Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PUnxGQjucm3IOQup_gQmAAeNDVI.roa
File: PUnxGQjucm3IOQup_gQmAAeNDVI.roa (raw, json)
Hash identifier: 5bYYo4tPnH5+7exGpyrzoIMWXMmsi8kSeavTF68FuxU=
Subject key identifier: 3D:49:F1:19:08:EE:72:6D:C8:39:0B:A9:FE:04:26:00:07:8D:0D:52
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01919D32437F095D886F5DF9C14946F820B0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PUnxGQjucm3IOQup_gQmAAeNDVI.roa
Signing time: Thu 29 Aug 2024 08:13:22 +0000
ROA not before: Thu 29 Aug 2024 08:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:32:43:7f:09:5d:88:6f:5d:f9:c1:49:46:f8:20:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 29 08:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d49f11908ee726dc8390ba9fe042600078d0d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:3f:bd:ff:68:fd:97:59:67:01:4e:19:b9:
f4:9c:97:bf:fb:ac:20:81:c6:a0:d5:c3:c5:c9:97:
90:d7:41:e6:96:97:c9:c1:87:9d:98:b1:b8:fd:34:
d9:c4:36:fc:41:cd:f9:ef:5e:7d:0b:4f:d9:54:05:
a4:da:92:b1:a3:46:38:0a:d2:68:9d:50:eb:63:f6:
46:f3:36:56:10:db:40:26:bc:61:87:4c:44:df:cb:
a0:39:ec:34:84:01:b5:eb:cc:34:7e:b0:a5:ff:2b:
d1:e8:5b:41:1c:9e:2f:8c:13:b4:63:37:04:27:b3:
3c:36:9e:3e:68:c6:29:e9:f9:17:6f:39:b9:17:a3:
ab:79:4d:54:12:ea:8a:d2:c3:14:b8:c2:b6:60:da:
44:18:08:37:aa:e0:70:48:cc:26:21:1d:d6:7f:1b:
f8:f2:ef:c2:cf:8d:73:b2:83:cc:5d:3d:9d:d7:4a:
15:5b:29:bc:b5:bf:e1:35:14:1e:15:04:d1:97:1d:
09:e1:44:c0:a3:87:e1:d3:3d:1e:91:8c:0a:e7:75:
bb:8d:43:27:8d:2a:43:ea:31:51:f8:73:b0:23:ce:
9e:02:84:68:5e:be:3a:a1:b0:59:37:0a:19:78:c6:
26:8b:02:37:78:b3:44:76:df:4f:30:44:29:c8:3b:
fc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:49:F1:19:08:EE:72:6D:C8:39:0B:A9:FE:04:26:00:07:8D:0D:52
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PUnxGQjucm3IOQup_gQmAAeNDVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
80:8c:6a:07:fc:8b:6b:95:eb:75:cb:08:af:58:4e:fc:cc:8d:
51:bf:be:14:9c:c3:b4:47:00:fd:2f:42:22:4b:36:7e:be:8d:
4f:6f:4a:68:69:47:10:03:0e:c2:07:f0:6d:41:c0:29:c7:7a:
d1:71:e0:c9:5e:98:4f:46:04:12:65:4e:34:9f:7e:56:57:60:
4b:d1:d1:ab:8e:84:53:58:f9:8a:34:48:21:e0:e4:a8:f4:40:
fd:61:05:bd:87:0a:af:ff:c4:b4:82:59:fd:29:17:ad:cb:18:
64:30:27:d4:9b:fc:7f:1d:3b:3f:79:bc:c4:0d:a1:ce:fa:97:
17:26:d2:09:d7:83:b1:bb:d3:01:69:cd:d2:ad:16:3e:d4:8a:
e6:0b:5f:aa:1e:cd:17:6b:21:4e:53:99:cb:9c:d4:9b:6b:c7:
8b:c2:fd:2e:06:72:df:f9:3c:bb:22:5e:e2:83:f9:c1:14:ad:
ef:36:b5:b3:89:59:8b:00:4d:6f:f7:56:74:17:11:d7:33:d0:
63:83:a4:fd:1b:08:c9:a5:60:55:17:0d:e7:96:7e:79:fd:ae:
61:ec:c5:06:42:ff:83:50:9a:38:05:0d:da:ad:be:9f:22:61:
fa:51:09:f6:76:23:02:84:af:5c:89:45:a4:0f:92:c3:0d:85:
d0:94:37:21
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGdMkN/CV2Ib135wUlG+CCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI5MDgxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ5ZjExOTA4ZWU3MjZkYzgzOTBiYTlmZTA0MjYwMDA3OGQwZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz8/vf9o/ZdZZwFOGbn0nJe/+6wg
gcag1cPFyZeQ10HmlpfJwYedmLG4/TTZxDb8Qc357159C0/ZVAWk2pKxo0Y4CtJo
nVDrY/ZG8zZWENtAJrxhh0xE38ugOew0hAG168w0frCl/yvR6FtBHJ4vjBO0YzcE
J7M8Np4+aMYp6fkXbzm5F6OreU1UEuqK0sMUuMK2YNpEGAg3quBwSMwmIR3Wfxv4
8u/Cz41zsoPMXT2d10oVWym8tb/hNRQeFQTRlx0J4UTAo4fh0z0ekYwK53W7jUMn
jSpD6jFR+HOwI86eAoRoXr46obBZNwoZeMYmiwI3eLNEdt9PMEQpyDv89wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD1J8RkI7nJtyDkLqf4EJgAHjQ1SMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUFVueEdRanVjbTNJT1F1cF9nUW1BQWVORFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAgIxqB/yLa5XrdcsIr1hO/MyN
Ub++FJzDtEcA/S9CIks2fr6NT29KaGlHEAMOwgfwbUHAKcd60XHgyV6YT0YEEmVO
NJ9+VldgS9HRq46EU1j5ijRIIeDkqPRA/WEFvYcKr//EtIJZ/SkXrcsYZDAn1Jv8
fx07P3m8xA2hzvqXFybSCdeDsbvTAWnN0q0WPtSK5gtfqh7NF2shTlOZy5zUm2vH
i8L9LgZy3/k8uyJe4oP5wRSt7za1s4lZiwBNb/dWdBcR1zPQY4Ok/RsIyaVgVRcN
55Z+ef2uYezFBkL/g1CaOAUN2q2+nyJh+lEJ9nYjAoSvXIlFpA+Sww2F0JQ3IQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:05:20 2025 by rpki-client