Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OfNa8SFqb2xxjh_YvNdZDECREiU.roa
File: OfNa8SFqb2xxjh_YvNdZDECREiU.roa (raw, json)
Hash identifier: 8wU8y1KoFicTxcbii+Ct4SSd81H/vQnBbDiDz32Qrz4=
Subject key identifier: 39:F3:5A:F1:21:6A:6F:6C:71:8E:1F:D8:BC:D7:59:0C:40:91:12:25
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192980190624224226508A4EAC9AF5FC234
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OfNa8SFqb2xxjh_YvNdZDECREiU.roa
Signing time: Thu 17 Oct 2024 01:04:52 +0000
ROA not before: Thu 17 Oct 2024 01:04:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:9801:1c98/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:98:01:90:62:42:24:22:65:08:a4:ea:c9:af:5f:c2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 17 01:04:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39f35af1216a6f6c718e1fd8bcd7590c40911225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:62:8e:1e:85:4a:12:02:6f:f4:18:7f:30:
d0:ab:ea:8f:c2:95:b4:d6:81:4f:7b:79:2c:37:2b:
c1:2b:13:bc:f3:b5:7c:56:2f:d7:eb:aa:0a:a1:69:
a7:97:8b:42:f1:d5:63:f6:a4:f2:ae:74:e5:3b:b3:
26:95:e7:97:a7:6d:d1:1b:cd:18:4d:ef:d2:31:57:
9a:3f:19:65:06:a1:c8:f8:fa:04:89:cb:be:03:b4:
93:28:af:09:66:e4:ff:73:f4:2b:24:7f:7a:d7:cb:
df:6b:6a:43:0f:7d:c2:4c:c6:43:f3:b7:1c:3a:30:
18:75:21:1a:71:1a:b8:f0:b9:1d:7a:79:77:34:de:
12:cd:0b:bc:c8:44:3f:3d:85:d4:6d:34:3b:a4:5d:
c6:59:68:13:68:cc:cb:34:85:3e:b4:2f:2f:cb:f6:
94:fd:b5:4d:3a:81:46:5e:8b:83:51:d7:92:af:93:
23:6c:58:28:f6:12:e9:87:6f:e5:ec:83:35:43:a5:
6e:53:ae:77:74:f2:d5:59:24:cf:37:fa:5b:a5:32:
32:91:ef:dd:20:9a:23:0e:22:f3:20:48:fd:6c:8f:
c8:9e:13:e1:5f:5d:25:fe:df:75:32:2e:82:2e:50:
d1:ae:80:c0:bf:a1:11:f1:02:d3:4d:1a:35:dd:13:
f5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F3:5A:F1:21:6A:6F:6C:71:8E:1F:D8:BC:D7:59:0C:40:91:12:25
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OfNa8SFqb2xxjh_YvNdZDECREiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:9801:1c98/128
Signature Algorithm: sha256WithRSAEncryption
00:36:8b:af:0a:a7:b7:21:f6:d0:b9:65:91:f7:77:58:f5:2e:
71:c5:ee:9f:04:d2:fe:a1:53:a5:76:ab:23:6d:40:68:91:24:
81:d2:fc:1f:8c:ac:6e:43:0a:ff:44:34:92:3e:3e:e5:04:06:
20:eb:99:cc:d1:3d:77:23:84:af:cc:f8:03:e2:26:f9:e5:10:
6c:bd:ea:97:fe:74:b0:0a:8a:e9:2d:15:c4:dd:e6:5e:c9:27:
11:ad:c8:b8:3d:ce:c4:bf:eb:22:11:69:71:f4:b0:25:82:e1:
f0:23:38:cb:c7:1e:e9:7f:34:a8:bc:e5:77:09:c7:eb:81:66:
48:d9:79:5e:0d:98:13:82:2e:d1:a7:12:b8:34:d8:99:1e:6b:
61:a0:5f:ca:c9:f4:fd:c8:e8:b3:e8:bb:52:b3:de:8f:5d:50:
5d:d9:4b:5f:9b:3a:bc:84:e3:11:33:ff:bb:4d:71:cc:9c:9d:
67:01:b3:64:89:2e:0e:a0:30:ab:23:a5:f1:8b:c7:95:5a:77:
d5:36:9b:34:a0:b6:2a:53:cf:1f:0a:33:10:65:b1:0b:d3:58:
92:79:64:22:b9:51:9c:6d:ad:98:51:91:82:58:a4:ed:e2:e5:
23:fd:29:01:79:f9:b5:39:8d:4e:51:f7:b3:94:58:4a:cb:18:
fa:6a:b5:86
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKYAZBiQiQiZQik6smvX8I0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDE3MDEwNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWYzNWFmMTIxNmE2ZjZjNzE4ZTFmZDhiY2Q3NTkwYzQwOTExMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Fijh6FShICb/QYfzDQq+qPwpW0
1oFPe3ksNyvBKxO887V8Vi/X66oKoWmnl4tC8dVj9qTyrnTlO7MmleeXp23RG80Y
Te/SMVeaPxllBqHI+PoEicu+A7STKK8JZuT/c/QrJH9618vfa2pDD33CTMZD87cc
OjAYdSEacRq48Lkdenl3NN4SzQu8yEQ/PYXUbTQ7pF3GWWgTaMzLNIU+tC8vy/aU
/bVNOoFGXouDUdeSr5MjbFgo9hLph2/l7IM1Q6VuU653dPLVWSTPN/pbpTIyke/d
IJojDiLzIEj9bI/InhPhX10l/t91Mi6CLlDRroDAv6ER8QLTTRo13RP1VQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDnzWvEham9scY4f2LzXWQxAkRIlMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2ZOYThTRnFiMnh4amhfWXZOZFpERUNSRWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSmAEcmDANBgkqhkiG9w0BAQsFAAOCAQEAADaLrwqntyH20Lllkfd3WPUu
ccXunwTS/qFTpXarI21AaJEkgdL8H4ysbkMK/0Q0kj4+5QQGIOuZzNE9dyOEr8z4
A+Im+eUQbL3ql/50sAqK6S0VxN3mXsknEa3IuD3OxL/rIhFpcfSwJYLh8CM4y8ce
6X80qLzldwnH64FmSNl5Xg2YE4Iu0acSuDTYmR5rYaBfysn0/cjos+i7UrPej11Q
XdlLX5s6vITjETP/u01xzJydZwGzZIkuDqAwqyOl8YvHlVp31TabNKC2KlPPHwoz
EGWxC9NYknlkIrlRnG2tmFGRglik7eLlI/0pAXn5tTmNTlH3s5RYSssY+mq1hg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:21:25 2025 by rpki-client