Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XUILKQG3Kddpcv1K14ZW95Erky0.roa
File: XUILKQG3Kddpcv1K14ZW95Erky0.roa (raw, json)
Hash identifier: QPa6jDh6MOSKkQqriB3ysDYsbpP6OQl8UQwwb+FUJ7w=
Subject key identifier: 5D:42:0B:29:01:B7:29:D7:69:72:FD:4A:D7:86:56:F7:91:2B:93:2D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BE74286E774F79877D818F94A050ECDA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XUILKQG3Kddpcv1K14ZW95Erky0.roa
Signing time: Wed 04 Sep 2024 19:12:49 +0000
ROA not before: Wed 04 Sep 2024 19:12:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:74:28:6e:77:4f:79:87:7d:81:8f:94:a0:50:ec:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 4 19:12:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d420b2901b729d76972fd4ad78656f7912b932d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a8:11:c5:2b:f8:d4:b3:05:29:ba:fd:9a:b8:
2b:16:37:d3:97:ff:39:68:fa:63:cf:b8:70:de:9d:
9f:37:ce:fd:fc:ab:e8:6e:c3:b3:73:c3:61:ef:db:
5c:66:52:fe:ff:15:ea:7f:c2:ce:44:bf:d2:0c:ca:
77:0f:bd:69:c0:bb:b5:2f:c1:3c:9f:e3:86:ff:90:
16:55:f9:16:e9:ce:14:6b:35:56:70:34:9f:4a:38:
5c:be:e9:17:a1:33:86:89:dc:9b:18:8f:1b:99:a3:
38:58:a4:25:eb:3a:9f:48:db:6e:e8:08:1b:41:d9:
bf:47:0b:fa:c8:4b:ad:b9:7a:9b:0a:06:2c:d0:9b:
4d:5b:42:77:84:db:93:87:7f:6c:0a:d1:b8:14:89:
52:8d:27:dd:39:d0:2a:5b:b1:52:d9:8c:fb:39:0b:
b6:5d:ff:a2:c3:31:a1:b1:2d:85:75:70:86:3a:b5:
7b:41:a6:dd:71:8c:fb:83:98:c0:63:bb:b6:33:14:
2a:9a:43:a5:a3:e5:d6:a7:50:70:4c:24:36:80:9f:
3f:74:02:e0:d7:3e:40:6f:83:40:13:36:e7:82:84:
3f:a3:88:a9:a6:aa:ed:b3:02:ec:7b:02:a4:8a:56:
f0:41:3e:ed:44:b8:2f:89:b1:ba:de:02:e2:7a:30:
9d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:42:0B:29:01:B7:29:D7:69:72:FD:4A:D7:86:56:F7:91:2B:93:2D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XUILKQG3Kddpcv1K14ZW95Erky0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5b:32:e1:97:fd:97:46:ec:b2:06:f4:cd:46:99:a5:c6:42:e9:
a0:e5:0a:32:0e:1b:38:8b:71:25:c6:03:5e:3b:42:b1:ee:a7:
93:8f:3b:4c:eb:29:21:97:85:52:c5:a0:07:5b:56:d8:dc:35:
0e:ac:01:b5:4a:3f:0c:c9:f0:68:f9:8b:70:75:bd:e7:3f:ff:
f6:d5:c9:ab:89:21:c2:6b:0a:4a:07:04:f0:91:37:10:32:a7:
8d:51:f0:1a:93:87:a3:6b:08:80:2d:47:97:a3:94:cf:9e:c4:
c6:da:2c:7c:70:93:e7:3d:a9:0b:c8:7e:e1:b4:37:50:dc:91:
ee:76:bc:94:12:d2:1a:2e:61:6f:08:9c:2a:3c:cd:89:88:f3:
b5:ac:18:2f:40:6e:87:24:41:cc:6c:83:1a:84:1a:26:2a:28:
14:6f:f7:1e:57:06:92:3d:6d:21:eb:ac:63:2e:1b:c2:11:2b:
04:ca:4b:f8:cf:cd:a4:22:6c:1b:20:58:a2:40:66:7b:12:22:
ab:cd:a0:cd:aa:a1:d0:c9:3d:80:f6:be:3d:89:69:30:2d:31:
0b:21:ed:df:a3:bd:d0:ba:7b:1d:6b:4d:3d:72:06:1c:76:42:
8e:89:a5:c0:08:80:67:db:39:55:d2:73:6a:d7:17:36:76:e7:
b8:dd:9d:b3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG+dChud095h32Bj5SgUOzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA0MTkxMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQyMGIyOTAxYjcyOWQ3Njk3MmZkNGFkNzg2NTZmNzkxMmI5MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKgRxSv41LMFKbr9mrgrFjfTl/85
aPpjz7hw3p2fN879/KvobsOzc8Nh79tcZlL+/xXqf8LORL/SDMp3D71pwLu1L8E8
n+OG/5AWVfkW6c4UazVWcDSfSjhcvukXoTOGidybGI8bmaM4WKQl6zqfSNtu6Agb
Qdm/Rwv6yEutuXqbCgYs0JtNW0J3hNuTh39sCtG4FIlSjSfdOdAqW7FS2Yz7OQu2
Xf+iwzGhsS2FdXCGOrV7QabdcYz7g5jAY7u2MxQqmkOlo+XWp1BwTCQ2gJ8/dALg
1z5Ab4NAEzbngoQ/o4ippqrtswLsewKkilbwQT7tRLgvibG63gLiejCddwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF1CCykBtynXaXL9SteGVveRK5MtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWFVJTEtRRzNLZGRwY3YxSzE0Wlc5NUVya3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAWzLhl/2XRuyyBvTNRpmlxkLp
oOUKMg4bOItxJcYDXjtCse6nk487TOspIZeFUsWgB1tW2Nw1DqwBtUo/DMnwaPmL
cHW95z//9tXJq4khwmsKSgcE8JE3EDKnjVHwGpOHo2sIgC1Hl6OUz57ExtosfHCT
5z2pC8h+4bQ3UNyR7na8lBLSGi5hbwicKjzNiYjztawYL0BuhyRBzGyDGoQaJioo
FG/3HlcGkj1tIeusYy4bwhErBMpL+M/NpCJsGyBYokBmexIiq82gzaqh0Mk9gPa+
PYlpMC0xCyHt36O90Lp7HWtNPXIGHHZCjomlwAiAZ9s5VdJzatcXNnbnuN2dsw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:40 2025 by rpki-client