Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ty0NJhaU4gyojPEp-o1XiBfOv70.roa
File: Ty0NJhaU4gyojPEp-o1XiBfOv70.roa (raw, json)
Hash identifier: jIYL+CPCvXmUVlI7Wp82aljccjEzK8GEXD2LCJTRkcQ=
Subject key identifier: 4F:2D:0D:26:16:94:E2:0C:A8:8C:F1:29:FA:8D:57:88:17:CE:BF:BD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01926FAAB830DB4F0B4EF5417FC82DF9BCBC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ty0NJhaU4gyojPEp-o1XiBfOv70.roa
Signing time: Wed 09 Oct 2024 05:05:12 +0000
ROA not before: Wed 09 Oct 2024 05:05:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:6fa9:eddd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6f:aa:b8:30:db:4f:0b:4e:f5:41:7f:c8:2d:f9:bc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 9 05:05:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2d0d261694e20ca88cf129fa8d578817cebfbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:13:e3:38:73:3a:c1:64:63:05:d3:2d:05:12:
84:f1:10:d3:42:b6:a4:8d:98:25:74:2a:1d:54:ef:
50:37:b9:ae:92:54:2a:c4:fe:9c:43:d1:e8:aa:3d:
9c:45:e7:3e:0d:41:52:d3:25:d6:04:a3:97:12:13:
6e:59:66:3b:dc:84:dd:cb:9c:67:c9:bf:27:c3:af:
d1:80:e8:82:4f:79:a7:5e:83:ea:2a:01:03:7b:8e:
4d:4b:1b:d1:e7:e5:e2:82:1b:12:7c:53:e2:50:82:
07:1a:a4:7f:c7:ef:50:03:b9:b6:d9:85:ba:e5:bb:
e5:fe:64:b0:cc:cb:50:bd:f5:81:a9:4d:3d:82:c1:
2f:ca:99:0b:39:be:a2:a2:1f:d4:0b:d8:5e:45:78:
bc:80:76:ca:04:a3:45:38:a1:70:5b:fc:45:2f:16:
03:f3:0e:0e:76:a5:f6:ff:d1:45:77:16:88:36:d3:
ea:4c:ae:ce:2a:d1:03:7c:87:1f:c6:36:5a:e9:ca:
d9:2d:2f:e0:37:38:8e:d2:6d:d1:b2:fc:0a:91:6b:
f5:cb:ce:cf:73:f8:d2:8d:d8:57:2d:42:81:77:be:
a8:2f:5d:c1:9d:90:12:d7:3f:bd:5e:9f:36:1b:46:
86:fd:cf:fb:07:0b:05:39:f8:79:9b:b0:9b:e1:c0:
76:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2D:0D:26:16:94:E2:0C:A8:8C:F1:29:FA:8D:57:88:17:CE:BF:BD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ty0NJhaU4gyojPEp-o1XiBfOv70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:6fa9:eddd/128
Signature Algorithm: sha256WithRSAEncryption
50:f0:29:14:93:43:ae:1f:e8:a7:57:08:39:e9:bc:9b:f9:91:
c6:be:63:75:77:d6:b5:b2:0c:c0:33:e1:0a:3b:c6:2f:a2:12:
85:18:02:7e:f7:a2:87:2f:6a:0c:fd:ba:63:03:c9:3d:a8:e5:
be:0a:a4:8d:1f:60:40:89:79:bb:f7:c7:09:7d:88:fa:51:27:
bd:bd:de:a5:19:ed:1e:ce:09:85:d3:cc:43:72:48:27:96:1d:
b1:be:df:ee:c6:af:32:22:c7:48:00:a3:08:77:23:73:d6:ea:
c5:42:d6:8d:b9:20:62:7e:53:71:42:f4:67:6f:5b:f3:b1:c8:
69:7b:e2:b1:84:a8:81:f4:ee:de:ee:3c:f4:f2:b7:6b:d5:7c:
87:24:4e:2f:47:1b:80:f2:03:a6:f6:fb:fd:0f:a7:36:9d:f4:
1f:b6:f3:a3:ad:ca:21:50:f3:58:db:2a:32:00:61:f0:03:10:
29:97:83:d6:17:a5:f5:52:3d:ac:93:2e:f5:d4:64:a2:4a:80:
2d:dc:ad:9b:9f:e9:fc:e1:46:99:c1:a0:f2:06:1b:55:41:c4:
10:76:21:d7:26:97:8b:13:a7:c9:7a:dd:49:e0:e1:b8:27:78:
b7:35:48:da:68:b8:49:84:18:71:85:e1:cb:6c:b7:b5:cb:65:
d9:e3:30:f7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJvqrgw208LTvVBf8gt+by8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDA5MDUwNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJkMGQyNjE2OTRlMjBjYTg4Y2YxMjlmYThkNTc4ODE3Y2ViZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BPjOHM6wWRjBdMtBRKE8RDTQrak
jZgldCodVO9QN7muklQqxP6cQ9Hoqj2cRec+DUFS0yXWBKOXEhNuWWY73ITdy5xn
yb8nw6/RgOiCT3mnXoPqKgEDe45NSxvR5+XighsSfFPiUIIHGqR/x+9QA7m22YW6
5bvl/mSwzMtQvfWBqU09gsEvypkLOb6ioh/UC9heRXi8gHbKBKNFOKFwW/xFLxYD
8w4OdqX2/9FFdxaINtPqTK7OKtEDfIcfxjZa6crZLS/gNziO0m3RsvwKkWv1y87P
c/jSjdhXLUKBd76oL13BnZAS1z+9Xp82G0aG/c/7BwsFOfh5m7Cb4cB21wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFE8tDSYWlOIMqIzxKfqNV4gXzr+9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVHkwTkpoYVU0Z3lvalBFcC1vMVhpQmZPdjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSb6nt3TANBgkqhkiG9w0BAQsFAAOCAQEAUPApFJNDrh/op1cIOem8m/mR
xr5jdXfWtbIMwDPhCjvGL6IShRgCfveihy9qDP26YwPJPajlvgqkjR9gQIl5u/fH
CX2I+lEnvb3epRntHs4JhdPMQ3JIJ5Ydsb7f7savMiLHSACjCHcjc9bqxULWjbkg
Yn5TcUL0Z29b87HIaXvisYSogfTu3u489PK3a9V8hyROL0cbgPIDpvb7/Q+nNp30
H7bzo63KIVDzWNsqMgBh8AMQKZeD1hel9VI9rJMu9dRkokqALdytm5/p/OFGmcGg
8gYbVUHEEHYh1yaXixOnyXrdSeDhuCd4tzVI2mi4SYQYcYXhy2y3tctl2eMw9w==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:14 2025 by rpki-client