Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KYS2KoS4tEjPZHEhi48PSEnrxuA.roa
File: KYS2KoS4tEjPZHEhi48PSEnrxuA.roa (raw, json)
Hash identifier: WKjCPkFqCyqCZJVretmRgzQj2D+qW+1gSdRyvVgxXeQ=
Subject key identifier: 29:84:B6:2A:84:B8:B4:48:CF:64:71:21:8B:8F:0F:48:49:EB:C6:E0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192ECFAA22E969442191B7028E022CC39A9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KYS2KoS4tEjPZHEhi48PSEnrxuA.roa
Signing time: Sat 02 Nov 2024 13:05:01 +0000
ROA not before: Sat 02 Nov 2024 13:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:ecfa:d84/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:fa:a2:2e:96:94:42:19:1b:70:28:e0:22:cc:39:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 2 13:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2984b62a84b8b448cf6471218b8f0f4849ebc6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d5:ea:e7:83:2a:db:e1:c6:d8:e1:7c:27:2b:
50:14:00:a6:db:4d:9f:89:62:98:3b:98:3a:13:aa:
62:8d:42:fc:3b:09:66:11:6c:ab:a8:67:07:cb:61:
69:93:13:a8:91:a0:78:cb:8e:c4:74:27:0f:7d:05:
d3:66:5e:f7:fb:a2:5d:3f:d7:3f:d2:b4:72:64:4e:
8b:71:e7:82:81:3a:c0:5a:e3:09:e2:f4:01:0e:1e:
0c:55:e9:1e:51:88:65:1e:d0:17:a7:2c:98:84:4b:
82:2d:1d:49:f4:d4:12:ba:d6:60:09:b6:ca:13:58:
45:ca:eb:47:fa:b5:8b:d5:bb:c3:96:cc:95:00:91:
82:94:2f:4b:43:e5:24:10:fa:db:62:bf:1c:67:e2:
f1:a0:a2:ab:2f:66:95:9f:03:cb:f6:07:3d:bb:74:
f7:45:bf:c8:56:69:73:b3:56:a8:a7:37:0c:75:15:
9f:6e:9d:42:38:1a:3f:a4:99:49:b5:2e:09:40:c9:
0b:52:7b:06:9a:4d:32:8b:c0:4e:f7:0d:f5:46:25:
54:0d:ba:fb:6b:c6:ca:03:70:c9:89:8b:34:89:54:
bb:c8:08:56:5f:42:13:d2:5a:36:41:7c:13:d5:92:
d8:37:cd:a3:30:1e:48:26:d4:58:42:26:2d:86:d8:
15:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:84:B6:2A:84:B8:B4:48:CF:64:71:21:8B:8F:0F:48:49:EB:C6:E0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KYS2KoS4tEjPZHEhi48PSEnrxuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:ecfa:d84/128
Signature Algorithm: sha256WithRSAEncryption
07:1c:bf:23:fa:e9:01:7e:3d:26:5b:80:75:08:25:0b:e1:8e:
65:61:97:4a:52:b3:a2:15:69:b5:e9:11:c6:51:46:a1:72:2d:
c5:7a:06:cb:e1:be:58:81:a7:0a:18:68:b6:a3:1e:89:d0:f0:
da:11:67:06:2d:bc:38:a3:77:6e:35:80:e3:78:a2:0b:69:a0:
ad:07:24:0d:47:ad:57:69:a6:5f:25:c7:fe:9d:99:26:eb:2e:
b7:fe:ef:d9:af:15:27:b1:75:11:f4:66:c8:cc:22:ca:90:5f:
3e:f4:b7:02:39:4a:b0:38:bf:60:b9:14:3c:83:06:67:03:6f:
25:a7:d4:ce:50:f5:1c:4b:6e:1f:23:e5:1f:e6:00:14:88:62:
53:5d:dc:f3:cd:56:c7:5f:bb:a3:49:0b:0e:ab:83:d6:23:2b:
3e:33:b7:72:2a:35:fc:b6:4d:54:ca:58:53:6f:b4:6c:f7:4a:
f5:60:d4:2f:21:b0:ee:f4:f2:65:d0:69:f2:01:64:97:ed:78:
bf:cf:f8:1f:f5:d8:5e:71:dc:e1:60:64:ff:e1:79:f3:7c:e2:
38:42:9d:4c:73:61:82:d1:2b:3e:0d:78:1b:99:d4:d9:3f:1a:
74:1f:c3:7f:4a:dc:dc:65:f5:c4:63:b5:05:0a:80:e2:71:7a:
e6:00:19:de
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZLs+qIulpRCGRtwKOAizDmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTAyMTMwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg0YjYyYTg0YjhiNDQ4Y2Y2NDcxMjE4YjhmMGY0ODQ5ZWJjNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tXq54Mq2+HG2OF8JytQFACm202f
iWKYO5g6E6pijUL8OwlmEWyrqGcHy2FpkxOokaB4y47EdCcPfQXTZl73+6JdP9c/
0rRyZE6LceeCgTrAWuMJ4vQBDh4MVekeUYhlHtAXpyyYhEuCLR1J9NQSutZgCbbK
E1hFyutH+rWL1bvDlsyVAJGClC9LQ+UkEPrbYr8cZ+LxoKKrL2aVnwPL9gc9u3T3
Rb/IVmlzs1aopzcMdRWfbp1COBo/pJlJtS4JQMkLUnsGmk0yi8BO9w31RiVUDbr7
a8bKA3DJiYs0iVS7yAhWX0IT0lo2QXwT1ZLYN82jMB5IJtRYQiYthtgV2wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCmEtiqEuLRIz2RxIYuPD0hJ68bgMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS1lTMktvUzR0RWpQWkhFaGk0OFBTRW5yeHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGS7PoNhDANBgkqhkiG9w0BAQsFAAOCAQEABxy/I/rpAX49JluAdQglC+GO
ZWGXSlKzohVptekRxlFGoXItxXoGy+G+WIGnChhotqMeidDw2hFnBi28OKN3bjWA
43iiC2mgrQckDUetV2mmXyXH/p2ZJusut/7v2a8VJ7F1EfRmyMwiypBfPvS3AjlK
sDi/YLkUPIMGZwNvJafUzlD1HEtuHyPlH+YAFIhiU13c881Wx1+7o0kLDquD1iMr
PjO3cio1/LZNVMpYU2+0bPdK9WDULyGw7vTyZdBp8gFkl+14v8/4H/XYXnHc4WBk
/+F583ziOEKdTHNhgtErPg14G5nU2T8adB/Df0rc3GX1xGO1BQqA4nF65gAZ3g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:07:02 2025 by rpki-client