Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MBem2IjST0_5W9KMwPunQWqhwDg.roa
File: MBem2IjST0_5W9KMwPunQWqhwDg.roa (raw, json)
Hash identifier: uZWJ1YPguj1X6qqYMg5vtZ0hGeAAIQQCX0dtRU0IN+Q=
Subject key identifier: 30:17:A6:D8:88:D2:4F:4F:F9:5B:D2:8C:C0:FB:A7:41:6A:A1:C0:38
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913BC57F8F7AE1E5CF8D00BA054FC70132
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MBem2IjST0_5W9KMwPunQWqhwDg.roa
Signing time: Sat 10 Aug 2024 10:11:24 +0000
ROA not before: Sat 10 Aug 2024 10:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:c5:7f:8f:7a:e1:e5:cf:8d:00:ba:05:4f:c7:01:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 10:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3017a6d888d24f4ff95bd28cc0fba7416aa1c038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:53:ea:c6:58:75:33:34:f5:3f:92:aa:c4:
15:49:f1:3c:6b:77:43:0d:bc:91:77:ee:c0:54:66:
9c:e0:80:42:9c:d2:b1:85:7c:05:f6:1a:b7:93:74:
cd:e7:05:38:e5:ab:2a:e4:19:2c:26:82:e0:2e:fc:
47:b0:c4:63:1b:0b:31:51:76:f0:75:c4:84:d4:ad:
20:af:b8:e8:f1:ef:a6:6c:85:81:fa:39:7f:ed:3b:
ca:43:7f:fa:a6:3b:eb:b4:30:9c:f9:12:49:2b:9d:
4f:b0:a8:11:c2:ba:8d:a2:95:1b:9f:81:82:3c:94:
93:2d:7f:31:95:5b:bf:80:e2:de:e1:6b:5b:3e:92:
a7:6c:d6:a3:7e:f4:4e:dc:59:d3:57:23:5e:50:ee:
15:83:03:30:5a:1b:4e:6c:ef:c3:a9:c0:1d:91:d8:
fd:97:97:21:cc:72:24:73:d9:b5:40:76:7f:4b:0a:
5c:f4:06:16:b1:6f:6c:cd:db:f3:66:6b:ff:ce:66:
46:ef:90:54:de:f4:e4:4d:32:df:45:95:4a:40:76:
b3:ca:2a:2d:d1:bd:b1:56:d7:8a:71:44:7a:7c:02:
0b:21:6b:8c:f6:2d:1a:dc:fc:9f:1a:29:eb:cb:b2:
f3:07:f2:92:16:c4:cd:a7:11:d4:25:07:51:60:83:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:17:A6:D8:88:D2:4F:4F:F9:5B:D2:8C:C0:FB:A7:41:6A:A1:C0:38
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MBem2IjST0_5W9KMwPunQWqhwDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
41:cf:01:16:d0:59:2d:5b:8d:d7:86:85:26:0f:9d:51:81:a5:
39:44:92:2c:84:e7:a8:fc:8e:3a:4f:17:98:49:af:be:ab:de:
5f:ad:40:cc:c6:28:c9:41:0c:44:ec:7d:6e:8c:77:c0:e7:0d:
00:0a:fd:54:07:b2:6a:f4:7e:e5:5c:6c:8a:06:22:d8:e3:e4:
6d:25:d3:9a:3e:bc:13:ee:e2:cd:fe:f8:30:fb:a6:d7:1d:28:
73:07:e0:d3:f1:9a:1c:e5:86:bf:b6:c5:a2:8b:f5:dc:6d:b7:
41:e4:35:7a:bd:35:b8:af:b5:80:d3:f4:a6:a2:82:72:5c:f4:
ca:14:f4:c7:c1:87:2f:d1:24:14:c3:e2:8c:d8:ec:5a:2e:2c:
bd:3a:1e:8b:69:5f:a4:67:37:a8:1b:0f:cb:75:0d:83:1e:95:
ee:10:3c:3b:1d:36:db:ed:e9:73:2d:d6:cd:f9:10:ba:0e:8b:
52:89:13:b5:50:39:9f:49:c5:cb:62:d3:1d:58:cb:d2:9b:ff:
d0:9f:62:68:20:24:95:2d:98:81:d1:c5:30:bf:9e:4c:57:a7:
54:8e:8a:90:ce:f7:ca:d9:db:67:58:19:56:69:14:0c:95:b2:
c7:ec:9b:8d:19:67:ef:55:2e:11:b1:09:af:ae:3e:e9:d7:a0:
2a:c2:9d:2d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE7xX+PeuHlz40AugVPxwEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMTAxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE3YTZkODg4ZDI0ZjRmZjk1YmQyOGNjMGZiYTc0MTZhYTFjMDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5FT6sZYdTM09T+SqsQVSfE8a3dD
DbyRd+7AVGac4IBCnNKxhXwF9hq3k3TN5wU45asq5BksJoLgLvxHsMRjGwsxUXbw
dcSE1K0gr7jo8e+mbIWB+jl/7TvKQ3/6pjvrtDCc+RJJK51PsKgRwrqNopUbn4GC
PJSTLX8xlVu/gOLe4WtbPpKnbNajfvRO3FnTVyNeUO4VgwMwWhtObO/DqcAdkdj9
l5chzHIkc9m1QHZ/Swpc9AYWsW9szdvzZmv/zmZG75BU3vTkTTLfRZVKQHazyiot
0b2xVteKcUR6fAILIWuM9i0a3PyfGinry7LzB/KSFsTNpxHUJQdRYIPD4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDAXptiI0k9P+VvSjMD7p0FqocA4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTUJlbTJJalNUMF81VzlLTXdQdW5RV3Fod0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAQc8BFtBZLVuN14aFJg+dUYGl
OUSSLITnqPyOOk8XmEmvvqveX61AzMYoyUEMROx9box3wOcNAAr9VAeyavR+5Vxs
igYi2OPkbSXTmj68E+7izf74MPum1x0ocwfg0/GaHOWGv7bFoov13G23QeQ1er01
uK+1gNP0pqKCclz0yhT0x8GHL9EkFMPijNjsWi4svToei2lfpGc3qBsPy3UNgx6V
7hA8Ox022+3pcy3WzfkQug6LUokTtVA5n0nFy2LTHVjL0pv/0J9iaCAklS2YgdHF
ML+eTFenVI6KkM73ytnbZ1gZVmkUDJWyx+ybjRln71UuEbEJr64+6degKsKdLQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:03 2025 by rpki-client