Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gm8pQzpltuQbtPKiYQiPdCh7uLM.roa
File: Gm8pQzpltuQbtPKiYQiPdCh7uLM.roa (raw, json)
Hash identifier: z4AefsWenOm/5exFcZPk4PdBVbGBCm54RycIGt5DuBM=
Subject key identifier: 1A:6F:29:43:3A:65:B6:E4:1B:B4:F2:A2:61:08:8F:74:28:7B:B8:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0193ACCEED3C95BAAFE43FE5D6515284AB19
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gm8pQzpltuQbtPKiYQiPdCh7uLM.roa
Signing time: Mon 09 Dec 2024 19:04:22 +0000
ROA not before: Mon 09 Dec 2024 19:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:acce:ddb8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:ce:ed:3c:95:ba:af:e4:3f:e5:d6:51:52:84:ab:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Dec 9 19:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a6f29433a65b6e41bb4f2a261088f74287bb8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8d:29:dc:5d:5c:ba:db:63:17:0d:0d:8a:5f:
54:8d:01:92:7a:bc:32:36:19:4f:56:ce:44:7a:5b:
c7:24:ba:17:8c:79:b3:ff:35:bd:82:e6:01:48:ef:
f7:40:6b:56:9d:a1:1c:b5:0d:4c:5c:18:75:de:5d:
8c:7f:15:5f:a7:40:24:4d:50:34:1e:e2:06:c3:ed:
8d:64:2d:69:ec:4f:ce:42:f6:20:c2:c3:07:6a:8c:
f5:97:76:7f:f3:a5:b3:18:40:05:17:cb:3c:41:09:
4d:5d:58:da:ec:19:28:f7:e7:b5:17:cf:4c:00:04:
9d:fb:a1:5c:d6:4f:a1:b3:b3:bd:65:52:cc:34:a3:
1c:3e:9a:fa:a0:ed:03:54:f3:b7:db:83:0d:f8:76:
ff:21:c0:47:c2:95:87:ed:7a:c8:20:38:f1:e4:41:
61:50:77:5f:27:72:dd:47:4a:09:3b:55:6c:56:7e:
1d:f2:f3:fb:27:16:43:93:7b:df:da:96:89:ae:16:
08:94:93:c3:db:d4:5b:7d:de:78:fd:28:c1:e9:7d:
7d:db:77:1d:6e:9c:08:d2:91:1e:90:7f:ad:a6:c2:
91:aa:7b:e1:83:b6:6f:76:f5:29:b0:a0:c0:e8:ec:
c0:ed:7e:e2:a0:7f:42:f5:40:ef:d3:00:af:d6:9e:
4e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6F:29:43:3A:65:B6:E4:1B:B4:F2:A2:61:08:8F:74:28:7B:B8:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gm8pQzpltuQbtPKiYQiPdCh7uLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:acce:ddb8/128
Signature Algorithm: sha256WithRSAEncryption
8e:aa:59:1f:56:cf:a3:aa:cf:7d:c8:7e:78:a8:eb:b4:19:54:
90:26:ff:ad:6d:45:69:98:d7:ff:bc:a3:89:b6:68:e5:8a:6a:
6e:da:53:c7:4e:28:ce:f9:80:6f:58:22:c9:00:f0:80:08:de:
79:4a:8d:62:fa:f8:87:f3:fe:fe:f5:c1:f7:49:0f:e0:76:a4:
9b:6c:0d:c7:1a:d4:d9:2a:dc:ce:4f:bd:d3:bd:27:d4:ee:6c:
82:2d:e9:9c:3f:07:51:53:5e:8c:8e:a8:a6:35:e3:20:33:c0:
74:25:9d:9c:92:1b:7a:66:3d:5c:fa:03:3f:5e:e0:b3:da:d9:
98:54:6f:79:c7:9e:aa:c8:18:33:0a:8b:ae:bf:6d:af:c7:53:
e3:1f:59:2f:79:27:14:d6:f7:2e:50:50:4d:e6:47:42:a2:a9:
48:44:f5:5b:3e:82:b0:06:83:e1:01:c8:71:b8:6f:16:21:a2:
c3:f6:eb:b3:52:a3:b2:3a:d3:97:5a:ac:b3:f6:34:55:cd:f4:
3c:45:46:76:0c:7d:d0:bb:77:42:99:cd:62:70:bf:d9:ec:8d:
b7:88:81:6d:60:ba:ab:11:f3:e2:99:59:cb:3f:ae:bd:ad:bb:
95:dd:46:27:38:3d:a7:9f:12:63:34:74:14:a6:3e:af:9f:01:
d4:29:b4:d5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZOszu08lbqv5D/l1lFShKsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMjA5MTkwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTZmMjk0MzNhNjViNmU0MWJiNGYyYTI2MTA4OGY3NDI4N2JiOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt40p3F1cuttjFw0Nil9UjQGSerwy
NhlPVs5EelvHJLoXjHmz/zW9guYBSO/3QGtWnaEctQ1MXBh13l2MfxVfp0AkTVA0
HuIGw+2NZC1p7E/OQvYgwsMHaoz1l3Z/86WzGEAFF8s8QQlNXVja7Bko9+e1F89M
AASd+6Fc1k+hs7O9ZVLMNKMcPpr6oO0DVPO324MN+Hb/IcBHwpWH7XrIIDjx5EFh
UHdfJ3LdR0oJO1VsVn4d8vP7JxZDk3vf2paJrhYIlJPD29Rbfd54/SjB6X1923cd
bpwI0pEekH+tpsKRqnvhg7ZvdvUpsKDA6OzA7X7ioH9C9UDv0wCv1p5OVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBpvKUM6ZbbkG7TyomEIj3Qoe7izMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvR204cFF6cGx0dVFidFBLaVlRaVBkQ2g3dUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTrM7duDANBgkqhkiG9w0BAQsFAAOCAQEAjqpZH1bPo6rPfch+eKjrtBlU
kCb/rW1FaZjX/7yjibZo5YpqbtpTx04ozvmAb1giyQDwgAjeeUqNYvr4h/P+/vXB
90kP4Hakm2wNxxrU2Srczk+9070n1O5sgi3pnD8HUVNejI6opjXjIDPAdCWdnJIb
emY9XPoDP17gs9rZmFRveceeqsgYMwqLrr9tr8dT4x9ZL3knFNb3LlBQTeZHQqKp
SET1Wz6CsAaD4QHIcbhvFiGiw/brs1KjsjrTl1qss/Y0Vc30PEVGdgx90Lt3QpnN
YnC/2eyNt4iBbWC6qxHz4plZyz+uva27ld1GJzg9p58SYzR0FKY+r58B1Cm01Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:53:06 2025 by rpki-client