Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KBlIWAkYfz9Z8BP8QNo9_JIHH9A.roa
File: KBlIWAkYfz9Z8BP8QNo9_JIHH9A.roa (raw, json)
Hash identifier: m+zknL4TSPv8jlTU9uWw2SxA+y6w7Q6xClnu/KzqPVc=
Subject key identifier: 28:19:48:58:09:18:7F:3F:59:F0:13:FC:40:DA:3D:FC:92:07:1F:D0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019226B59B87D3C10583502092952B9F8EE8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KBlIWAkYfz9Z8BP8QNo9_JIHH9A.roa
Signing time: Wed 25 Sep 2024 01:04:48 +0000
ROA not before: Wed 25 Sep 2024 01:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:26b5:3c43/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:26:b5:9b:87:d3:c1:05:83:50:20:92:95:2b:9f:8e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 25 01:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2819485809187f3f59f013fc40da3dfc92071fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a7:13:a2:ed:87:82:9a:9a:04:9f:78:31:29:
24:91:cd:a0:9d:5c:03:31:fd:05:ff:91:bf:8b:5f:
11:22:90:56:b1:dd:15:ab:42:56:c1:28:0d:11:56:
1e:25:7e:10:65:b6:41:b5:d5:5f:de:ff:8e:e6:c8:
d4:1d:1a:07:a7:f4:4d:c7:b8:59:55:2f:1d:9d:22:
2f:0a:d8:02:05:5a:01:88:e8:31:68:50:77:48:9e:
bd:b6:c6:c9:fd:a2:64:1f:42:4b:e3:2f:3a:07:d9:
50:98:e7:21:69:c2:26:3c:55:a5:b4:1b:9a:29:a2:
9b:6e:3c:94:db:3c:82:0a:9b:58:bf:a4:b2:67:37:
dc:49:6f:d2:0e:4c:5f:33:a0:dc:ca:98:57:78:e3:
e9:2a:d0:30:c5:c5:b1:74:00:92:06:db:6d:13:50:
88:51:3f:5b:4d:39:bc:7f:15:90:eb:53:bb:58:e4:
5f:22:1e:06:6a:f6:71:a8:2c:0f:7a:f5:bf:12:63:
ee:38:3b:69:ae:89:e7:35:bf:ef:90:93:bd:49:99:
d6:cf:54:e0:3d:2f:47:d8:d1:7a:69:42:67:80:05:
4e:a9:40:70:fe:be:05:00:3f:54:e1:37:d6:0b:d2:
e1:2f:a5:5a:8e:bd:ea:90:1f:f4:a0:a9:8b:a8:41:
20:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:19:48:58:09:18:7F:3F:59:F0:13:FC:40:DA:3D:FC:92:07:1F:D0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KBlIWAkYfz9Z8BP8QNo9_JIHH9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:26b5:3c43/128
Signature Algorithm: sha256WithRSAEncryption
1c:1d:a2:a5:8e:75:de:d6:45:b7:df:1b:6f:af:cc:a8:5e:75:
b2:cf:91:16:50:42:fe:ca:33:2e:12:c5:81:18:8a:9d:91:d7:
bb:65:c2:fa:98:a5:b4:49:ec:e9:c8:e1:b2:21:af:05:98:08:
5d:f1:69:af:87:cd:e1:05:fc:5a:de:6d:98:8c:9a:13:48:7d:
eb:f8:1a:bf:74:ab:87:f3:c8:1e:66:5f:ed:88:a5:33:8b:f2:
0c:cd:e5:2e:4b:45:72:58:18:42:59:b2:90:30:33:40:fc:1c:
85:99:66:af:b0:c3:40:ad:9a:17:ba:47:94:5b:c2:c0:7b:fa:
9b:aa:a0:f1:11:c6:f4:b6:af:bb:7c:c7:76:fa:98:58:bb:b2:
81:0e:19:8b:7a:95:eb:ab:a4:e0:e6:31:ec:5d:d0:0e:42:7e:
04:78:bd:1a:de:c3:76:2a:39:9e:53:0b:88:bb:36:6f:b5:9b:
3f:79:97:59:df:1a:ee:04:ce:20:07:44:bb:3c:be:98:6d:54:
c4:55:d8:42:04:dd:c6:5c:63:82:24:7f:dc:12:e3:84:bd:02:
9c:7e:87:bd:b4:b8:77:d2:99:47:67:bf:6f:f4:3e:05:c9:49:
37:8f:b5:44:64:3a:96:71:03:03:77:e8:6e:74:fc:fb:5c:4d:
e9:3c:82:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZImtZuH08EFg1AgkpUrn47oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTI1MDEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE5NDg1ODA5MTg3ZjNmNTlmMDEzZmM0MGRhM2RmYzkyMDcxZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKcTou2HgpqaBJ94MSkkkc2gnVwD
Mf0F/5G/i18RIpBWsd0Vq0JWwSgNEVYeJX4QZbZBtdVf3v+O5sjUHRoHp/RNx7hZ
VS8dnSIvCtgCBVoBiOgxaFB3SJ69tsbJ/aJkH0JL4y86B9lQmOchacImPFWltBua
KaKbbjyU2zyCCptYv6SyZzfcSW/SDkxfM6DcyphXeOPpKtAwxcWxdACSBtttE1CI
UT9bTTm8fxWQ61O7WORfIh4GavZxqCwPevW/EmPuODtpronnNb/vkJO9SZnWz1Tg
PS9H2NF6aUJngAVOqUBw/r4FAD9U4TfWC9LhL6Vajr3qkB/0oKmLqEEgmQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCgZSFgJGH8/WfAT/EDaPfySBx/QMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS0JsSVdBa1lmejlaOEJQOFFObzlfSklISDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSJrU8QzANBgkqhkiG9w0BAQsFAAOCAQEAHB2ipY513tZFt98bb6/MqF51
ss+RFlBC/sozLhLFgRiKnZHXu2XC+piltEns6cjhsiGvBZgIXfFpr4fN4QX8Wt5t
mIyaE0h96/gav3Srh/PIHmZf7YilM4vyDM3lLktFclgYQlmykDAzQPwchZlmr7DD
QK2aF7pHlFvCwHv6m6qg8RHG9Lavu3zHdvqYWLuygQ4Zi3qV66uk4OYx7F3QDkJ+
BHi9Gt7Ddio5nlMLiLs2b7WbP3mXWd8a7gTOIAdEuzy+mG1UxFXYQgTdxlxjgiR/
3BLjhL0CnH6HvbS4d9KZR2e/b/Q+BclJN4+1RGQ6lnEDA3fobnT8+1xN6TyCWw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:50:46 2025 by rpki-client