Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NIMMixs3SgUKbiU0Lw8mxWZzSI8.roa
File: NIMMixs3SgUKbiU0Lw8mxWZzSI8.roa (raw, json)
Hash identifier: Mda84Qr2FuZXUoiTOc5ACEcfyqQ+M39rwPQpumFZNlE=
Subject key identifier: 34:83:0C:8B:1B:37:4A:05:0A:6E:25:34:2F:0F:26:C5:66:73:48:8F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195975C67467CC4080F89634EEBC47571F0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NIMMixs3SgUKbiU0Lw8mxWZzSI8.roa
Signing time: Sat 15 Mar 2025 01:12:49 +0000
ROA not before: Sat 15 Mar 2025 01:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:97:5c:67:46:7c:c4:08:0f:89:63:4e:eb:c4:75:71:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 01:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34830c8b1b374a050a6e25342f0f26c56673488f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:81:4c:73:41:34:35:aa:71:5a:df:cd:c6:2d:
f8:f0:84:a8:81:82:fd:81:2c:ea:c9:3b:7d:49:a1:
09:68:d1:6b:41:71:62:4c:93:2f:8f:46:07:86:da:
3d:8f:6a:72:7e:5c:97:2d:8e:1e:e3:da:04:2e:43:
0c:88:33:c7:a6:44:99:b7:a1:df:c6:fb:e5:a1:71:
7c:eb:b6:ec:fc:8f:ae:c9:1e:ae:e1:b7:a2:cf:ec:
d9:23:81:74:75:f3:fd:d1:7e:c6:f3:a1:c2:29:f7:
2e:4d:59:83:e7:62:72:e4:d6:2b:91:6f:55:00:c0:
29:2a:07:b3:f2:0f:a4:f4:9e:d4:a3:c4:83:a5:47:
31:79:60:39:50:00:04:54:fa:6f:d8:7c:11:a6:2b:
94:70:3b:73:32:ae:44:86:f5:ac:5e:92:48:e0:a3:
8d:c4:6d:77:62:5a:a6:3e:2a:11:9b:2f:de:61:49:
d4:b4:e8:ed:ef:bd:2c:f7:78:5a:be:ce:15:f9:ed:
ab:05:fe:7a:62:4f:61:5f:e5:a5:5d:bc:a3:f7:21:
38:9a:75:ef:df:b2:1b:96:d9:51:76:7a:1b:6b:25:
c1:e3:f1:fb:5f:7e:58:05:6a:9d:79:c3:92:40:a3:
71:dc:20:72:3f:ca:69:77:9c:aa:46:57:d1:01:fb:
fd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:83:0C:8B:1B:37:4A:05:0A:6E:25:34:2F:0F:26:C5:66:73:48:8F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NIMMixs3SgUKbiU0Lw8mxWZzSI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
41:2d:73:49:0c:8a:19:5b:7c:8a:a9:72:cc:32:31:4c:32:50:
85:b7:97:85:1c:a6:4b:e1:67:bf:34:b3:1d:a2:aa:d9:6a:7c:
21:de:ae:f8:b3:50:f4:bb:78:82:ca:45:ed:97:53:75:38:03:
5c:d9:05:46:51:32:2d:5e:e0:ad:e8:89:06:71:54:fb:74:89:
14:cf:a0:42:4c:5d:5a:a3:97:a2:fb:e6:d6:08:f9:c0:c8:59:
5a:3f:f2:6d:ff:af:1c:42:37:34:68:95:ad:03:84:0e:1c:f7:
90:69:63:e4:53:e3:5b:ef:96:54:5f:52:2f:a8:a7:f6:09:d0:
26:01:e9:4e:13:c6:bd:75:b4:e7:df:c9:02:34:cd:33:a6:7e:
be:62:d4:aa:ca:ab:66:ce:5e:13:5f:6c:95:00:49:3c:7c:23:
a0:99:b8:e1:61:94:15:53:58:39:e0:52:6f:ed:0e:52:fe:99:
ec:ce:4a:45:d4:44:1e:53:6d:38:4f:db:76:c9:bd:04:60:e4:
f3:ab:92:68:2f:7f:4c:e7:34:9a:4f:7b:70:3a:c5:da:52:06:
89:e0:42:e8:df:24:2e:50:f4:75:56:87:27:f4:cb:38:85:fc:
ed:74:a4:b3:5a:df:1e:d6:06:e5:1e:9c:12:de:10:13:d8:28:
8b:44:c4:71
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWXXGdGfMQID4ljTuvEdXHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MDExMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgzMGM4YjFiMzc0YTA1MGE2ZTI1MzQyZjBmMjZjNTY2NzM0ODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IFMc0E0NapxWt/Nxi348ISogYL9
gSzqyTt9SaEJaNFrQXFiTJMvj0YHhto9j2pyflyXLY4e49oELkMMiDPHpkSZt6Hf
xvvloXF867bs/I+uyR6u4beiz+zZI4F0dfP90X7G86HCKfcuTVmD52Jy5NYrkW9V
AMApKgez8g+k9J7Uo8SDpUcxeWA5UAAEVPpv2HwRpiuUcDtzMq5EhvWsXpJI4KON
xG13YlqmPioRmy/eYUnUtOjt770s93havs4V+e2rBf56Yk9hX+WlXbyj9yE4mnXv
37IbltlRdnobayXB4/H7X35YBWqdecOSQKNx3CByP8ppd5yqRlfRAfv9IwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDSDDIsbN0oFCm4lNC8PJsVmc0iPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTklNTWl4czNTZ1VLYmlVMEx3OG14V1p6U0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAQS1zSQyKGVt8iqlyzDIxTDJQ
hbeXhRymS+FnvzSzHaKq2Wp8Id6u+LNQ9Lt4gspF7ZdTdTgDXNkFRlEyLV7greiJ
BnFU+3SJFM+gQkxdWqOXovvm1gj5wMhZWj/ybf+vHEI3NGiVrQOEDhz3kGlj5FPj
W++WVF9SL6in9gnQJgHpThPGvXW059/JAjTNM6Z+vmLUqsqrZs5eE19slQBJPHwj
oJm44WGUFVNYOeBSb+0OUv6Z7M5KRdREHlNtOE/bdsm9BGDk86uSaC9/TOc0mk97
cDrF2lIGieBC6N8kLlD0dVaHJ/TLOIX87XSks1rfHtYG5R6cEt4QE9goi0TEcQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:11 2025 by rpki-client