Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/H7l3jDLhkHtAK7u6J_sihqUIDgY.roa
File: H7l3jDLhkHtAK7u6J_sihqUIDgY.roa (raw, json)
Hash identifier: DqcjTXDeifr8hGt3/rT4CtEEwy+q3FMSB41z7aQ9+bI=
Subject key identifier: 1F:B9:77:8C:32:E1:90:7B:40:2B:BB:BA:27:FB:22:86:A5:08:0E:06
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E05B5A4BB503CC7190FF88142FCD4519
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/H7l3jDLhkHtAK7u6J_sihqUIDgY.roa
Signing time: Wed 11 Sep 2024 09:12:48 +0000
ROA not before: Wed 11 Sep 2024 09:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:5b:5a:4b:b5:03:cc:71:90:ff:88:14:2f:cd:45:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 11 09:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fb9778c32e1907b402bbbba27fb2286a5080e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4d:4a:9f:2c:d3:63:e9:58:e5:04:df:51:0d:
68:62:be:78:21:07:23:35:3a:12:94:f3:74:37:b1:
42:9a:bd:75:99:80:72:9c:b8:48:9b:e0:02:3b:ef:
c9:7a:73:76:eb:4b:c5:0d:38:39:c6:41:a9:d6:8a:
19:d1:66:29:cf:1a:cd:89:88:ab:10:14:5d:43:70:
f9:70:a9:1a:7c:7a:fb:9e:a6:76:6b:12:03:0e:76:
ad:f6:54:d3:00:a7:8d:6d:24:a1:d3:3a:5b:70:4b:
dc:b0:77:26:5d:60:66:ea:8a:53:25:db:2d:7f:b0:
e8:6f:2c:0c:b2:d2:f3:89:5e:81:53:20:f2:b7:c8:
d7:d7:bd:21:45:05:18:db:8e:e2:19:b9:a6:e4:24:
d3:7e:f2:e6:dc:1a:f5:c8:ad:11:c1:5b:56:86:74:
51:3f:28:ce:38:62:33:68:57:9c:4d:09:79:e3:16:
51:20:c5:66:24:01:1a:f3:69:0c:f3:1e:73:83:39:
08:44:b9:e7:b0:7b:4e:75:f9:30:f7:71:6f:42:54:
b6:82:36:94:da:56:7a:62:3e:8f:ff:89:a5:a5:1c:
47:a2:62:f6:22:63:fc:08:54:5e:be:cc:73:c0:84:
17:da:a5:78:1d:5b:63:5c:dc:89:c2:0b:e0:c9:bb:
79:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B9:77:8C:32:E1:90:7B:40:2B:BB:BA:27:FB:22:86:A5:08:0E:06
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/H7l3jDLhkHtAK7u6J_sihqUIDgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
94:10:38:40:a1:bb:f3:27:8b:a4:84:58:ba:cc:67:14:78:98:
ed:3b:42:c8:3d:67:71:53:cc:66:81:8c:6e:f8:5e:a6:cf:8d:
fc:92:e4:f5:bf:62:4c:b7:7b:82:a0:f3:1f:f0:8e:70:a7:bc:
1f:0e:e6:da:37:1c:9e:c3:7d:69:24:e1:8d:0f:a9:44:38:b4:
c9:f7:bd:e1:93:ce:6f:01:34:33:11:c1:20:fc:cd:9d:fe:94:
27:4e:53:ed:b6:3e:e5:e6:7e:66:c2:e7:be:36:3f:12:9b:31:
4c:92:49:67:3b:ee:6e:f5:12:de:6c:cb:4b:42:ed:97:76:e7:
06:0c:65:bd:15:19:13:50:9e:df:be:41:6c:cd:76:52:40:d2:
97:18:53:cb:b1:ed:44:a5:9c:5d:31:7b:20:ac:b8:3c:f3:d6:
e6:3e:c8:50:2f:e6:45:fd:77:80:3c:32:e9:79:53:98:16:0b:
d1:e0:27:39:70:68:db:13:fd:93:f7:b5:ae:76:0f:74:27:9c:
75:94:1d:17:12:8d:f6:b6:03:e8:82:ad:63:4d:f1:36:1e:d5:
ea:a4:4b:e1:c0:24:e8:b2:64:8e:d7:8c:04:3d:e7:a0:ef:c4:
70:cb:67:0b:bc:1d:88:49:3c:38:dc:b7:60:a7:a7:4b:04:9e:
69:83:0f:18
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHgW1pLtQPMcZD/iBQvzUUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTExMDkxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmI5Nzc4YzMyZTE5MDdiNDAyYmJiYmEyN2ZiMjI4NmE1MDgwZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj01KnyzTY+lY5QTfUQ1oYr54IQcj
NToSlPN0N7FCmr11mYBynLhIm+ACO+/JenN260vFDTg5xkGp1ooZ0WYpzxrNiYir
EBRdQ3D5cKkafHr7nqZ2axIDDnat9lTTAKeNbSSh0zpbcEvcsHcmXWBm6opTJdst
f7DobywMstLziV6BUyDyt8jX170hRQUY247iGbmm5CTTfvLm3Br1yK0RwVtWhnRR
PyjOOGIzaFecTQl54xZRIMVmJAEa82kM8x5zgzkIRLnnsHtOdfkw93FvQlS2gjaU
2lZ6Yj6P/4mlpRxHomL2ImP8CFRevsxzwIQX2qV4HVtjXNyJwgvgybt5zwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFB+5d4wy4ZB7QCu7uif7IoalCA4GMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSDdsM2pETGhrSHRBSzd1Nkpfc2locVVJRGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQCUEDhAobvzJ4ukhFi6zGcUeJjtO0LIPWdxU8xm
gYxu+F6mz438kuT1v2JMt3uCoPMf8I5wp7wfDubaNxyew31pJOGND6lEOLTJ973h
k85vATQzEcEg/M2d/pQnTlPttj7l5n5mwue+Nj8SmzFMkklnO+5u9RLebMtLQu2X
ducGDGW9FRkTUJ7fvkFszXZSQNKXGFPLse1EpZxdMXsgrLg889bmPshQL+ZF/XeA
PDLpeVOYFgvR4Cc5cGjbE/2T97Wudg90J5x1lB0XEo32tgPogq1jTfE2HtXqpEvh
wCTosmSO14wEPeeg78Rwy2cLvB2ISTw43Ldgp6dLBJ5pgw8Y
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:11 2025 by rpki-client