Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T0-r8L3B3KGSQNT35shjxseT2mY.roa
File: T0-r8L3B3KGSQNT35shjxseT2mY.roa (raw, json)
Hash identifier: dOFszh8vtcQwqOx0QN7oDbG7TvM3EzkBEosrZDg8Fk0=
Subject key identifier: 4F:4F:AB:F0:BD:C1:DC:A1:92:40:D4:F7:E6:C8:63:C6:C7:93:DA:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911036FC19CFA8D5843F04BCBD7F1DF35C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T0-r8L3B3KGSQNT35shjxseT2mY.roa
Signing time: Thu 01 Aug 2024 23:12:04 +0000
ROA not before: Thu 01 Aug 2024 23:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:10:36:fc:19:cf:a8:d5:84:3f:04:bc:bd:7f:1d:f3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 23:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f4fabf0bdc1dca19240d4f7e6c863c6c793da66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a9:6c:74:5c:db:ae:c9:6e:c9:d9:62:8d:61:
05:e8:b1:5a:28:20:e1:34:b6:de:b9:fb:9a:6c:3e:
e7:be:4b:ce:ce:3b:41:f5:e5:c7:1a:14:47:e6:e7:
23:80:89:18:dc:b6:92:f3:d4:58:ad:e6:55:54:45:
f5:27:73:a0:05:ed:57:c3:a8:27:46:a7:39:9a:09:
b7:d0:53:2e:a0:f7:94:46:b0:04:a5:85:ee:53:1d:
f4:35:75:c2:fd:cd:b7:55:b2:68:4f:2c:29:a6:eb:
a0:28:26:c1:e6:a7:3f:88:8e:c3:06:36:73:57:e8:
10:b4:09:27:d9:0a:86:54:9e:00:6f:37:e0:69:1e:
b2:5f:9d:0e:7b:26:a9:76:b9:e9:9d:6f:61:41:35:
de:29:57:cd:4b:70:bc:69:c2:ff:21:cc:92:da:40:
16:d4:ea:38:44:94:20:05:d8:f0:1b:95:c4:e9:94:
f5:98:28:fd:ff:f4:d3:25:01:21:94:bf:be:0f:f5:
c3:f8:0d:4a:d4:a6:1c:fe:94:4d:27:ba:df:1e:a7:
d8:99:e2:52:70:32:69:7b:73:9a:db:85:ec:2d:89:
3c:f0:64:24:2d:70:43:c6:16:cd:9b:06:57:9e:d4:
92:b8:cd:e0:e9:ef:e7:fa:ec:92:bc:34:7a:af:58:
d0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4F:AB:F0:BD:C1:DC:A1:92:40:D4:F7:E6:C8:63:C6:C7:93:DA:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/T0-r8L3B3KGSQNT35shjxseT2mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
23:fb:e1:77:ab:78:f8:58:fb:41:51:41:24:8f:fa:ac:93:48:
af:62:3a:6b:ed:5c:7a:11:28:2d:79:e2:07:54:9a:f0:5c:49:
0c:b7:fc:d4:c4:7c:ec:4b:64:de:bf:4d:b2:7d:f5:83:05:29:
5b:8f:3d:59:1e:a0:93:01:4e:13:f3:09:4b:28:ed:44:49:38:
61:80:82:2a:6d:d0:eb:18:f9:72:bb:bb:97:54:d0:f2:1c:92:
da:c2:c7:d5:bd:9a:b1:93:cb:fd:54:c1:d0:10:ba:b4:c9:ab:
ad:59:1d:6a:fe:74:00:e7:74:59:67:00:83:4b:82:6c:1f:48:
95:e1:66:d5:5f:0d:6a:2c:d0:94:2d:60:1a:ed:7a:4e:57:44:
bc:47:d3:84:34:85:38:39:cb:46:07:a9:5d:0b:a2:9b:7b:5e:
c0:48:9d:73:67:b3:34:9d:35:69:b0:55:6e:28:b3:c1:04:15:
51:5a:6b:a1:4a:ff:09:4b:a9:1a:13:07:6c:f2:6b:83:e7:e7:
ba:29:35:8f:e6:c1:d8:18:fa:37:98:64:81:ac:03:f6:5a:80:
70:15:ac:93:01:08:ab:b3:38:49:54:b3:7b:4e:c9:cf:8f:5a:
a5:5f:c0:00:a5:a7:d6:7b:f2:17:0a:d7:34:4a:81:e6:de:f3:
ed:7f:dd:fc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEQNvwZz6jVhD8EvL1/HfNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMjMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjRmYWJmMGJkYzFkY2ExOTI0MGQ0ZjdlNmM4NjNjNmM3OTNkYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+KlsdFzbrsluydlijWEF6LFaKCDh
NLbeufuabD7nvkvOzjtB9eXHGhRH5ucjgIkY3LaS89RYreZVVEX1J3OgBe1Xw6gn
Rqc5mgm30FMuoPeURrAEpYXuUx30NXXC/c23VbJoTywppuugKCbB5qc/iI7DBjZz
V+gQtAkn2QqGVJ4AbzfgaR6yX50OeyapdrnpnW9hQTXeKVfNS3C8acL/IcyS2kAW
1Oo4RJQgBdjwG5XE6ZT1mCj9//TTJQEhlL++D/XD+A1K1KYc/pRNJ7rfHqfYmeJS
cDJpe3Oa24XsLYk88GQkLXBDxhbNmwZXntSSuM3g6e/n+uySvDR6r1jQ2QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE9Pq/C9wdyhkkDU9+bIY8bHk9pmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVDAtcjhMM0IzS0dTUU5UMzVzaGp4c2VUMm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAI/vhd6t4+Fj7QVFBJI/6rJNI
r2I6a+1cehEoLXniB1Sa8FxJDLf81MR87Etk3r9Nsn31gwUpW489WR6gkwFOE/MJ
SyjtREk4YYCCKm3Q6xj5cru7l1TQ8hyS2sLH1b2asZPL/VTB0BC6tMmrrVkdav50
AOd0WWcAg0uCbB9IleFm1V8NaizQlC1gGu16TldEvEfThDSFODnLRgepXQuim3te
wEidc2ezNJ01abBVbiizwQQVUVproUr/CUupGhMHbPJrg+fnuik1j+bB2Bj6N5hk
gawD9lqAcBWskwEIq7M4SVSze07Jz49apV/AAKWn1nvyFwrXNEqB5t7z7X/d/A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:18:14 2025 by rpki-client