Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VjdMMffNSKk-1fQjUZfAOWy8f8s.roa
File: VjdMMffNSKk-1fQjUZfAOWy8f8s.roa (raw, json)
Hash identifier: 8vew/4ixYND6e/q3/+qTrVcR8QkZ82eyUDjA8gbMx/k=
Subject key identifier: 56:37:4C:31:F7:CD:48:A9:3E:D5:F4:23:51:97:C0:39:6C:BC:7F:CB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912988EC17A5385DCD7726719DBFC43C3B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VjdMMffNSKk-1fQjUZfAOWy8f8s.roa
Signing time: Tue 06 Aug 2024 21:12:04 +0000
ROA not before: Tue 06 Aug 2024 21:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:29:88:ec:17:a5:38:5d:cd:77:26:71:9d:bf:c4:3c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 6 21:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56374c31f7cd48a93ed5f4235197c0396cbc7fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:92:66:d2:c4:09:d1:09:5e:42:ce:4c:66:59:
5d:19:99:66:e9:3a:d8:b1:d5:cb:a7:bf:66:de:dd:
22:0e:c7:d3:95:c1:ac:8c:ad:a1:a4:69:c8:7e:3e:
e0:14:d3:c7:5e:89:6f:72:91:4f:c2:dc:62:98:2d:
79:8e:c1:e6:a0:2d:eb:9b:0e:16:09:e1:47:93:ff:
e2:d7:72:c2:bb:ea:a3:b4:78:63:a3:e5:8b:15:7a:
58:5d:57:2b:e8:86:62:64:3b:6b:d9:1c:a7:5b:9f:
ea:77:2c:33:46:c4:53:89:73:b5:a8:a5:b1:0b:b8:
cd:92:6c:62:66:2f:c5:d7:ea:94:13:9e:ea:58:5c:
f1:0d:f9:39:31:f8:c6:ce:46:6a:b8:ba:f9:d1:7d:
83:76:d1:1b:a9:cf:90:8e:e2:a7:d2:78:a6:6d:36:
ef:8f:0f:71:e3:4e:64:a6:7f:ab:20:c2:8c:c2:28:
3f:35:7e:c9:f1:58:dc:ef:f3:67:3d:34:b8:1c:c5:
db:4d:1b:4c:62:28:5f:73:00:16:98:0d:8d:09:6d:
3f:f0:b9:f6:17:fe:26:cb:7d:6f:91:22:ad:87:33:
60:b5:79:6b:f9:3f:30:e0:51:c9:9c:8c:01:44:d2:
d6:3a:4d:ff:35:c5:fe:1b:d8:bd:ad:80:bc:20:77:
ec:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:37:4C:31:F7:CD:48:A9:3E:D5:F4:23:51:97:C0:39:6C:BC:7F:CB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VjdMMffNSKk-1fQjUZfAOWy8f8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8a:ad:f1:26:8a:c5:ea:eb:83:29:2a:79:63:dd:72:9b:36:27:
ce:b2:be:1b:ab:a9:c3:68:08:8f:04:8f:f0:c6:2e:05:19:8b:
ae:9b:05:d9:38:d5:24:fa:c3:2e:64:ef:1f:8c:32:45:c4:3e:
70:95:31:65:0e:27:e9:ca:d7:0b:32:57:8a:04:79:ac:db:bd:
2a:02:8a:96:fd:5a:83:7e:2e:60:0c:4c:22:d0:9d:6b:af:7f:
2b:07:15:ef:7a:98:00:bd:80:0a:7f:5c:98:40:9c:ec:fe:6a:
44:b0:35:6b:3d:ba:4b:b7:a5:c8:e6:b8:df:c0:90:cf:d9:0e:
4e:54:75:95:63:b9:4b:13:88:dd:18:72:b6:ac:9d:39:c5:7d:
ed:9e:e1:23:51:6a:de:af:97:75:be:e3:db:d6:23:e5:4b:28:
f2:c9:29:a0:b0:76:8e:3e:79:c8:4b:c7:05:b6:10:71:b7:da:
5d:51:ba:af:b5:e9:81:24:26:09:fa:a9:0e:35:18:c4:f4:ac:
70:34:c2:8f:d1:b6:bd:c6:a0:34:8b:90:46:c1:42:88:9f:a3:
97:c0:18:b8:aa:6d:e4:0e:c5:06:cd:8b:25:04:0e:d8:62:9e:
2b:8c:14:e2:99:3e:a8:7c:3a:7a:dc:01:2f:a2:65:10:97:ff:
87:35:bd:bf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEpiOwXpThdzXcmcZ2/xDw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA2MjExMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjM3NGMzMWY3Y2Q0OGE5M2VkNWY0MjM1MTk3YzAzOTZjYmM3ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZJm0sQJ0QleQs5MZlldGZlm6TrY
sdXLp79m3t0iDsfTlcGsjK2hpGnIfj7gFNPHXolvcpFPwtximC15jsHmoC3rmw4W
CeFHk//i13LCu+qjtHhjo+WLFXpYXVcr6IZiZDtr2RynW5/qdywzRsRTiXO1qKWx
C7jNkmxiZi/F1+qUE57qWFzxDfk5MfjGzkZquLr50X2DdtEbqc+QjuKn0nimbTbv
jw9x405kpn+rIMKMwig/NX7J8Vjc7/NnPTS4HMXbTRtMYihfcwAWmA2NCW0/8Ln2
F/4my31vkSKthzNgtXlr+T8w4FHJnIwBRNLWOk3/NcX+G9i9rYC8IHfsmQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFY3TDH3zUipPtX0I1GXwDlsvH/LMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVmpkTU1mZk5TS2stMWZRalVaZkFPV3k4ZjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAiq3xJorF6uuDKSp5Y91ymzYn
zrK+G6upw2gIjwSP8MYuBRmLrpsF2TjVJPrDLmTvH4wyRcQ+cJUxZQ4n6crXCzJX
igR5rNu9KgKKlv1ag34uYAxMItCda69/KwcV73qYAL2ACn9cmECc7P5qRLA1az26
S7elyOa438CQz9kOTlR1lWO5SxOI3RhytqydOcV97Z7hI1Fq3q+Xdb7j29Yj5Uso
8skpoLB2jj55yEvHBbYQcbfaXVG6r7XpgSQmCfqpDjUYxPSscDTCj9G2vcagNIuQ
RsFCiJ+jl8AYuKpt5A7FBs2LJQQO2GKeK4wU4pk+qHw6etwBL6JlEJf/hzW9vw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:05:17 2025 by rpki-client