Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UvwM-EXDDBYkbmCUyxdgjbkxn78.roa
File: UvwM-EXDDBYkbmCUyxdgjbkxn78.roa (raw, json)
Hash identifier: e0Bok7LXmTRs8QxTQKrC/wJDFJgsYppZ53tkvTcJVOM=
Subject key identifier: 52:FC:0C:F8:45:C3:0C:16:24:6E:60:94:CB:17:60:8D:B9:31:9F:BF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191527E60939364E75F7F1772FDAC8A3303
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UvwM-EXDDBYkbmCUyxdgjbkxn78.roa
Signing time: Wed 14 Aug 2024 20:04:59 +0000
ROA not before: Wed 14 Aug 2024 20:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:527d:e71d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:7e:60:93:93:64:e7:5f:7f:17:72:fd:ac:8a:33:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 14 20:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52fc0cf845c30c16246e6094cb17608db9319fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:19:8d:bf:02:fc:9b:d5:0b:9e:69:41:2c:fc:
67:6d:06:7c:31:8a:48:2e:2f:40:f7:01:64:94:52:
c0:b3:2e:46:40:98:67:d5:41:f4:d9:07:08:2f:ee:
6b:dd:c3:3e:5f:83:5c:e3:3e:c0:0e:9c:c5:12:6c:
29:53:c8:58:ed:b9:89:a0:1e:14:ad:64:e0:f1:48:
47:0b:85:96:e6:4a:a4:63:27:9a:83:3a:32:2b:9e:
af:e5:db:e9:b9:41:cb:c3:b6:0b:72:d4:f8:20:0e:
f2:73:03:a4:44:a8:ff:84:46:22:ce:9a:33:b3:e1:
be:c9:e1:a7:77:f2:68:55:e4:80:c5:f3:02:ca:09:
b9:61:21:5c:70:76:ae:08:dc:7d:56:8a:ec:cd:19:
53:e7:4a:21:6c:46:e6:c5:0e:59:57:eb:b6:aa:fc:
25:c5:89:ce:2c:c0:d7:e7:5c:98:16:77:d0:c3:67:
38:d1:7f:78:0c:fe:aa:a7:83:b4:3f:9f:86:4a:34:
e0:31:e0:b9:33:1d:04:7e:eb:90:3c:5f:c0:95:75:
33:91:92:b4:d6:9f:fd:1a:7b:14:67:4e:ae:bb:da:
36:99:5a:bf:46:84:db:88:67:e8:5e:43:11:dc:c7:
9f:b2:90:b1:8e:25:83:ce:ef:68:84:42:f3:cf:e3:
ac:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FC:0C:F8:45:C3:0C:16:24:6E:60:94:CB:17:60:8D:B9:31:9F:BF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UvwM-EXDDBYkbmCUyxdgjbkxn78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:527d:e71d/128
Signature Algorithm: sha256WithRSAEncryption
5f:7d:49:cf:44:02:8c:ed:d3:ba:c1:9d:f4:44:57:52:8c:81:
32:a2:32:33:48:c5:a9:ec:ca:17:c5:e6:4b:e1:ae:43:af:89:
c0:f2:5d:01:2a:6a:72:8b:c2:a1:18:f4:41:43:d3:63:03:98:
c8:5e:03:b5:0b:33:27:a2:c6:4d:67:d3:ab:11:f4:82:df:ca:
5b:45:76:24:47:3d:4b:b2:00:b9:29:99:cf:c9:e5:25:f7:6d:
4e:b6:c4:36:7a:2f:83:d3:19:5c:f6:90:dd:de:c8:c1:e2:ac:
ea:05:f9:db:69:a0:4a:ed:db:63:b3:f6:9f:de:9f:bb:be:22:
fb:c4:9b:c8:14:ec:4f:f6:59:a4:63:2c:53:2e:5a:88:c5:65:
0b:dd:e4:85:12:6f:f1:86:5b:97:14:77:b6:fd:15:5e:d9:76:
1e:e4:22:f6:f5:4f:11:82:93:a3:7f:5e:91:db:0a:ff:23:6a:
38:ad:ec:0c:9c:60:b5:b3:36:f0:cc:d0:2c:df:39:9a:ec:84:
be:e4:8d:fe:58:27:89:dd:53:a1:18:02:d8:ca:9e:f6:88:05:
8f:98:bf:4a:ac:c7:08:d6:54:e8:cb:6c:3d:5f:b7:c9:24:0f:
8a:ad:c0:6b:42:70:78:35:54:8d:f4:f6:01:fe:ba:26:cd:6e:
f8:38:1a:a9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZFSfmCTk2TnX38Xcv2sijMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE0MjAwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZjMGNmODQ1YzMwYzE2MjQ2ZTYwOTRjYjE3NjA4ZGI5MzE5ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBmNvwL8m9ULnmlBLPxnbQZ8MYpI
Li9A9wFklFLAsy5GQJhn1UH02QcIL+5r3cM+X4Nc4z7ADpzFEmwpU8hY7bmJoB4U
rWTg8UhHC4WW5kqkYyeagzoyK56v5dvpuUHLw7YLctT4IA7ycwOkRKj/hEYizpoz
s+G+yeGnd/JoVeSAxfMCygm5YSFccHauCNx9VorszRlT50ohbEbmxQ5ZV+u2qvwl
xYnOLMDX51yYFnfQw2c40X94DP6qp4O0P5+GSjTgMeC5Mx0EfuuQPF/AlXUzkZK0
1p/9GnsUZ06uu9o2mVq/RoTbiGfoXkMR3MefspCxjiWDzu9ohELzz+OsEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFL8DPhFwwwWJG5glMsXYI25MZ+/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVXZ3TS1FWEREQllrYm1DVXl4ZGdqYmt4bjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkVJ95x0wDQYJKoZIhvcNAQELBQADggEB
AF99Sc9EAozt07rBnfREV1KMgTKiMjNIxansyhfF5kvhrkOvicDyXQEqanKLwqEY
9EFD02MDmMheA7ULMyeixk1n06sR9ILfyltFdiRHPUuyALkpmc/J5SX3bU62xDZ6
L4PTGVz2kN3eyMHirOoF+dtpoErt22Oz9p/en7u+IvvEm8gU7E/2WaRjLFMuWojF
ZQvd5IUSb/GGW5cUd7b9FV7Zdh7kIvb1TxGCk6N/XpHbCv8jajit7AycYLWzNvDM
0CzfOZrshL7kjf5YJ4ndU6EYAtjKnvaIBY+Yv0qsxwjWVOjLbD1ft8kkD4qtwGtC
cHg1VI309gH+uibNbvg4Gqk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:27:12 2025 by rpki-client