Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KyEPkbKZoSlBXnwod4EwMUfuaw8.roa
File: KyEPkbKZoSlBXnwod4EwMUfuaw8.roa (raw, json)
Hash identifier: PiPv8/pBXkeVFVbv1HDeN7bEvv2YbereenVj0nl3hkk=
Subject key identifier: 2B:21:0F:91:B2:99:A1:29:41:5E:7C:28:77:81:30:31:47:EE:6B:0F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019165671ECD03A7924C148AD7135F0BCDDB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KyEPkbKZoSlBXnwod4EwMUfuaw8.roa
Signing time: Sun 18 Aug 2024 12:12:22 +0000
ROA not before: Sun 18 Aug 2024 12:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:65:67:1e:cd:03:a7:92:4c:14:8a:d7:13:5f:0b:cd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 18 12:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b210f91b299a129415e7c287781303147ee6b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:71:1b:07:5d:fd:d8:6f:12:cc:f4:f9:09:fd:
11:3b:0f:33:43:52:a1:21:c9:6b:2e:fd:1c:01:0b:
ad:ec:ce:30:00:e9:ac:87:46:64:66:93:b5:c4:00:
36:84:c3:89:c6:fc:2c:3f:6c:50:73:b4:07:40:64:
3e:49:72:33:65:af:fd:9a:2d:25:c2:19:78:67:a1:
18:e0:d7:0f:67:e7:09:6b:74:6a:86:f3:81:73:96:
3d:e2:1f:43:7c:04:ec:9c:f5:c7:38:a7:26:b4:94:
01:02:b9:36:35:ac:d8:1e:35:37:83:7d:1c:a5:88:
84:40:8d:7a:bd:fd:dc:a0:f5:e2:8f:90:68:86:eb:
cb:84:6d:cc:8f:24:01:2c:f9:13:ef:8e:3a:10:fd:
55:72:2a:4a:c2:b1:5a:f1:c0:49:26:e2:ab:4e:26:
5d:03:e2:7c:78:bd:41:38:98:89:f6:84:32:b4:34:
e6:9c:46:37:89:aa:2c:53:e9:de:d5:3e:15:84:55:
12:78:3e:ec:7f:ac:f3:05:af:d4:74:36:dd:3c:b3:
7f:1f:32:6a:08:02:fb:d2:4b:98:dd:f4:23:0a:46:
eb:c6:02:a0:0d:ff:8b:78:2a:46:de:3b:b1:d2:48:
95:5e:34:42:88:09:e1:4e:e7:a3:07:7b:33:84:c9:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:21:0F:91:B2:99:A1:29:41:5E:7C:28:77:81:30:31:47:EE:6B:0F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KyEPkbKZoSlBXnwod4EwMUfuaw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
64:6b:25:ab:8a:5c:32:cc:a7:de:eb:68:95:60:45:34:88:79:
d6:a6:1e:f6:f5:e3:ed:58:26:33:72:39:51:53:28:0a:a2:d2:
74:c8:7a:35:f3:00:99:84:69:71:b9:8f:1c:36:f7:86:90:f7:
9d:5a:54:9a:18:bb:38:fe:05:a6:68:40:93:e4:df:6d:d1:67:
64:6b:b5:fe:39:f2:5c:23:d1:b6:24:89:5c:19:57:ea:22:a6:
4c:a6:31:6f:94:0e:f8:f1:5b:1f:33:ca:68:29:d8:22:3b:27:
c1:af:9b:c7:ff:c1:c0:c3:77:2c:17:3b:c2:d3:d4:ff:c7:48:
95:81:bc:8b:ea:1b:8e:c9:a2:8e:92:7e:14:c7:17:16:80:1a:
f5:0a:0f:7a:82:3e:45:62:e7:2c:ca:e5:f4:2f:90:b2:24:4d:
1f:f4:01:62:34:97:a3:c5:76:53:08:c5:e0:71:f1:0e:ec:f7:
e6:3e:4a:70:29:9a:5c:6a:dd:10:45:d7:b2:1d:8a:8c:1e:b8:
90:1f:e9:4b:d4:5c:45:5b:1b:ed:c6:ac:4e:a5:43:35:8a:3a:
56:9f:7c:0e:7b:5d:37:fa:87:49:30:a3:65:b0:d9:2f:47:62:
cc:ad:a4:a4:c8:a0:12:85:a8:3f:fe:e3:6f:b4:42:30:6b:56:
4c:52:7c:7d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFlZx7NA6eSTBSK1xNfC83bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE4MTIxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjIxMGY5MWIyOTlhMTI5NDE1ZTdjMjg3NzgxMzAzMTQ3ZWU2YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3EbB1392G8SzPT5Cf0ROw8zQ1Kh
IclrLv0cAQut7M4wAOmsh0ZkZpO1xAA2hMOJxvwsP2xQc7QHQGQ+SXIzZa/9mi0l
whl4Z6EY4NcPZ+cJa3RqhvOBc5Y94h9DfATsnPXHOKcmtJQBArk2NazYHjU3g30c
pYiEQI16vf3coPXij5BohuvLhG3MjyQBLPkT7446EP1VcipKwrFa8cBJJuKrTiZd
A+J8eL1BOJiJ9oQytDTmnEY3iaosU+ne1T4VhFUSeD7sf6zzBa/UdDbdPLN/HzJq
CAL70kuY3fQjCkbrxgKgDf+LeCpG3jux0kiVXjRCiAnhTuejB3szhMnPswIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCshD5GymaEpQV58KHeBMDFH7msPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS3lFUGtiS1pvU2xCWG53b2Q0RXdNVWZ1YXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZGslq4pcMsyn3utolWBFNIh5
1qYe9vXj7VgmM3I5UVMoCqLSdMh6NfMAmYRpcbmPHDb3hpD3nVpUmhi7OP4FpmhA
k+TfbdFnZGu1/jnyXCPRtiSJXBlX6iKmTKYxb5QO+PFbHzPKaCnYIjsnwa+bx//B
wMN3LBc7wtPU/8dIlYG8i+objsmijpJ+FMcXFoAa9QoPeoI+RWLnLMrl9C+QsiRN
H/QBYjSXo8V2UwjF4HHxDuz35j5KcCmaXGrdEEXXsh2KjB64kB/pS9RcRVsb7cas
TqVDNYo6Vp98DntdN/qHSTCjZbDZL0dizK2kpMigEoWoP/7jb7RCMGtWTFJ8fQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:21:41 2025 by rpki-client