Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OM2lnXiQ3Zmvax_mgotlQVYSwvM.roa
File: OM2lnXiQ3Zmvax_mgotlQVYSwvM.roa (raw, json)
Hash identifier: 7ekgOMSDK3Qsvk6a2E7GEl7hgUubKdoOIDN3ZXhX/e0=
Subject key identifier: 38:CD:A5:9D:78:90:DD:99:AF:6B:1F:E6:82:8B:65:41:56:12:C2:F3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191882A0BEBE8E5B5CB9D40780C53745B64
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OM2lnXiQ3Zmvax_mgotlQVYSwvM.roa
Signing time: Sun 25 Aug 2024 06:12:22 +0000
ROA not before: Sun 25 Aug 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:88:2a:0b:eb:e8:e5:b5:cb:9d:40:78:0c:53:74:5b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 25 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38cda59d7890dd99af6b1fe6828b65415612c2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e8:94:49:f4:a0:4d:d6:68:ed:c9:19:68:73:
58:55:ba:ce:34:38:91:83:80:40:ed:21:36:7d:bb:
18:59:ad:9d:f9:95:43:9d:90:c9:4e:54:9f:56:1f:
f0:9d:34:f1:dc:ca:6e:98:82:db:9b:59:af:00:1d:
2b:db:10:6f:9d:d8:ff:94:04:96:d9:7b:9f:c3:9e:
1a:6f:64:58:0a:67:ef:28:79:72:0d:50:a5:e8:e3:
1f:7c:6d:06:47:90:27:40:42:70:ff:70:cc:38:5c:
73:9c:49:1e:10:af:85:67:ec:ea:45:3d:56:4f:3d:
64:9a:0e:83:09:ee:a4:e8:27:3a:9d:3d:76:d7:ea:
e5:b0:61:88:6c:53:3a:ca:a6:80:73:c7:c4:d2:43:
ff:56:c6:47:30:25:02:64:96:4d:58:fb:23:a1:f7:
f3:b0:11:1d:f9:a0:0d:97:93:69:a1:1b:2f:66:73:
c1:be:70:55:54:37:c8:ff:59:69:89:21:13:c0:9e:
5d:02:89:41:0d:a8:39:de:30:4a:c3:3b:a8:8d:9d:
22:40:81:9f:37:76:f2:20:66:f5:ae:f7:ae:be:e6:
18:4a:76:1d:9a:f5:a6:d4:5d:be:02:75:76:a4:3b:
bf:13:bc:50:6c:d3:a0:85:e2:5e:54:11:35:f6:70:
c6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CD:A5:9D:78:90:DD:99:AF:6B:1F:E6:82:8B:65:41:56:12:C2:F3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OM2lnXiQ3Zmvax_mgotlQVYSwvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
4f:dc:ae:62:7d:1f:71:cd:b2:eb:fc:e8:7e:aa:77:3b:db:d6:
12:7d:05:5d:03:40:4f:0a:eb:4f:e0:f9:54:11:f9:79:87:e3:
c0:a7:2a:33:45:39:18:15:2b:16:e0:c9:a8:ca:4e:c0:87:89:
86:e7:66:c8:a7:d8:4f:60:d5:5d:c0:d3:97:31:2c:25:70:35:
c9:4a:ed:a4:2a:e9:f3:a0:b4:bc:54:fa:1f:ac:b9:7e:3d:7f:
95:66:bb:c6:f4:9d:85:d7:a2:7d:9e:79:51:93:01:af:26:5f:
ba:b2:d4:ad:9a:f1:f7:ba:6e:ce:31:31:93:12:67:c5:24:9b:
b6:91:3e:ca:fe:1f:3e:e7:a0:50:95:ef:3e:a5:ed:b0:86:5b:
7d:30:69:5b:cc:df:d0:f0:8f:b0:c9:29:7f:e1:99:d3:44:51:
02:19:1b:50:84:9d:db:75:74:d8:68:4d:60:1a:53:7e:49:d9:
0b:98:19:20:8a:c0:d1:75:34:44:43:55:19:f4:26:40:0a:77:
73:a8:fc:c7:e1:37:1a:ac:f7:80:bd:30:67:66:c8:0c:18:a6:
64:32:f0:ac:5d:a3:5f:a9:f4:cf:dd:27:eb:03:37:8b:58:42:
e1:1c:c7:01:0c:0a:96:1e:2f:7d:18:02:6e:f5:f0:83:91:bc:
d7:23:53:6d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGIKgvr6OW1y51AeAxTdFtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI1MDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkYTU5ZDc4OTBkZDk5YWY2YjFmZTY4MjhiNjU0MTU2MTJjMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uiUSfSgTdZo7ckZaHNYVbrONDiR
g4BA7SE2fbsYWa2d+ZVDnZDJTlSfVh/wnTTx3MpumILbm1mvAB0r2xBvndj/lASW
2Xufw54ab2RYCmfvKHlyDVCl6OMffG0GR5AnQEJw/3DMOFxznEkeEK+FZ+zqRT1W
Tz1kmg6DCe6k6Cc6nT121+rlsGGIbFM6yqaAc8fE0kP/VsZHMCUCZJZNWPsjoffz
sBEd+aANl5NpoRsvZnPBvnBVVDfI/1lpiSETwJ5dAolBDag53jBKwzuojZ0iQIGf
N3byIGb1rveuvuYYSnYdmvWm1F2+AnV2pDu/E7xQbNOgheJeVBE19nDGpQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDjNpZ14kN2Zr2sf5oKLZUFWEsLzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT00ybG5YaVEzWm12YXhfbWdvdGxRVllTd3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAT9yuYn0fcc2y6/zofqp3O9vW
En0FXQNATwrrT+D5VBH5eYfjwKcqM0U5GBUrFuDJqMpOwIeJhudmyKfYT2DVXcDT
lzEsJXA1yUrtpCrp86C0vFT6H6y5fj1/lWa7xvSdhdeifZ55UZMBryZfurLUrZrx
97puzjExkxJnxSSbtpE+yv4fPuegUJXvPqXtsIZbfTBpW8zf0PCPsMkpf+GZ00RR
AhkbUISd23V02GhNYBpTfknZC5gZIIrA0XU0RENVGfQmQAp3c6j8x+E3Gqz3gL0w
Z2bIDBimZDLwrF2jX6n0z90n6wM3i1hC4RzHAQwKlh4vfRgCbvXwg5G81yNTbQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:49:53 2025 by rpki-client