Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nb6NaXncFBH-beoRGroM3uvCT1Y.roa
File: Nb6NaXncFBH-beoRGroM3uvCT1Y.roa (raw, json)
Hash identifier: /8fDRO7EPJo9XuTR/zGqP5yMpx6uzQ8AsC5eqJQLbW0=
Subject key identifier: 35:BE:8D:69:79:DC:14:11:FE:6D:EA:11:1A:BA:0C:DE:EB:C2:4F:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019128E3361A49CD3E2E563AF1772CCF0A0E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nb6NaXncFBH-beoRGroM3uvCT1Y.roa
Signing time: Tue 06 Aug 2024 18:11:04 +0000
ROA not before: Tue 06 Aug 2024 18:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:28:e3:36:1a:49:cd:3e:2e:56:3a:f1:77:2c:cf:0a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 18:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35be8d6979dc1411fe6dea111aba0cdeebc24f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f0:e7:5a:70:2b:c9:37:f5:be:a7:b3:32:21:
e6:e3:2a:02:6e:8e:cc:b6:d0:c5:ad:2b:a9:1d:5d:
bf:36:49:ac:b4:99:d4:1d:5e:e1:10:0f:28:b7:1d:
fb:07:88:aa:5f:fc:fa:5a:d2:8a:2d:16:76:d0:66:
82:75:3f:fa:df:f7:75:01:30:8f:78:d9:0e:b3:52:
e4:cc:32:64:04:ba:04:d7:46:b5:e2:c7:c5:51:0a:
4b:0c:bb:33:54:a8:cc:b5:b0:6f:8e:a9:22:be:d8:
d6:20:a9:d9:96:df:e6:98:d8:cc:a8:cd:fc:d7:34:
54:50:f6:c4:3b:a9:d9:d8:32:ff:a2:4a:42:7e:e0:
75:6c:19:1f:1e:e6:39:d8:9c:28:36:a1:9a:c7:ed:
45:07:68:76:64:25:87:ca:6e:4f:d1:9d:60:e2:a6:
0a:c4:8a:71:33:e7:75:1b:c2:20:08:05:6d:d0:15:
8b:63:6b:16:21:a7:2e:c0:ae:17:2b:d8:5b:64:3d:
42:3c:f5:f6:e7:77:70:40:80:d7:01:81:13:b0:61:
dc:f8:e3:0f:63:95:ae:4d:42:d2:99:e1:40:8a:48:
d8:9e:04:e4:0a:e7:0c:3d:fb:b5:9e:37:d5:43:fc:
74:ec:d0:74:8d:4e:db:95:87:c0:33:46:17:9b:a3:
47:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BE:8D:69:79:DC:14:11:FE:6D:EA:11:1A:BA:0C:DE:EB:C2:4F:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Nb6NaXncFBH-beoRGroM3uvCT1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5c:9a:c5:73:6a:45:f1:98:96:e3:66:fc:8e:ac:57:91:cf:66:
5c:33:24:fe:7f:18:c8:6e:2f:06:43:e1:d1:7c:e3:15:9b:4d:
e3:d6:da:77:69:e1:49:fa:b6:bd:df:d5:9d:66:65:32:2c:84:
34:1b:0f:36:80:9d:da:8e:f0:03:84:bb:a0:bc:d6:6e:7a:c3:
7c:e0:5e:58:b1:5e:dc:2e:96:2e:ef:42:28:69:c7:d9:80:4b:
3c:07:2c:4a:3d:69:2f:84:7c:db:fe:11:1c:05:12:b7:82:1a:
83:a4:a8:e7:a5:77:36:7b:f4:98:50:c3:15:aa:01:55:1b:5b:
74:62:dc:da:93:64:0a:c8:95:ce:66:a9:f3:6f:f6:5a:57:f6:
11:12:17:b9:56:7a:e8:ba:a1:f0:6b:35:e3:99:36:d7:d4:b3:
a1:ca:a8:63:60:2f:49:12:35:18:58:e0:f5:1d:17:ce:6d:9c:
26:b0:13:c6:45:56:cf:e4:fa:ed:7f:67:f4:59:ee:b5:d3:e3:
53:b7:33:73:c7:b4:bd:d7:6e:11:17:22:19:62:b7:0c:a8:d8:
34:1a:57:58:ee:36:b8:00:59:df:55:e6:dc:88:c9:b3:ac:09:
d3:87:d4:f0:e6:2a:4a:73:6e:b3:df:98:49:33:43:51:b2:68:
e8:d3:ab:d8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEo4zYaSc0+LlY68XcszwoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MTgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJlOGQ2OTc5ZGMxNDExZmU2ZGVhMTExYWJhMGNkZWViYzI0ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PDnWnAryTf1vqezMiHm4yoCbo7M
ttDFrSupHV2/NkmstJnUHV7hEA8otx37B4iqX/z6WtKKLRZ20GaCdT/63/d1ATCP
eNkOs1LkzDJkBLoE10a14sfFUQpLDLszVKjMtbBvjqkivtjWIKnZlt/mmNjMqM38
1zRUUPbEO6nZ2DL/okpCfuB1bBkfHuY52JwoNqGax+1FB2h2ZCWHym5P0Z1g4qYK
xIpxM+d1G8IgCAVt0BWLY2sWIacuwK4XK9hbZD1CPPX253dwQIDXAYETsGHc+OMP
Y5WuTULSmeFAikjYngTkCucMPfu1njfVQ/x07NB0jU7blYfAM0YXm6NHgwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDW+jWl53BQR/m3qERq6DN7rwk9WMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTmI2TmFYbmNGQkgtYmVvUkdyb00zdXZDVDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXJrFc2pF8ZiW42b8jqxXkc9m
XDMk/n8YyG4vBkPh0XzjFZtN49bad2nhSfq2vd/VnWZlMiyENBsPNoCd2o7wA4S7
oLzWbnrDfOBeWLFe3C6WLu9CKGnH2YBLPAcsSj1pL4R82/4RHAUSt4Iag6So56V3
Nnv0mFDDFaoBVRtbdGLc2pNkCsiVzmap82/2Wlf2ERIXuVZ66Lqh8Gs145k219Sz
ocqoY2AvSRI1GFjg9R0Xzm2cJrATxkVWz+T67X9n9FnutdPjU7czc8e0vdduERci
GWK3DKjYNBpXWO42uABZ31Xm3IjJs6wJ04fU8OYqSnNus9+YSTNDUbJo6NOr2A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:13:09 2025 by rpki-client