Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tx6onrPX0YE7pctyLE6E0-pVmiI.roa
File: Tx6onrPX0YE7pctyLE6E0-pVmiI.roa (raw, json)
Hash identifier: 02U0RqiDS2GZTXibEBXuL4EWwNvr+WE6BKNnn4B6hUs=
Subject key identifier: 4F:1E:A8:9E:B3:D7:D1:81:3B:A5:CB:72:2C:4E:84:D3:EA:55:9A:22
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912726431E50F1C5E783A829EFE5E206A6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tx6onrPX0YE7pctyLE6E0-pVmiI.roa
Signing time: Tue 06 Aug 2024 10:05:04 +0000
ROA not before: Tue 06 Aug 2024 10:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:2725:7ad7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:26:43:1e:50:f1:c5:e7:83:a8:29:ef:e5:e2:06:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 10:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f1ea89eb3d7d1813ba5cb722c4e84d3ea559a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:b2:fb:35:19:76:bb:79:a4:54:46:5d:67:
36:39:46:13:6b:f0:68:80:8b:c5:dc:7c:42:c0:31:
47:ee:e5:14:2c:41:11:70:43:f4:9f:26:d8:32:49:
95:87:23:37:c1:6e:68:61:94:5c:7b:97:db:4b:85:
c3:c3:14:de:aa:aa:69:0b:ad:85:ff:12:95:a9:1c:
70:43:c6:f7:8b:be:5c:23:cd:cc:f8:b6:77:27:54:
cb:94:06:a8:cb:2e:d6:3a:91:a4:70:e9:1f:9a:4c:
91:77:ef:18:25:ed:80:72:3f:52:8d:37:a2:0b:16:
c2:c9:92:1c:51:6f:26:72:29:3f:78:a9:f1:ba:21:
8c:c3:7a:1b:b0:bb:fb:fa:5f:c4:cb:24:d7:b0:51:
45:7f:f8:7d:f0:53:f5:f1:53:a7:3c:03:a3:da:0a:
e5:f0:c5:ab:ff:0a:1b:bc:5e:59:19:e1:fb:74:a1:
24:53:d5:dc:46:4c:91:8b:23:d2:c7:88:72:78:0a:
79:04:58:ff:29:73:71:b9:05:13:c5:ab:c1:47:f6:
66:d8:fc:b1:47:f4:de:89:d6:44:10:bd:75:06:b5:
99:fe:f1:6a:e9:73:00:5c:2f:64:de:b4:7a:40:dc:
16:5a:a2:46:4e:db:00:af:e2:9f:b3:d1:b0:b5:7c:
70:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1E:A8:9E:B3:D7:D1:81:3B:A5:CB:72:2C:4E:84:D3:EA:55:9A:22
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Tx6onrPX0YE7pctyLE6E0-pVmiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:2725:7ad7/128
Signature Algorithm: sha256WithRSAEncryption
18:b5:e5:80:6f:51:88:68:71:b9:3c:65:df:3e:bf:b9:bb:95:
b6:14:cf:b0:7e:55:c7:27:88:d2:c4:44:a6:11:15:86:d5:ca:
3e:16:aa:d6:51:d5:ac:32:a0:b5:0f:22:37:82:00:2d:ef:cd:
86:a6:64:da:c1:bc:53:8c:31:a4:e9:7b:76:44:c0:dd:4c:45:
e9:5d:55:bb:a6:2f:eb:46:d6:4a:4b:3d:4f:3f:62:3c:bd:08:
55:61:08:03:58:12:e7:75:e5:88:df:f1:1b:61:65:41:26:ff:
a4:e3:00:1e:10:88:24:db:5e:b2:52:99:ee:50:4a:cd:e4:05:
9b:d6:3f:50:d1:3f:3a:5e:28:b1:5f:50:50:4c:4d:bf:b2:76:
6c:42:b9:16:a5:44:56:7b:27:f0:79:56:f8:b0:39:cd:60:bd:
44:40:62:9f:4d:4f:53:c0:ac:88:54:9a:4a:07:af:2a:b2:97:
21:8f:1f:bf:0a:74:12:19:c8:bb:10:72:cc:5e:a5:f4:e6:91:
af:8f:3b:19:db:5d:0b:38:0a:51:4f:93:4a:94:f4:60:75:87:
0e:1a:8c:cd:32:42:0b:dc:98:71:04:80:b4:1e:59:12:38:46:
fe:c8:73:5d:35:3a:f3:78:49:24:28:2b:87:99:2e:ad:c5:bb:
aa:fb:a6:98
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEnJkMeUPHF54OoKe/l4gamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MTAwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFlYTg5ZWIzZDdkMTgxM2JhNWNiNzIyYzRlODRkM2VhNTU5YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH+y+zUZdrt5pFRGXWc2OUYTa/Bo
gIvF3HxCwDFH7uUULEERcEP0nybYMkmVhyM3wW5oYZRce5fbS4XDwxTeqqppC62F
/xKVqRxwQ8b3i75cI83M+LZ3J1TLlAaoyy7WOpGkcOkfmkyRd+8YJe2Acj9SjTei
CxbCyZIcUW8mcik/eKnxuiGMw3obsLv7+l/EyyTXsFFFf/h98FP18VOnPAOj2grl
8MWr/wobvF5ZGeH7dKEkU9XcRkyRiyPSx4hyeAp5BFj/KXNxuQUTxavBR/Zm2Pyx
R/TeidZEEL11BrWZ/vFq6XMAXC9k3rR6QNwWWqJGTtsAr+Kfs9GwtXxwDwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE8eqJ6z19GBO6XLcixOhNPqVZoiMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVHg2b25yUFgwWUU3cGN0eUxFNkUwLXBWbWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkScletcwDQYJKoZIhvcNAQELBQADggEB
ABi15YBvUYhocbk8Zd8+v7m7lbYUz7B+VccniNLERKYRFYbVyj4WqtZR1awyoLUP
IjeCAC3vzYamZNrBvFOMMaTpe3ZEwN1MReldVbumL+tG1kpLPU8/Yjy9CFVhCANY
Eud15Yjf8RthZUEm/6TjAB4QiCTbXrJSme5QSs3kBZvWP1DRPzpeKLFfUFBMTb+y
dmxCuRalRFZ7J/B5VviwOc1gvURAYp9NT1PArIhUmkoHryqylyGPH78KdBIZyLsQ
csxepfTmka+POxnbXQs4ClFPk0qU9GB1hw4ajM0yQgvcmHEEgLQeWRI4Rv7Ic101
OvN4SSQoK4eZLq3Fu6r7ppg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:45 2025 by rpki-client