Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RFT_PzkUl6aCnMz6nannaXcKm2w.roa
File: RFT_PzkUl6aCnMz6nannaXcKm2w.roa (raw, json)
Hash identifier: sl0m6MkdIs0Z+88qz7EizzymYrU2KmmT9URSLslwGxw=
Subject key identifier: 44:54:FF:3F:39:14:97:A6:82:9C:CC:FA:9D:A9:E7:69:77:0A:9B:6C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C218AC6BA4F90A16AFCEBBEBAFEF00D9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RFT_PzkUl6aCnMz6nannaXcKm2w.roa
Signing time: Thu 05 Sep 2024 12:11:22 +0000
ROA not before: Thu 05 Sep 2024 12:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:18:ac:6b:a4:f9:0a:16:af:ce:bb:eb:af:ef:00:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 5 12:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4454ff3f391497a6829cccfa9da9e769770a9b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3b:81:98:9e:e6:e3:de:da:af:d8:74:89:0e:
9c:fa:69:97:f0:a5:b7:06:07:61:92:7f:97:1a:cd:
02:53:b3:f2:bc:5a:fa:76:59:a9:32:fd:a1:94:14:
44:0c:bb:d7:83:5d:15:10:ba:91:4d:fd:5d:19:7f:
92:06:f1:fc:10:a4:06:89:88:1b:e9:6d:cc:ff:c3:
b5:2a:63:60:3c:db:18:9c:cf:7a:21:16:dd:b1:4a:
ae:c4:0b:ce:41:1e:ed:7c:43:9a:b0:28:a9:e1:b6:
f2:40:7d:9f:33:7d:bf:a4:11:68:65:eb:b5:51:33:
c0:b0:78:c1:bf:54:fe:27:34:9c:cb:38:24:5c:be:
73:1b:a6:1e:2e:3e:bd:25:e2:a7:4c:ff:bd:b5:98:
b0:54:4c:68:f4:ad:c8:fa:68:7f:f8:eb:9c:98:b5:
7a:c5:19:58:96:71:69:3c:c9:fd:c4:26:77:1b:c9:
a4:92:15:bc:be:a3:31:f8:ca:11:27:87:d4:df:c9:
d6:3f:07:21:47:d2:fe:3b:6b:78:a6:be:92:d9:14:
cb:b6:62:96:a4:23:2c:e4:ea:68:3d:92:59:8f:5e:
d0:ee:3e:da:96:aa:69:03:ef:e0:e1:da:20:63:68:
4f:fe:e5:53:f3:c2:d4:90:a6:a0:b4:fe:61:6f:6c:
74:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:54:FF:3F:39:14:97:A6:82:9C:CC:FA:9D:A9:E7:69:77:0A:9B:6C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RFT_PzkUl6aCnMz6nannaXcKm2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1c:93:84:d0:e5:7f:9a:70:2d:92:0f:f8:ed:5b:a9:c0:ad:87:
42:4b:a6:19:97:6c:9c:30:3a:64:db:40:76:37:29:0a:41:53:
21:1b:02:d9:ca:32:34:20:2a:3e:47:ff:5a:ef:9c:bc:52:22:
5b:fb:aa:fb:5d:dd:8b:c5:3b:a0:cc:16:f2:47:0d:c7:f0:8e:
73:fc:ea:e5:70:0b:9a:81:0d:21:49:04:42:87:53:df:ae:d4:
d8:a2:da:92:54:6e:6f:a0:8c:37:50:1f:6d:55:28:df:75:a8:
91:5c:8b:7f:9a:56:2f:51:37:6e:e5:0a:f2:60:49:81:9f:6e:
86:e5:5e:3e:68:e6:71:eb:28:ef:69:9f:ce:e3:3b:86:2a:82:
0c:80:b8:1a:30:82:8f:c9:32:dc:1d:76:1e:3e:03:26:5e:0e:
62:47:40:0c:54:0c:f1:1b:9e:a7:94:1b:35:c7:07:3e:1a:17:
b4:c7:0f:02:e9:d6:a6:93:02:9f:b7:30:d0:0b:b6:91:7d:23:
53:d2:90:1f:bb:2e:53:60:4a:5d:bd:30:fc:e1:b1:a6:84:10:
c9:ce:09:e9:0e:03:28:f0:d4:7c:a1:9f:31:6e:5d:82:c0:7b:
e0:61:ab:20:87:ce:c2:23:24:32:20:4a:fb:27:bf:0f:6b:b7:
c4:26:28:47
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHCGKxrpPkKFq/Ou+uv7wDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA1MTIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU0ZmYzZjM5MTQ5N2E2ODI5Y2NjZmE5ZGE5ZTc2OTc3MGE5YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjuBmJ7m497ar9h0iQ6c+mmX8KW3
Bgdhkn+XGs0CU7PyvFr6dlmpMv2hlBREDLvXg10VELqRTf1dGX+SBvH8EKQGiYgb
6W3M/8O1KmNgPNsYnM96IRbdsUquxAvOQR7tfEOasCip4bbyQH2fM32/pBFoZeu1
UTPAsHjBv1T+JzScyzgkXL5zG6YeLj69JeKnTP+9tZiwVExo9K3I+mh/+OucmLV6
xRlYlnFpPMn9xCZ3G8mkkhW8vqMx+MoRJ4fU38nWPwchR9L+O2t4pr6S2RTLtmKW
pCMs5OpoPZJZj17Q7j7alqppA+/g4dogY2hP/uVT88LUkKagtP5hb2x0ZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFERU/z85FJemgpzM+p2p52l3CptsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkZUX1B6a1VsNmFDbk16Nm5hbm5hWGNLbTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAHJOE0OV/mnAtkg/47VupwK2H
QkumGZdsnDA6ZNtAdjcpCkFTIRsC2coyNCAqPkf/Wu+cvFIiW/uq+13di8U7oMwW
8kcNx/COc/zq5XALmoENIUkEQodT367U2KLaklRub6CMN1AfbVUo33WokVyLf5pW
L1E3buUK8mBJgZ9uhuVePmjmceso72mfzuM7hiqCDIC4GjCCj8ky3B12Hj4DJl4O
YkdADFQM8Ruep5QbNccHPhoXtMcPAunWppMCn7cw0Au2kX0jU9KQH7suU2BKXb0w
/OGxpoQQyc4J6Q4DKPDUfKGfMW5dgsB74GGrIIfOwiMkMiBK+ye/D2u3xCYoRw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:56:44 2025 by rpki-client