60:5b:58:b0:63:4b:fd:31:04:44:e1:
9d:65:72:e8:a5:cd:c9:26:97:95:6a:62:b4:78:9a:b4:1e:26:
53:99:c2:5f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFpDSGEcfuINMljOGRFLipIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE5MDUxMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI3ZTUyYTk0ZWU4MTZlNjZjYzAzZTM2ZTMyY2Y5OGU4ZGUwMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugBzhPiPCUNy6rQYYHd4z820VKst
Gs+HK0689/t5jtgaXCdgdwLMTzSUhjnQzL26V/IakbzsFihc3m4ejf6EQJqh7+Ps
KG6qiYHONQtptwG3dve8hcNN8BeW2YTXhGvmWsmayBhPPZoW0+7qOhJPj/sz3N8R
ejjgasc4guvC7LWYhoYWwkNbQNQp8CPca2t6A0cSq9pWa/KzQ14t/N0xItI0+GXV
p8TvrGsDi81BC/l3wqT9d4gR0wg4NKD6dn0vJfwbEDAEUJN8DkAz7B83f80L2ZD+
LCAnP0nV9qkTQP+L0R8r8zpKdNRg9ZdHJmgM1vPwthCVE8KWnoeTKAO1zwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAm35SqU7oFuZswD424yz5jo3gEeMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ2JmbEtwVHVnVzVtekFQamJqTFBtT2plQVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAKaI1Q7eP8z28ofrCzVM21nDl
rgMMqz1E2cHVndkZexSTRJcc9qteh4HaM/Pt1NURvqlgXfx7I70Boq8x2LSOFsw5
BVirfanfdTH6Vf0jiU5Q/LTdyLJ7HSvPO2bGZoQjoUNSJXt0fBrWZnHPhxIIcEAR
qAiov6xB6ujoWjXo5VsgruJoGvc9dUwAq/r5t2PltIDVezNCWAlBDsz22upZl/ji
4eS1AQyuc+aw3IFutCxCE70SIErxDJQn3jMceD3Uv4RWf/So2mNgQ9e03r7yYM70
8n4bI6Qb9N6hT0Tg6GBbWLBjS/0xBEThnWVy6KXNySaXlWpitHiatB4mU5nCXw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:25 2025 by rpki-client