Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U2d-VxfjOF0SOQYtZsdf94X-NZE.roa
File: U2d-VxfjOF0SOQYtZsdf94X-NZE.roa (raw, json)
Hash identifier: DYPTldbKsWtmgQyS8FsKOgmz7DgwFE2lSlBtrWVf7Ds=
Subject key identifier: 53:67:7E:57:17:E3:38:5D:12:39:06:2D:66:C7:5F:F7:85:FE:35:91
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917C94A8BD24F6A6A7C83D699FC32012BC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U2d-VxfjOF0SOQYtZsdf94X-NZE.roa
Signing time: Fri 23 Aug 2024 00:13:22 +0000
ROA not before: Fri 23 Aug 2024 00:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7c:94:a8:bd:24:f6:a6:a7:c8:3d:69:9f:c3:20:12:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 00:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53677e5717e3385d1239062d66c75ff785fe3591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:58:69:4e:1d:20:4e:a2:cd:d9:ba:31:cb:26:
38:58:32:46:4a:be:f4:a3:45:e2:1c:12:91:75:6c:
32:50:58:ce:4b:bc:88:50:de:50:71:b4:16:3d:94:
f3:42:10:da:2f:ee:e0:3c:90:d8:38:3d:7e:f2:8b:
42:b4:cd:66:de:4d:f2:7d:d1:db:64:f4:8f:71:39:
8d:4e:75:f7:ce:b7:ad:26:36:6c:c8:8f:f1:d4:cc:
87:6c:8b:51:4b:72:5c:73:d6:3e:b4:53:0c:ad:59:
2f:f6:bc:04:44:98:f3:cf:18:3e:53:b3:be:c6:cb:
4f:b0:d2:ed:bb:ea:07:eb:19:4f:e5:a1:f6:65:b0:
5a:04:5e:5e:61:0a:17:ff:b6:b1:4e:5b:9b:7c:b9:
a9:88:2e:ec:da:7f:1b:de:22:72:93:7f:4c:a3:b0:
50:58:83:28:20:e8:86:50:ab:05:54:2f:2b:5f:c2:
1e:36:12:58:05:9b:96:3f:4d:5c:59:71:40:e1:7c:
50:1f:93:ce:e3:e2:fc:a1:d5:cc:49:57:22:d7:42:
0b:fe:b5:67:c4:66:25:59:89:16:e5:4f:81:42:6c:
9c:c8:9f:9a:c6:00:70:5e:83:1d:dc:f1:15:cf:44:
a2:14:6b:d1:3c:22:f2:99:68:a8:54:16:92:14:05:
94:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:67:7E:57:17:E3:38:5D:12:39:06:2D:66:C7:5F:F7:85:FE:35:91
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/U2d-VxfjOF0SOQYtZsdf94X-NZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2f:52:d7:df:81:a3:bc:8e:7c:16:3f:46:23:ad:53:85:5a:b0:
d0:c2:c3:94:58:1f:60:11:c8:7d:a7:8d:2a:53:2b:53:cb:d9:
99:fa:c5:4a:87:c1:e9:d8:6d:b8:ac:a2:a5:ef:2f:c6:05:e6:
a1:f2:cc:fc:6e:b7:56:97:29:62:db:d6:76:2c:c8:7c:54:29:
22:62:95:dc:95:50:7c:bf:73:16:f7:33:e1:80:2f:b6:7d:1a:
3a:19:88:24:02:61:42:53:d5:0d:0c:3b:75:c6:4a:a3:77:dd:
48:33:f9:09:bd:3e:d3:b1:ef:1d:12:77:31:68:98:56:a4:06:
36:09:b4:30:7a:0a:a0:06:f2:19:af:50:9c:d9:fe:1f:be:f1:
c5:5a:54:57:33:13:e7:33:40:8f:74:9b:93:d5:0e:cf:e2:a7:
09:71:59:e2:22:a3:4f:77:24:ae:7b:48:45:93:8d:90:f5:d7:
17:83:d8:0d:e8:48:10:3c:d0:2b:f2:a0:52:c8:44:8a:c3:d8:
8f:b4:57:11:43:ea:bd:bb:4e:51:d3:91:b2:c7:03:af:b2:b2:
53:59:be:fb:0f:e2:d7:73:b2:82:0e:05:62:74:8e:38:98:21:
e2:95:a9:d4:b6:82:04:a6:e1:0c:3c:f4:78:8a:cf:43:ff:fe:
f1:b6:13:0b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF8lKi9JPamp8g9aZ/DIBK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMDAxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY3N2U1NzE3ZTMzODVkMTIzOTA2MmQ2NmM3NWZmNzg1ZmUzNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplhpTh0gTqLN2boxyyY4WDJGSr70
o0XiHBKRdWwyUFjOS7yIUN5QcbQWPZTzQhDaL+7gPJDYOD1+8otCtM1m3k3yfdHb
ZPSPcTmNTnX3zretJjZsyI/x1MyHbItRS3Jcc9Y+tFMMrVkv9rwERJjzzxg+U7O+
xstPsNLtu+oH6xlP5aH2ZbBaBF5eYQoX/7axTlubfLmpiC7s2n8b3iJyk39Mo7BQ
WIMoIOiGUKsFVC8rX8IeNhJYBZuWP01cWXFA4XxQH5PO4+L8odXMSVci10IL/rVn
xGYlWYkW5U+BQmycyJ+axgBwXoMd3PEVz0SiFGvRPCLymWioVBaSFAWUiwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFNnflcX4zhdEjkGLWbHX/eF/jWRMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVTJkLVZ4ZmpPRjBTT1FZdFpzZGY5NFgtTlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAL1LX34GjvI58Fj9GI61ThVqw
0MLDlFgfYBHIfaeNKlMrU8vZmfrFSofB6dhtuKyipe8vxgXmofLM/G63VpcpYtvW
dizIfFQpImKV3JVQfL9zFvcz4YAvtn0aOhmIJAJhQlPVDQw7dcZKo3fdSDP5Cb0+
07HvHRJ3MWiYVqQGNgm0MHoKoAbyGa9QnNn+H77xxVpUVzMT5zNAj3Sbk9UOz+Kn
CXFZ4iKjT3ckrntIRZONkPXXF4PYDehIEDzQK/KgUshEisPYj7RXEUPqvbtOUdOR
sscDr7KyU1m++w/i13Oygg4FYnSOOJgh4pWp1LaCBKbhDDz0eIrPQ//+8bYTCw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:15:12 2025 by rpki-client