Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O8mxcU_BivknpqNjRLZUbc0UAUM.roa
File: O8mxcU_BivknpqNjRLZUbc0UAUM.roa (raw, json)
Hash identifier: mjtzNnlhi1Bgzvm1Q0ujrAoq0+jq6/lYxQywL0vZIps=
Subject key identifier: 3B:C9:B1:71:4F:C1:8A:F9:27:A6:A3:63:44:B6:54:6D:CD:14:01:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191197021D41638A830C90561B0738C05D3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O8mxcU_BivknpqNjRLZUbc0UAUM.roa
Signing time: Sat 03 Aug 2024 18:11:04 +0000
ROA not before: Sat 03 Aug 2024 18:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:19:70:21:d4:16:38:a8:30:c9:05:61:b0:73:8c:05:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 18:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bc9b1714fc18af927a6a36344b6546dcd140143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:22:e2:c4:4e:a2:02:57:11:58:2b:70:78:d2:
b8:a5:6a:15:5d:28:01:1b:67:c5:ea:91:a2:32:52:
57:ef:e8:e4:a3:41:cd:16:3d:bc:28:fc:50:db:18:
f8:9d:f0:5b:3a:cc:cf:97:3d:03:38:0b:0d:8d:2d:
b4:40:1d:0a:3d:8b:c4:37:78:96:38:aa:53:21:69:
98:19:76:a2:35:f0:4b:df:83:0b:84:8c:3e:3e:1d:
05:1a:94:2a:ff:80:d7:44:0f:9d:15:31:b5:a8:06:
64:63:97:e6:7d:e6:0d:7c:84:5d:34:ef:6b:f1:c2:
36:58:b0:e6:3e:6d:00:d3:5a:0a:3d:96:7b:9a:4c:
ed:a6:bc:b4:7e:ed:fd:a6:26:63:0c:a9:fc:80:fb:
89:70:ed:2b:97:85:63:e6:a9:21:64:31:2e:b7:ad:
13:8e:64:84:0a:f3:f8:9d:07:79:1b:fb:6e:53:42:
7d:17:71:77:c6:2a:28:ba:b1:c1:c1:d3:eb:7b:b5:
60:56:2d:68:b0:42:f3:af:c4:23:e1:f6:98:1d:26:
5e:b1:0c:d1:1e:c7:9c:c8:cf:a6:46:92:f9:85:39:
ad:f5:8b:fe:87:6f:f1:48:b5:df:ed:16:eb:9d:9c:
a4:9a:25:3f:10:f8:0e:c9:c8:07:e4:ad:0f:95:67:
09:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C9:B1:71:4F:C1:8A:F9:27:A6:A3:63:44:B6:54:6D:CD:14:01:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O8mxcU_BivknpqNjRLZUbc0UAUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
01:8e:44:c9:15:0e:b3:07:33:85:89:e6:15:24:b5:81:76:61:
6d:51:b8:87:38:ab:cd:5e:19:23:e8:af:4d:b3:c3:ac:db:53:
04:cc:d6:91:0a:8f:a3:c9:2e:0f:b8:51:71:a2:e2:ee:62:b0:
b2:00:a9:e4:8c:cf:79:7b:50:7f:92:7a:f4:ea:2d:4e:34:ad:
33:14:f8:7d:d2:1c:25:ff:0d:13:df:7f:77:d3:20:2f:d9:fc:
43:f6:59:ab:15:b7:c2:37:dc:7d:52:25:43:d2:6b:f8:d9:ce:
b5:95:03:51:ab:48:46:81:e0:2e:69:c8:2d:db:10:b8:96:8e:
aa:85:1c:f2:d2:f9:bd:7c:61:79:b1:b0:5e:8d:8d:79:3b:40:
a7:a1:66:0b:56:68:6f:b9:2e:c8:44:b6:a0:d6:71:d2:df:65:
bd:aa:cd:b2:a2:dd:45:72:70:19:63:2b:fe:6e:97:5d:14:60:
ba:3c:e8:19:af:df:bc:98:c2:b1:f3:c7:22:1e:f2:e0:d3:c7:
4e:53:0a:8e:72:11:1c:05:e9:81:8f:53:eb:10:6e:b4:9b:b8:
31:5c:a9:0b:3d:e7:6d:fa:04:75:3e:c9:6e:7b:a6:51:98:be:
2e:65:c2:fb:19:f3:a4:07:d0:5a:cb:96:01:a4:c6:ef:bd:45:
ea:33:a8:c1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEZcCHUFjioMMkFYbBzjAXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMTgxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM5YjE3MTRmYzE4YWY5MjdhNmEzNjM0NGI2NTQ2ZGNkMTQwMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iLixE6iAlcRWCtweNK4pWoVXSgB
G2fF6pGiMlJX7+jko0HNFj28KPxQ2xj4nfBbOszPlz0DOAsNjS20QB0KPYvEN3iW
OKpTIWmYGXaiNfBL34MLhIw+Ph0FGpQq/4DXRA+dFTG1qAZkY5fmfeYNfIRdNO9r
8cI2WLDmPm0A01oKPZZ7mkztpry0fu39piZjDKn8gPuJcO0rl4Vj5qkhZDEut60T
jmSECvP4nQd5G/tuU0J9F3F3xioourHBwdPre7VgVi1osELzr8Qj4faYHSZesQzR
HsecyM+mRpL5hTmt9Yv+h2/xSLXf7RbrnZykmiU/EPgOycgH5K0PlWcJ1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDvJsXFPwYr5J6ajY0S2VG3NFAFDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTzhteGNVX0JpdmtucHFOalJMWlViYzBVQVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAAY5EyRUOswczhYnmFSS1gXZh
bVG4hzirzV4ZI+ivTbPDrNtTBMzWkQqPo8kuD7hRcaLi7mKwsgCp5IzPeXtQf5J6
9OotTjStMxT4fdIcJf8NE99/d9MgL9n8Q/ZZqxW3wjfcfVIlQ9Jr+NnOtZUDUatI
RoHgLmnILdsQuJaOqoUc8tL5vXxhebGwXo2NeTtAp6FmC1Zob7kuyES2oNZx0t9l
varNsqLdRXJwGWMr/m6XXRRgujzoGa/fvJjCsfPHIh7y4NPHTlMKjnIRHAXpgY9T
6xButJu4MVypCz3nbfoEdT7JbnumUZi+LmXC+xnzpAfQWsuWAaTG771F6jOowQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:55 2025 by rpki-client