Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QRmx0NJNLtkSJFEfQYvuaLTv1EE.roa
File: QRmx0NJNLtkSJFEfQYvuaLTv1EE.roa (raw, json)
Hash identifier: BeedgBh+cDf2xs9QYgLrc6mKBcaBWaCzrIv4/80EvAc=
Subject key identifier: 41:19:B1:D0:D2:4D:2E:D9:12:24:51:1F:41:8B:EE:68:B4:EF:D4:41
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913EC5A08143FE39CB210BDE6CDBFB8004
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QRmx0NJNLtkSJFEfQYvuaLTv1EE.roa
Signing time: Sun 11 Aug 2024 00:10:24 +0000
ROA not before: Sun 11 Aug 2024 00:10:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3e:c5:a0:81:43:fe:39:cb:21:0b:de:6c:db:fb:80:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 00:10:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4119b1d0d24d2ed91224511f418bee68b4efd441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:ec:83:d0:27:13:b4:32:c1:b0:d3:ad:90:
9b:32:b7:a0:2a:4d:bb:0e:58:e0:17:14:1a:de:95:
81:d1:8f:46:98:9a:2b:47:c5:c4:5a:6e:18:90:ac:
f8:1b:f1:b9:ef:36:28:53:ec:43:26:e6:10:24:89:
ec:ad:72:3e:fe:9a:ea:23:8a:c9:28:e2:32:db:ac:
2b:67:60:ba:a1:a0:63:20:4e:51:b1:eb:5d:ee:40:
8b:e2:89:b4:a3:1b:4b:a8:ed:04:b3:7e:2d:2d:40:
8f:5a:cc:92:7a:66:7f:95:16:4f:aa:5a:de:54:84:
05:ec:af:58:fb:0c:b1:03:51:ea:0c:6e:8f:e0:98:
f5:db:bc:dc:48:a7:b1:52:8a:9b:6a:1d:00:02:25:
fb:af:6f:cd:99:95:cf:54:e0:62:1c:a1:4d:f6:e8:
3c:dd:f9:fd:23:02:19:ee:2a:59:40:d0:3e:03:9d:
5a:3f:9f:f5:fb:6e:b0:44:9b:ce:30:42:bb:ab:5a:
a4:93:4c:fb:72:10:14:a2:e5:f4:d5:cd:3e:e0:96:
f0:c9:bf:5d:a2:27:d2:01:76:f4:90:d9:6f:c8:74:
3d:8e:18:46:36:c8:ee:52:60:81:d3:10:f2:cd:b7:
6e:72:89:46:48:21:ff:3f:3d:eb:f3:f9:48:8c:46:
48:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:19:B1:D0:D2:4D:2E:D9:12:24:51:1F:41:8B:EE:68:B4:EF:D4:41
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QRmx0NJNLtkSJFEfQYvuaLTv1EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
89:c2:47:0c:ff:68:ec:84:eb:c9:21:b4:42:fd:63:3f:4f:62:
54:0d:86:3e:5a:11:73:97:76:91:59:bf:4f:4e:89:2e:6f:f9:
10:b9:67:4b:1b:3a:2f:83:12:67:34:05:24:37:ff:29:d6:d3:
e1:2a:4f:8f:76:9c:a1:2d:55:35:8f:e3:35:67:b8:fc:36:e1:
f8:b6:b6:e0:15:5c:a4:6f:6b:84:36:3c:d4:8d:5f:23:5e:0f:
1a:55:b1:1c:fb:04:7d:19:dd:5c:d4:67:b7:ec:35:d9:8f:88:
a4:14:b2:f9:57:c3:a3:4c:a2:c7:a4:eb:91:c4:7d:8f:a8:b1:
0d:ef:cd:69:2f:bf:72:6d:83:0b:32:b1:f6:c3:40:73:86:68:
37:0e:2c:2c:2e:5f:ec:90:7a:22:11:47:3b:12:76:49:3f:3a:
b0:62:99:93:a8:37:76:0f:76:af:96:c1:f0:2d:ae:5b:a9:a4:
26:10:9e:d1:05:08:2a:34:55:2a:21:20:3c:29:65:ae:8b:f6:
1b:36:eb:fc:0d:d4:88:ad:40:b5:5c:29:e0:8c:54:64:87:da:
97:21:30:e3:19:ef:97:db:0e:56:df:ae:32:b7:42:ef:83:94:
04:38:7f:cf:49:5e:ce:34:3f:c0:f1:18:21:96:12:8f:80:cc:
7d:20:0b:16
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE+xaCBQ/45yyEL3mzb+4AEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMDAxMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE5YjFkMGQyNGQyZWQ5MTIyNDUxMWY0MThiZWU2OGI0ZWZkNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtorsg9AnE7QywbDTrZCbMregKk27
DljgFxQa3pWB0Y9GmJorR8XEWm4YkKz4G/G57zYoU+xDJuYQJInsrXI+/prqI4rJ
KOIy26wrZ2C6oaBjIE5Rsetd7kCL4om0oxtLqO0Es34tLUCPWsySemZ/lRZPqlre
VIQF7K9Y+wyxA1HqDG6P4Jj127zcSKexUoqbah0AAiX7r2/NmZXPVOBiHKFN9ug8
3fn9IwIZ7ipZQNA+A51aP5/1+26wRJvOMEK7q1qkk0z7chAUouX01c0+4Jbwyb9d
oifSAXb0kNlvyHQ9jhhGNsjuUmCB0xDyzbducolGSCH/Pz3r8/lIjEZIWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEEZsdDSTS7ZEiRRH0GL7mi079RBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUVJteDBOSk5MdGtTSkZFZlFZdnVhTFR2MUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAicJHDP9o7ITrySG0Qv1jP09i
VA2GPloRc5d2kVm/T06JLm/5ELlnSxs6L4MSZzQFJDf/KdbT4SpPj3acoS1VNY/j
NWe4/Dbh+La24BVcpG9rhDY81I1fI14PGlWxHPsEfRndXNRnt+w12Y+IpBSy+VfD
o0yix6TrkcR9j6ixDe/NaS+/cm2DCzKx9sNAc4ZoNw4sLC5f7JB6IhFHOxJ2ST86
sGKZk6g3dg92r5bB8C2uW6mkJhCe0QUIKjRVKiEgPCllrov2Gzbr/A3UiK1AtVwp
4IxUZIfalyEw4xnvl9sOVt+uMrdC74OUBDh/z0lezjQ/wPEYIZYSj4DMfSALFg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:11 2025 by rpki-client