Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DymkDVZ46rny4_66HZsnvBDTuOo.roa
File: DymkDVZ46rny4_66HZsnvBDTuOo.roa (raw, json)
Hash identifier: ehiKAyBNbElMMjAcEpuU+2M6QIUaS9fqM/RCa+ZuqyI=
Subject key identifier: 0F:29:A4:0D:56:78:EA:B9:F2:E3:FE:BA:1D:9B:27:BC:10:D3:B8:EA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C324ECCD7EDBBCFB772174AD1B7708AB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DymkDVZ46rny4_66HZsnvBDTuOo.roa
Signing time: Thu 05 Sep 2024 17:04:22 +0000
ROA not before: Thu 05 Sep 2024 17:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:c324:d2af/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:24:ec:cd:7e:db:bc:fb:77:21:74:ad:1b:77:08:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 17:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f29a40d5678eab9f2e3feba1d9b27bc10d3b8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:23:8f:cf:a9:01:62:42:84:2d:f9:70:f1:41:
b0:59:c1:be:ee:83:13:4a:70:06:82:9e:d1:5a:41:
cb:f4:76:f2:81:59:db:61:03:cb:56:c7:5f:00:5b:
a6:d1:e3:d1:a2:6c:d1:ec:4a:de:6e:73:21:57:b9:
0a:5a:4a:dd:c5:3a:98:0f:6c:a0:37:80:54:81:7f:
e8:4f:9b:0f:bf:8b:c2:28:fc:fa:b5:b5:e7:dd:8b:
7b:ff:32:74:99:29:89:9e:88:c5:72:2b:2b:c8:38:
9d:3e:0e:2a:fc:d2:21:55:35:23:28:5e:b8:e1:46:
e6:79:8a:3d:b9:53:92:7d:0d:35:ee:0a:84:5c:27:
2c:fc:8b:cc:d3:c5:5d:bd:92:b2:91:18:ec:01:2c:
2b:cf:bd:0e:7a:e9:45:35:49:8d:3e:5a:7b:5f:0c:
48:ef:9a:36:f5:fb:eb:cd:65:38:e3:de:f4:0a:19:
2b:3d:f4:f7:88:19:17:f6:5c:8c:b4:7c:d9:9d:fb:
f8:80:51:e6:2a:5d:14:f9:5a:fd:d0:20:05:69:d9:
37:5c:76:de:0d:2f:02:cc:ff:50:ec:98:5c:3f:52:
fd:97:9f:70:b6:2e:8f:30:d1:ca:8c:0f:f6:f0:de:
bd:8d:97:b6:0c:e7:f5:f5:be:68:1a:fa:a0:b3:dc:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:29:A4:0D:56:78:EA:B9:F2:E3:FE:BA:1D:9B:27:BC:10:D3:B8:EA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DymkDVZ46rny4_66HZsnvBDTuOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:c324:d2af/128
Signature Algorithm: sha256WithRSAEncryption
7f:4b:05:41:8e:9d:f9:03:d1:57:e7:da:e4:d9:59:12:f5:3f:
d6:f4:2a:3d:43:b9:b8:fb:53:c3:53:e7:54:73:dc:d0:7c:6c:
7a:18:b2:74:c6:06:a8:69:0c:c1:5e:75:8a:cf:53:0c:88:58:
36:58:34:9e:90:e1:3c:d1:6f:0d:cb:ab:fb:d2:95:9b:ea:8f:
70:54:bb:70:94:91:46:0b:d0:bb:3f:dc:01:89:90:16:aa:d1:
e7:a5:44:00:0e:1c:07:d5:82:c6:3b:d9:ac:02:1b:77:ae:86:
e8:a0:9f:b7:2d:4d:b3:17:6e:01:ff:7e:b7:43:09:25:85:a3:
35:ff:d9:6e:31:bb:3a:84:b6:4c:ac:cc:0f:4d:21:88:e0:bb:
0a:bb:ac:d3:14:92:f7:58:0d:c2:4f:44:53:64:84:d4:79:b6:
75:82:20:12:6a:e7:e2:96:6f:fd:f0:e9:6a:f8:e5:3b:4c:f8:
b6:c8:8f:11:2b:4a:ba:df:dc:87:d8:17:43:6b:3d:15:c4:e7:
e5:a2:50:e6:8f:31:0e:5d:20:51:d2:52:96:d8:5d:57:95:e8:
b0:62:fa:fa:f2:c4:40:76:ce:0d:79:32:6e:aa:c2:ad:d3:a2:
61:1f:f6:9c:9f:a3:2f:b0:02:67:ca:0f:53:21:25:5a:91:aa:
a9:de:68:86
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHDJOzNftu8+3chdK0bdwirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MTcwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI5YTQwZDU2NzhlYWI5ZjJlM2ZlYmExZDliMjdiYzEwZDNiOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iOPz6kBYkKELflw8UGwWcG+7oMT
SnAGgp7RWkHL9HbygVnbYQPLVsdfAFum0ePRomzR7ErebnMhV7kKWkrdxTqYD2yg
N4BUgX/oT5sPv4vCKPz6tbXn3Yt7/zJ0mSmJnojFcisryDidPg4q/NIhVTUjKF64
4UbmeYo9uVOSfQ017gqEXCcs/IvM08VdvZKykRjsASwrz70OeulFNUmNPlp7XwxI
75o29fvrzWU44970ChkrPfT3iBkX9lyMtHzZnfv4gFHmKl0U+Vr90CAFadk3XHbe
DS8CzP9Q7JhcP1L9l59wti6PMNHKjA/28N69jZe2DOf19b5oGvqgs9yzNwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA8ppA1WeOq58uP+uh2bJ7wQ07jqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRHlta0RWWjQ2cm55NF82Nkhac252QkRUdU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkcMk0q8wDQYJKoZIhvcNAQELBQADggEB
AH9LBUGOnfkD0Vfn2uTZWRL1P9b0Kj1Dubj7U8NT51Rz3NB8bHoYsnTGBqhpDMFe
dYrPUwyIWDZYNJ6Q4TzRbw3Lq/vSlZvqj3BUu3CUkUYL0Ls/3AGJkBaq0eelRAAO
HAfVgsY72awCG3euhuign7ctTbMXbgH/frdDCSWFozX/2W4xuzqEtkyszA9NIYjg
uwq7rNMUkvdYDcJPRFNkhNR5tnWCIBJq5+KWb/3w6Wr45TtM+LbIjxErSrrf3IfY
F0NrPRXE5+WiUOaPMQ5dIFHSUpbYXVeV6LBi+vryxEB2zg15Mm6qwq3TomEf9pyf
oy+wAmfKD1MhJVqRqqneaIY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:24:19 2025 by rpki-client