Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sfs9IFrgGQAIW11B1bAGwtzFT38.roa
File: Sfs9IFrgGQAIW11B1bAGwtzFT38.roa (raw, json)
Hash identifier: KIIUGg8bh3gI/pgbq7yKI9T3MNgYNyeP0eVGF4/Zlqk=
Subject key identifier: 49:FB:3D:20:5A:E0:19:00:08:5B:5D:41:D5:B0:06:C2:DC:C5:4F:7F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019171D75359A7B84C7B8E5B13DD34DCC1AC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sfs9IFrgGQAIW11B1bAGwtzFT38.roa
Signing time: Tue 20 Aug 2024 22:10:22 +0000
ROA not before: Tue 20 Aug 2024 22:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:d7:53:59:a7:b8:4c:7b:8e:5b:13:dd:34:dc:c1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 20 22:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fb3d205ae01900085b5d41d5b006c2dcc54f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:71:de:08:ec:d8:ff:63:9a:0b:b5:92:7b:ff:
34:98:ad:17:09:10:ce:86:0c:9a:64:47:0f:d1:02:
e1:d3:69:4d:30:c3:b8:f3:a2:70:0a:c1:42:71:82:
ad:a5:9e:60:51:d7:6a:3d:07:4b:c8:7d:9c:5f:22:
62:4a:77:59:f9:f8:f4:13:97:0b:28:f5:18:0b:0e:
da:38:9d:14:07:3f:3e:dc:6b:7b:51:e1:d5:31:70:
31:bf:f8:c6:a3:23:93:9d:cc:3d:c0:a8:66:29:8a:
24:43:0e:ef:53:cd:01:88:00:9a:c3:be:62:87:75:
2f:6c:ce:bb:54:9e:28:25:44:1d:19:09:14:5b:63:
2f:8a:84:f9:24:29:e2:07:90:14:f0:7c:58:1c:d3:
5e:f3:c6:a0:42:13:91:46:a4:77:0a:89:75:bf:d5:
e6:0a:20:44:b5:d7:47:0d:26:1f:7c:db:5c:48:fb:
5e:6a:86:cb:c6:92:45:76:c5:fa:ab:25:34:80:df:
b5:9a:4b:57:88:e7:65:09:68:16:8b:0a:11:27:ee:
16:7e:f5:b3:20:63:6e:3e:d1:0c:16:39:6c:a0:9d:
23:92:b3:79:ba:04:7e:35:32:35:1b:09:8a:b4:2f:
57:f6:9e:8c:f7:3a:43:12:9e:de:2a:30:06:88:eb:
c9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FB:3D:20:5A:E0:19:00:08:5B:5D:41:D5:B0:06:C2:DC:C5:4F:7F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Sfs9IFrgGQAIW11B1bAGwtzFT38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8f:79:81:39:7e:8d:23:ee:b9:5c:5f:fd:08:82:49:cd:f5:c7:
8b:b7:ee:ab:d9:1b:22:10:8e:7f:1a:f4:ac:d9:d0:fd:4e:a9:
20:3c:24:35:9c:d2:6e:17:ad:75:8d:95:c3:8d:a7:ef:8d:22:
70:3e:64:09:6d:ef:3d:2b:84:fa:5c:0d:76:42:df:a0:cc:68:
e7:1c:13:e6:3a:ce:26:83:f1:4c:9b:21:ed:b5:f7:58:bb:b1:
e8:50:70:2f:e0:09:2d:97:92:58:91:8d:7b:32:25:2a:e2:0c:
a3:2e:87:32:2c:2d:57:3d:4f:e8:7b:8d:58:43:5e:bd:90:9b:
6d:30:9c:20:00:d1:35:e7:49:8c:3a:7f:f3:d7:a0:ba:ae:cd:
5d:51:88:c6:13:f1:f8:0a:71:4c:60:31:c9:dd:42:51:53:cc:
be:63:15:5d:0f:3e:df:36:ef:af:19:8d:11:cd:84:32:ec:d8:
d4:e5:59:e4:6b:ad:ff:2e:4e:d9:15:92:36:4a:f2:fd:70:d8:
87:52:6a:43:cd:0e:ba:d1:f8:a7:8f:50:53:7f:a2:4f:7e:e1:
07:f8:a9:6d:e9:bb:37:da:68:39:18:ba:14:bc:2a:73:6e:f0:
4f:6d:27:ec:90:85:80:32:42:94:7e:47:26:48:f9:ee:6a:92:
43:9f:3d:76
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFx11NZp7hMe45bE9003MGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIwMjIxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZiM2QyMDVhZTAxOTAwMDg1YjVkNDFkNWIwMDZjMmRjYzU0ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HHeCOzY/2OaC7WSe/80mK0XCRDO
hgyaZEcP0QLh02lNMMO486JwCsFCcYKtpZ5gUddqPQdLyH2cXyJiSndZ+fj0E5cL
KPUYCw7aOJ0UBz8+3Gt7UeHVMXAxv/jGoyOTncw9wKhmKYokQw7vU80BiACaw75i
h3UvbM67VJ4oJUQdGQkUW2MvioT5JCniB5AU8HxYHNNe88agQhORRqR3Col1v9Xm
CiBEtddHDSYffNtcSPteaobLxpJFdsX6qyU0gN+1mktXiOdlCWgWiwoRJ+4WfvWz
IGNuPtEMFjlsoJ0jkrN5ugR+NTI1GwmKtC9X9p6M9zpDEp7eKjAGiOvJJwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEn7PSBa4BkACFtdQdWwBsLcxU9/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU2ZzOUlGcmdHUUFJVzExQjFiQUd3dHpGVDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAj3mBOX6NI+65XF/9CIJJzfXH
i7fuq9kbIhCOfxr0rNnQ/U6pIDwkNZzSbhetdY2Vw42n740icD5kCW3vPSuE+lwN
dkLfoMxo5xwT5jrOJoPxTJsh7bX3WLux6FBwL+AJLZeSWJGNezIlKuIMoy6HMiwt
Vz1P6HuNWENevZCbbTCcIADRNedJjDp/89eguq7NXVGIxhPx+ApxTGAxyd1CUVPM
vmMVXQ8+3zbvrxmNEc2EMuzY1OVZ5Gut/y5O2RWSNkry/XDYh1JqQ80OutH4p49Q
U3+iT37hB/ipbem7N9poORi6FLwqc27wT20n7JCFgDJClH5HJkj57mqSQ589dg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:48 2025 by rpki-client