Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K3itQuNmUIud8ZnIwWDLrTugQMY.roa
File: K3itQuNmUIud8ZnIwWDLrTugQMY.roa (raw, json)
Hash identifier: RQMEUiVGbB12De7jnCiOQvDm+oLVq7u6DLnEHrzDPdQ=
Subject key identifier: 2B:78:AD:42:E3:66:50:8B:9D:F1:99:C8:C1:60:CB:AD:3B:A0:40:C6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01919D60F46DAFE9395768D86D73E740C409
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K3itQuNmUIud8ZnIwWDLrTugQMY.roa
Signing time: Thu 29 Aug 2024 09:04:22 +0000
ROA not before: Thu 29 Aug 2024 09:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:9d60:def2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:60:f4:6d:af:e9:39:57:68:d8:6d:73:e7:40:c4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 29 09:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b78ad42e366508b9df199c8c160cbad3ba040c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:0d:7e:35:b3:96:03:1a:ee:37:4c:eb:43:
52:05:e5:90:28:e9:90:89:39:41:e8:fc:48:17:32:
69:c4:b5:20:2d:15:51:8f:a7:6c:ac:48:04:47:06:
1d:4a:7c:fa:ee:01:4a:9b:7a:66:ac:1a:ad:f1:e0:
85:7e:a0:82:94:1e:86:e7:dd:3e:2d:78:dd:b2:ad:
dc:cd:20:d6:41:5c:7e:6e:6b:e5:40:6b:f8:dc:dc:
8b:bc:71:d3:03:dc:cb:03:8f:bd:83:09:97:ea:83:
73:c8:78:d9:98:87:62:34:d9:26:25:7e:b6:79:9a:
2d:df:6d:1f:6f:ff:4c:9d:30:7d:58:7f:2c:a5:80:
e7:a8:78:52:10:f3:35:37:c1:c1:d2:6f:b8:11:02:
47:9f:07:79:7e:6b:5e:c1:51:92:16:4f:74:cb:8c:
2b:8a:0e:dc:6b:8e:ea:1a:c5:d1:8c:a1:88:37:46:
b4:a6:49:26:27:21:ad:d8:c1:02:ef:de:ee:0f:90:
0e:14:bb:40:89:80:c0:f2:6a:dc:9d:09:eb:ab:b2:
17:f9:85:85:43:b2:f4:f2:11:0a:a3:a8:3b:c5:8c:
eb:1e:3a:e7:4a:92:0d:0c:b5:af:6c:16:f6:57:18:
9b:0c:fc:67:01:2b:b0:45:90:95:9d:dd:a2:25:39:
4e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:78:AD:42:E3:66:50:8B:9D:F1:99:C8:C1:60:CB:AD:3B:A0:40:C6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K3itQuNmUIud8ZnIwWDLrTugQMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:9d60:def2/128
Signature Algorithm: sha256WithRSAEncryption
24:3e:f4:ad:24:73:f3:e7:6d:8b:75:09:a4:04:97:e2:83:87:
db:c1:a2:3b:df:df:4f:03:ac:00:b4:22:c3:3e:be:ef:ca:43:
14:f7:84:7d:8f:32:36:05:c9:62:26:91:49:91:b5:a9:0b:fd:
0f:30:9e:8a:65:3c:95:83:0f:29:49:54:54:a1:b4:88:1d:19:
f9:89:60:60:60:68:1d:f8:b2:a4:12:f8:2b:76:a0:8a:07:04:
4d:df:e6:69:3b:85:bb:b1:fd:e0:75:af:d9:5d:ab:f4:9e:ba:
04:41:70:5d:ba:24:d5:6d:67:1d:a9:65:ac:cc:9a:7e:aa:98:
10:de:e2:32:e9:73:fa:fc:94:bc:97:2a:ba:be:ec:fe:31:0e:
ee:0b:28:d4:29:aa:01:4d:f7:78:ab:29:4a:24:e3:c0:9f:e8:
04:4f:26:d6:fe:20:6b:3a:c8:77:f1:97:e3:35:0d:27:1b:fa:
5d:3d:6d:15:dd:6c:5a:44:06:ae:c2:60:41:20:93:45:4d:ef:
39:c5:2e:c9:54:c7:9f:f7:7f:6d:43:d7:a8:a4:9f:00:97:19:
f6:ef:2a:27:a8:62:dc:16:73:33:30:73:f8:cc:fd:7c:38:cf:
50:c6:f9:92:a8:68:d3:ea:8b:4d:5f:8a:6f:73:a8:1f:ac:18:
48:79:e7:69
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZGdYPRtr+k5V2jYbXPnQMQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI5MDkwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc4YWQ0MmUzNjY1MDhiOWRmMTk5YzhjMTYwY2JhZDNiYTA0MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz8NfjWzlgMa7jdM60NSBeWQKOmQ
iTlB6PxIFzJpxLUgLRVRj6dsrEgERwYdSnz67gFKm3pmrBqt8eCFfqCClB6G590+
LXjdsq3czSDWQVx+bmvlQGv43NyLvHHTA9zLA4+9gwmX6oNzyHjZmIdiNNkmJX62
eZot320fb/9MnTB9WH8spYDnqHhSEPM1N8HB0m+4EQJHnwd5fmtewVGSFk90y4wr
ig7ca47qGsXRjKGIN0a0pkkmJyGt2MEC797uD5AOFLtAiYDA8mrcnQnrq7IX+YWF
Q7L08hEKo6g7xYzrHjrnSpINDLWvbBb2VxibDPxnASuwRZCVnd2iJTlO8QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCt4rULjZlCLnfGZyMFgy607oEDGMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSzNpdFF1Tm1VSXVkOFpuSXdXRExyVHVnUU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkZ1g3vIwDQYJKoZIhvcNAQELBQADggEB
ACQ+9K0kc/PnbYt1CaQEl+KDh9vBojvf308DrAC0IsM+vu/KQxT3hH2PMjYFyWIm
kUmRtakL/Q8wnoplPJWDDylJVFShtIgdGfmJYGBgaB34sqQS+Ct2oIoHBE3f5mk7
hbux/eB1r9ldq/SeugRBcF26JNVtZx2pZazMmn6qmBDe4jLpc/r8lLyXKrq+7P4x
Du4LKNQpqgFN93irKUok48Cf6ARPJtb+IGs6yHfxl+M1DScb+l09bRXdbFpEBq7C
YEEgk0VN7znFLslUx5/3f21D16iknwCXGfbvKieoYtwWczMwc/jM/Xw4z1DG+ZKo
aNPqi01fim9zqB+sGEh552k=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:12:17 2025 by rpki-client