Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VFiYH7qbd5yZnkBe8t_L-F60CA0.roa
File: VFiYH7qbd5yZnkBe8t_L-F60CA0.roa (raw, json)
Hash identifier: 3p1SfGTjTxF9yHdLni9u0/9FAHS1AQ4/zn6YM/Ktoso=
Subject key identifier: 54:58:98:1F:BA:9B:77:9C:99:9E:40:5E:F2:DF:CB:F8:5E:B4:08:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190FC3BEF256BC333B1A94C7B9245667648
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VFiYH7qbd5yZnkBe8t_L-F60CA0.roa
Signing time: Mon 29 Jul 2024 02:05:04 +0000
ROA not before: Mon 29 Jul 2024 02:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fc3b:68c0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fc:3b:ef:25:6b:c3:33:b1:a9:4c:7b:92:45:66:76:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 02:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5458981fba9b779c999e405ef2dfcbf85eb4080d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f9:9a:1a:dd:fb:5b:3a:08:d9:d6:59:9e:de:
82:66:c8:29:22:a4:1c:6a:63:0f:30:17:2f:4f:00:
45:3d:67:bc:ae:45:07:e6:36:bf:42:4b:34:7a:03:
aa:c7:82:a7:5a:77:dd:b7:d7:ce:07:b8:10:a3:51:
93:f7:db:ca:47:5b:46:1a:b7:61:28:29:e0:25:db:
b3:23:04:81:0a:c8:df:50:e5:ba:54:6a:77:e4:8f:
03:2c:15:17:1d:c4:e0:3a:c0:12:e5:75:49:96:db:
de:cb:10:48:27:79:28:4b:3f:f0:fb:6d:9f:2b:80:
6e:5b:1a:f4:8b:51:87:75:01:66:07:29:ec:e5:72:
ed:b0:82:5b:c2:92:6f:b4:85:f9:08:95:6e:2a:eb:
84:e3:66:35:18:be:1d:4c:95:b8:a0:27:ac:9d:41:
55:01:f1:4e:df:6f:8a:7d:93:5f:1b:6b:13:20:5f:
aa:e2:da:0d:b4:7c:99:3d:23:70:72:38:01:7f:6d:
8b:14:be:52:0b:88:15:38:51:dd:79:f4:3d:83:8a:
ab:a2:ef:4d:5a:85:38:54:a3:a9:4a:6c:60:fd:51:
a4:3d:59:78:30:f1:71:e5:96:78:39:ac:5b:32:1d:
c8:08:b7:5f:1f:2b:5e:fd:3e:a3:fd:18:fe:0f:33:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:58:98:1F:BA:9B:77:9C:99:9E:40:5E:F2:DF:CB:F8:5E:B4:08:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VFiYH7qbd5yZnkBe8t_L-F60CA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fc3b:68c0/128
Signature Algorithm: sha256WithRSAEncryption
72:cb:34:97:24:35:66:9a:a0:9e:a7:31:00:0a:a3:14:71:33:
0a:79:79:78:6a:aa:9a:78:3a:c0:28:20:72:fd:34:fc:b1:18:
5a:54:1d:8c:52:1a:4c:3a:b2:74:56:55:2a:f5:65:75:d7:3f:
b4:12:5b:e8:48:d5:31:b4:79:90:28:f3:42:e7:25:96:06:91:
b8:43:fe:a2:c1:2e:3e:25:dc:41:1f:9c:6c:05:a2:ad:6e:f0:
61:2a:33:ba:b3:13:78:f8:11:6f:b1:2c:2c:5f:76:be:ae:50:
6a:ab:f0:f3:ed:b0:a9:1f:c8:80:cc:08:52:0a:1a:42:d8:c0:
1a:09:9d:48:5e:e5:d7:ed:f9:82:1d:6c:c0:80:6f:57:45:96:
17:84:43:c5:3f:50:cf:a4:3f:11:26:2d:4e:ad:b8:ab:43:37:
8e:01:4c:5a:18:fa:7d:07:56:b0:8f:e8:a0:1b:b9:b8:4a:5f:
1b:47:43:b6:57:d8:8e:22:a4:52:12:08:a7:3a:e6:df:c9:82:
92:ba:41:4a:08:3c:10:8e:ac:d2:2a:17:f3:41:91:49:66:3f:
ba:96:3b:69:4e:59:c4:d3:08:77:e3:1a:32:78:0d:4a:bc:f2:
d1:85:79:12:f4:4b:20:97:4d:bc:d8:dc:02:d9:36:9e:15:de:
b0:28:3d:cd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZD8O+8la8MzsalMe5JFZnZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MDIwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDU4OTgxZmJhOWI3NzljOTk5ZTQwNWVmMmRmY2JmODVlYjQwODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPmaGt37WzoI2dZZnt6CZsgpIqQc
amMPMBcvTwBFPWe8rkUH5ja/Qks0egOqx4KnWnfdt9fOB7gQo1GT99vKR1tGGrdh
KCngJduzIwSBCsjfUOW6VGp35I8DLBUXHcTgOsAS5XVJltveyxBIJ3koSz/w+22f
K4BuWxr0i1GHdQFmByns5XLtsIJbwpJvtIX5CJVuKuuE42Y1GL4dTJW4oCesnUFV
AfFO32+KfZNfG2sTIF+q4toNtHyZPSNwcjgBf22LFL5SC4gVOFHdefQ9g4qrou9N
WoU4VKOpSmxg/VGkPVl4MPFx5ZZ4OaxbMh3ICLdfHyte/T6j/Rj+DzNgwwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFRYmB+6m3ecmZ5AXvLfy/hetAgNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVkZpWUg3cWJkNXlabmtCZTh0X0wtRjYwQ0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/DtowDANBgkqhkiG9w0BAQsFAAOCAQEAcss0lyQ1ZpqgnqcxAAqjFHEz
Cnl5eGqqmng6wCggcv00/LEYWlQdjFIaTDqydFZVKvVlddc/tBJb6EjVMbR5kCjz
QucllgaRuEP+osEuPiXcQR+cbAWirW7wYSozurMTePgRb7EsLF92vq5Qaqvw8+2w
qR/IgMwIUgoaQtjAGgmdSF7l1+35gh1swIBvV0WWF4RDxT9Qz6Q/ESYtTq24q0M3
jgFMWhj6fQdWsI/ooBu5uEpfG0dDtlfYjiKkUhIIpzrm38mCkrpBSgg8EI6s0ioX
80GRSWY/upY7aU5ZxNMId+MaMngNSrzy0YV5EvRLIJdNvNjcAtk2nhXesCg9zQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:07:14 2025 by rpki-client