Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Oz7n1TXtNjs1GiersayB3yrvxOY.roa
File: Oz7n1TXtNjs1GiersayB3yrvxOY.roa (raw, json)
Hash identifier: GFd0Iy+rMMep01MGPaBbtmLs3i7CbBaA1UrfRAq54WA=
Subject key identifier: 3B:3E:E7:D5:35:ED:36:3B:35:1A:27:AB:B1:AC:81:DF:2A:EF:C4:E6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943BF4AF88EA15588F88A1EE11C88B4946
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Oz7n1TXtNjs1GiersayB3yrvxOY.roa
Signing time: Mon 06 Jan 2025 14:11:18 +0000
ROA not before: Mon 06 Jan 2025 14:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:f4:af:88:ea:15:58:8f:88:a1:ee:11:c8:8b:49:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 6 14:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b3ee7d535ed363b351a27abb1ac81df2aefc4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:66:d1:cb:de:c8:5f:a0:74:00:28:09:c5:2f:
7d:64:d0:0d:59:2c:3c:c6:c9:01:5d:20:99:5c:93:
dc:aa:6d:81:4a:2d:90:3e:58:bf:dc:1f:15:f6:dd:
a3:34:e0:2c:57:d1:20:2e:3a:5d:24:0e:24:ba:b3:
78:c7:79:e9:1a:d4:a9:49:cd:1b:b6:cd:ce:54:75:
4d:fa:09:3c:8e:90:b2:06:60:61:a1:3d:9f:84:01:
b0:5d:ba:c9:2b:45:72:13:b0:43:86:74:4f:d5:e6:
db:45:aa:38:6b:79:e1:29:ce:b6:7b:8b:6d:b7:7c:
8e:3a:5c:46:cf:f7:7b:1e:0f:fc:13:39:7e:9a:32:
af:10:cf:c0:f2:e3:fe:f2:62:8e:de:13:c9:ca:b2:
b2:eb:82:bf:fa:27:3e:0e:c0:84:6b:71:a5:4a:30:
6b:81:cf:3b:09:49:89:7b:40:92:51:59:48:6c:6b:
1c:ae:ea:98:e3:9b:6c:2c:18:c1:14:2f:af:d0:07:
d0:77:2b:70:98:9a:96:91:9b:78:cf:0c:29:0d:2d:
a5:57:3f:78:6a:a1:cd:4b:9d:df:7a:49:f9:98:81:
2c:fe:fb:11:97:09:c1:e8:9a:ac:74:69:11:d3:03:
1f:92:36:37:20:98:3f:fe:e2:98:da:5c:51:21:e6:
13:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3E:E7:D5:35:ED:36:3B:35:1A:27:AB:B1:AC:81:DF:2A:EF:C4:E6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Oz7n1TXtNjs1GiersayB3yrvxOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
88:62:68:c5:a8:5f:ba:fa:8a:fd:5c:bf:b5:36:3f:46:a1:29:
94:54:cb:77:8a:f0:7e:d3:36:82:83:87:ed:c2:ee:f4:93:51:
17:22:05:e9:73:9f:3a:f2:a7:83:ba:60:9b:e4:ef:ed:65:00:
4f:39:a2:93:3e:dd:90:e4:d2:48:ec:d9:7f:84:e7:a1:e2:69:
a8:2a:b4:ef:6f:37:93:2d:79:98:5d:a3:3f:bf:ed:57:bf:e0:
86:6e:fb:0c:62:b2:98:d8:e9:1e:ff:92:5a:2b:a8:d1:0c:71:
f8:5f:be:43:58:5f:eb:a6:81:a2:ef:0e:df:30:dd:1b:5f:17:
55:b8:47:ec:68:8c:39:a2:c1:90:51:79:5c:bb:b6:e0:18:29:
97:d9:27:65:91:26:26:f8:9e:10:54:65:90:88:fe:27:50:72:
eb:14:80:8c:88:11:d4:c9:22:f6:2e:3c:b6:b5:fb:de:e9:70:
9e:09:00:b2:70:1a:7c:c9:94:e6:b4:ff:04:5c:9c:53:b8:c8:
6b:74:85:ab:74:b7:a6:84:a8:47:6a:f2:d5:27:0f:6d:ac:00:
1f:3c:9e:53:5f:8f:12:28:bb:02:e1:f0:b7:bd:34:f9:f9:e0:
db:7f:7c:96:2e:ec:47:e8:05:f3:93:96:e9:57:bf:93:7a:2d:
56:24:74:7d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ79K+I6hVYj4ih7hHIi0lGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA2MTQxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNlZTdkNTM1ZWQzNjNiMzUxYTI3YWJiMWFjODFkZjJhZWZjNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmbRy97IX6B0ACgJxS99ZNANWSw8
xskBXSCZXJPcqm2BSi2QPli/3B8V9t2jNOAsV9EgLjpdJA4kurN4x3npGtSpSc0b
ts3OVHVN+gk8jpCyBmBhoT2fhAGwXbrJK0VyE7BDhnRP1ebbRao4a3nhKc62e4tt
t3yOOlxGz/d7Hg/8Ezl+mjKvEM/A8uP+8mKO3hPJyrKy64K/+ic+DsCEa3GlSjBr
gc87CUmJe0CSUVlIbGscruqY45tsLBjBFC+v0AfQdytwmJqWkZt4zwwpDS2lVz94
aqHNS53fekn5mIEs/vsRlwnB6JqsdGkR0wMfkjY3IJg//uKY2lxRIeYThQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDs+59U17TY7NRonq7Gsgd8q78TmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT3o3bjFUWHROanMxR2llcnNheUIzeXJ2eE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAiGJoxahfuvqK/Vy/tTY/RqEp
lFTLd4rwftM2goOH7cLu9JNRFyIF6XOfOvKng7pgm+Tv7WUATzmikz7dkOTSSOzZ
f4TnoeJpqCq07283ky15mF2jP7/tV7/ghm77DGKymNjpHv+SWiuo0Qxx+F++Q1hf
66aBou8O3zDdG18XVbhH7GiMOaLBkFF5XLu24Bgpl9knZZEmJvieEFRlkIj+J1By
6xSAjIgR1Mki9i48trX73ulwngkAsnAafMmU5rT/BFycU7jIa3SFq3S3poSoR2ry
1ScPbawAHzyeU1+PEii7AuHwt700+fng2398li7sR+gF85OW6Ve/k3otViR0fQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:45 2025 by rpki-client