Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CnOs1hXN-y1vm3N-8Ae4bC1duYQ.roa
File: CnOs1hXN-y1vm3N-8Ae4bC1duYQ.roa (raw, json)
Hash identifier: C8yBHEGVo6Fr1nB7Kge+qMpha+APGptKutp5ISSVkPg=
Subject key identifier: 0A:73:AC:D6:15:CD:FB:2D:6F:9B:73:7E:F0:07:B8:6C:2D:5D:B9:84
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A7EB0380F8157239C96F09DF33CEF624
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CnOs1hXN-y1vm3N-8Ae4bC1duYQ.roa
Signing time: Sat 31 Aug 2024 10:11:22 +0000
ROA not before: Sat 31 Aug 2024 10:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:eb:03:80:f8:15:72:39:c9:6f:09:df:33:ce:f6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 31 10:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a73acd615cdfb2d6f9b737ef007b86c2d5db984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:b8:94:f8:b8:19:6f:7e:b3:fe:b9:4a:5a:
18:c9:ea:da:01:bb:42:d6:7c:c6:10:84:93:94:39:
47:a5:96:32:81:24:d5:ec:7d:d4:a3:1b:38:66:8c:
46:5e:3a:68:f2:85:91:01:b6:22:fe:bf:1b:60:0f:
ce:89:ed:bc:e8:d3:e3:ea:42:58:61:79:83:54:7d:
97:54:aa:55:50:7b:13:ba:53:65:4f:8f:8c:5f:10:
f7:7c:d7:19:82:70:d2:12:5e:da:9b:b9:34:4d:2a:
01:5b:7a:bb:3c:ac:00:4b:07:44:ed:c7:62:fb:f2:
65:f6:25:11:da:ff:69:e9:b2:cd:f5:68:1e:ba:cf:
2d:0f:9f:8a:c3:cc:72:6e:5a:f4:7c:4b:3d:67:a5:
0b:09:b6:54:d6:bf:38:7a:a9:e4:3d:a9:83:f4:70:
15:89:ae:2a:c8:03:eb:9d:29:28:91:66:5e:4b:21:
a5:ec:48:0d:63:27:bd:4b:4e:c5:6f:aa:d6:34:0d:
a2:20:f9:a7:fb:13:b4:bd:fb:ba:97:3c:11:e1:9a:
bf:14:de:56:dd:72:15:49:b2:6a:e0:41:3e:ff:f5:
85:7f:50:cf:e5:3f:f2:d9:c0:28:f2:6a:62:a7:c4:
85:17:52:56:8e:07:01:31:d2:60:70:28:9e:d5:23:
e7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:73:AC:D6:15:CD:FB:2D:6F:9B:73:7E:F0:07:B8:6C:2D:5D:B9:84
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CnOs1hXN-y1vm3N-8Ae4bC1duYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
76:54:d4:ed:6d:1b:48:be:1b:bb:b2:80:03:6e:3f:8b:74:65:
20:5a:d0:35:c9:50:83:5a:5b:58:8e:60:0f:57:f7:cf:4b:ad:
e2:88:76:b6:cf:d6:96:9f:69:89:09:12:03:30:cf:f1:c4:5d:
5b:61:98:f0:d0:e6:10:ce:29:e7:71:15:4d:b1:75:6a:73:06:
19:c5:71:4d:3d:83:70:b9:94:e4:2f:2c:54:78:05:1a:a9:2e:
fa:9b:55:12:08:36:c5:b5:3b:eb:02:0f:ac:71:4a:04:a5:6c:
49:d2:e2:c4:25:f5:3a:f5:b4:44:dd:35:b7:71:52:e7:56:0a:
58:81:78:f0:9f:89:97:86:39:9c:c5:9e:1f:db:9c:92:87:62:
22:a4:32:59:0d:c5:62:fd:b6:cb:d8:a8:9e:c0:70:be:6a:54:
4f:7c:5b:d8:e6:15:7f:33:95:27:23:c5:23:aa:94:27:a8:d3:
1d:f6:67:da:dc:06:67:aa:e8:ef:a6:2f:46:78:74:23:fb:6a:
44:61:2d:d4:21:c1:d9:82:ec:e8:b1:1b:77:50:d9:38:ea:e2:
0b:07:b7:c0:60:a6:61:2c:27:b1:74:71:0d:c5:81:07:2f:85:
43:a7:63:12:5d:47:b0:a1:67:e3:4b:7e:5b:b6:ac:17:42:50:
a2:f9:6f:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGn6wOA+BVyOclvCd8zzvYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMxMTAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTczYWNkNjE1Y2RmYjJkNmY5YjczN2VmMDA3Yjg2YzJkNWRiOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfy4lPi4GW9+s/65SloYyeraAbtC
1nzGEISTlDlHpZYygSTV7H3Uoxs4ZoxGXjpo8oWRAbYi/r8bYA/Oie286NPj6kJY
YXmDVH2XVKpVUHsTulNlT4+MXxD3fNcZgnDSEl7am7k0TSoBW3q7PKwASwdE7cdi
+/Jl9iUR2v9p6bLN9Wgeus8tD5+Kw8xyblr0fEs9Z6ULCbZU1r84eqnkPamD9HAV
ia4qyAPrnSkokWZeSyGl7EgNYye9S07Fb6rWNA2iIPmn+xO0vfu6lzwR4Zq/FN5W
3XIVSbJq4EE+//WFf1DP5T/y2cAo8mpip8SFF1JWjgcBMdJgcCie1SPnpwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFApzrNYVzfstb5tzfvAHuGwtXbmEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ25PczFoWE4teTF2bTNOLThBZTRiQzFkdVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAdlTU7W0bSL4bu7KAA24/i3Rl
IFrQNclQg1pbWI5gD1f3z0ut4oh2ts/Wlp9piQkSAzDP8cRdW2GY8NDmEM4p53EV
TbF1anMGGcVxTT2DcLmU5C8sVHgFGqku+ptVEgg2xbU76wIPrHFKBKVsSdLixCX1
OvW0RN01t3FS51YKWIF48J+Jl4Y5nMWeH9uckodiIqQyWQ3FYv22y9ionsBwvmpU
T3xb2OYVfzOVJyPFI6qUJ6jTHfZn2twGZ6ro76YvRnh0I/tqRGEt1CHB2YLs6LEb
d1DZOOriCwe3wGCmYSwnsXRxDcWBBy+FQ6djEl1HsKFn40t+W7asF0JQovlv5g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:10 2025 by rpki-client