Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L5jzUv4oYe1umN50g8TPoKjCjAc.roa
File: L5jzUv4oYe1umN50g8TPoKjCjAc.roa (raw, json)
Hash identifier: mmq8SrQgF5AycqlIraJQc6YoI66pwCVdpQXixO+Cavs=
Subject key identifier: 2F:98:F3:52:FE:28:61:ED:6E:98:DE:74:83:C4:CF:A0:A8:C2:8C:07
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912F1C39D5B801E48EDEA61C6731B713D2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L5jzUv4oYe1umN50g8TPoKjCjAc.roa
Signing time: Wed 07 Aug 2024 23:11:04 +0000
ROA not before: Wed 07 Aug 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2f:1c:39:d5:b8:01:e4:8e:de:a6:1c:67:31:b7:13:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f98f352fe2861ed6e98de7483c4cfa0a8c28c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a7:de:bc:d1:bf:3f:e6:79:4b:fd:d8:b2:ac:
e9:e1:8a:bb:55:67:82:cd:aa:04:1b:1b:61:e3:64:
d8:15:14:32:de:ed:ec:f8:46:b2:68:c4:50:08:00:
c4:f5:fd:a6:18:8b:27:e1:e6:fc:fe:4e:01:77:00:
63:6f:34:9f:75:d3:45:61:3b:36:69:45:61:b3:33:
06:13:93:c0:11:5b:d9:53:ae:83:9a:59:91:14:0c:
4d:bd:74:13:c2:2f:a4:2d:47:d9:8f:5f:6a:72:84:
03:5b:5f:17:3f:b3:ee:85:ca:28:5d:84:eb:a2:01:
31:89:1a:ec:84:34:ad:d3:ae:ee:63:be:72:13:05:
2b:f7:3c:52:94:6f:02:e0:69:d2:7d:c7:4c:b8:f0:
f8:64:47:f2:fc:c9:5c:5c:8f:b3:6d:b5:f9:5c:7f:
2d:5a:51:2d:35:97:1f:87:63:55:3c:43:80:f7:5d:
2e:65:20:50:04:9d:ff:ac:3e:c8:02:bd:f0:63:13:
d6:8e:0e:e2:d7:e7:c3:fe:13:12:2a:7e:96:29:3c:
fd:8c:8b:af:0a:9d:63:fc:6c:5b:d2:7a:4b:11:65:
1a:9e:cf:09:7a:a7:3c:09:53:1e:ee:c5:00:82:55:
ef:a5:4c:4e:85:b2:40:c0:61:cb:16:eb:0d:5f:83:
ba:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:98:F3:52:FE:28:61:ED:6E:98:DE:74:83:C4:CF:A0:A8:C2:8C:07
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L5jzUv4oYe1umN50g8TPoKjCjAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
97:2f:e0:24:d4:e2:a5:12:88:97:5d:70:fb:c6:cb:25:c6:7f:
9c:d4:34:40:08:b6:d1:24:01:41:92:d4:31:46:85:87:2e:69:
40:37:f1:2b:66:26:e0:c8:43:61:3c:89:71:15:bd:bc:dd:9c:
7d:f0:98:25:a0:e7:8d:65:10:d3:6a:a3:c9:68:77:ed:1a:57:
9e:5e:ff:c8:3d:24:7a:5a:67:9f:14:60:29:c5:94:44:86:79:
0b:ba:ae:f7:4f:16:3a:8d:75:c1:39:d8:e4:94:a6:d1:4b:47:
51:12:0e:2b:a7:79:3c:0e:fb:f5:f3:f1:a1:0a:d7:13:63:2e:
1c:7b:28:9d:ee:27:eb:2d:11:a7:77:ee:38:34:7b:34:99:6d:
3a:fb:3a:86:e4:62:45:64:40:4c:37:43:98:41:75:82:86:6a:
29:9a:93:75:32:d8:d7:ac:ba:1c:c0:4e:80:90:20:41:80:2e:
60:ee:0c:70:bc:42:8c:01:62:e8:d6:b4:62:c8:f0:cc:c7:fb:
fc:e1:f9:2b:be:20:6b:d3:bc:a0:1d:18:5f:bc:7f:e0:bb:28:
bb:f5:38:c0:20:a1:46:0f:2c:bd:c1:ac:14:7a:9f:e5:3d:ac:
a1:3f:ba:9b:ef:86:b2:22:8b:76:b2:c9:e8:d6:42:55:80:c4:
a5:0d:3e:27
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEvHDnVuAHkjt6mHGcxtxPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk4ZjM1MmZlMjg2MWVkNmU5OGRlNzQ4M2M0Y2ZhMGE4YzI4YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1afevNG/P+Z5S/3Ysqzp4Yq7VWeC
zaoEGxth42TYFRQy3u3s+EayaMRQCADE9f2mGIsn4eb8/k4BdwBjbzSfddNFYTs2
aUVhszMGE5PAEVvZU66DmlmRFAxNvXQTwi+kLUfZj19qcoQDW18XP7PuhcooXYTr
ogExiRrshDSt067uY75yEwUr9zxSlG8C4GnSfcdMuPD4ZEfy/MlcXI+zbbX5XH8t
WlEtNZcfh2NVPEOA910uZSBQBJ3/rD7IAr3wYxPWjg7i1+fD/hMSKn6WKTz9jIuv
Cp1j/Gxb0npLEWUans8Jeqc8CVMe7sUAglXvpUxOhbJAwGHLFusNX4O6SwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC+Y81L+KGHtbpjedIPEz6CowowHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTDVqelV2NG9ZZTF1bU41MGc4VFBvS2pDakFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAly/gJNTipRKIl11w+8bLJcZ/
nNQ0QAi20SQBQZLUMUaFhy5pQDfxK2Ym4MhDYTyJcRW9vN2cffCYJaDnjWUQ02qj
yWh37RpXnl7/yD0kelpnnxRgKcWURIZ5C7qu908WOo11wTnY5JSm0UtHURIOK6d5
PA779fPxoQrXE2MuHHsone4n6y0Rp3fuODR7NJltOvs6huRiRWRATDdDmEF1goZq
KZqTdTLY16y6HMBOgJAgQYAuYO4McLxCjAFi6Na0YsjwzMf7/OH5K74ga9O8oB0Y
X7x/4Lsou/U4wCChRg8svcGsFHqf5T2soT+6m++GsiKLdrLJ6NZCVYDEpQ0+Jw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:25:50 2025 by rpki-client