Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YqDPAcS7CFB0cV8cWKoaUhtLxp0.roa
File: YqDPAcS7CFB0cV8cWKoaUhtLxp0.roa (raw, json)
Hash identifier: u8GFQPHdtFQ6tXj2B5QO72IFf706QFOCytgqThCkpi8=
Subject key identifier: 62:A0:CF:01:C4:BB:08:50:74:71:5F:1C:58:AA:1A:52:1B:4B:C6:9D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912AD2825B6D221E38DD04FA93C850539A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YqDPAcS7CFB0cV8cWKoaUhtLxp0.roa
Signing time: Wed 07 Aug 2024 03:12:04 +0000
ROA not before: Wed 07 Aug 2024 03:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2a:d2:82:5b:6d:22:1e:38:dd:04:fa:93:c8:50:53:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 7 03:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a0cf01c4bb085074715f1c58aa1a521b4bc69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c6:03:6f:4e:2a:81:90:c7:fa:9d:23:c7:2f:
04:13:6f:ca:f7:c5:7b:96:12:66:5c:75:21:8c:30:
e4:45:03:6d:d6:b2:a9:2b:bb:9d:32:d4:ae:24:8f:
b7:c6:76:ea:b3:60:b7:0c:84:39:9c:b2:6a:ba:d1:
f0:b8:cd:1e:e3:58:21:44:35:33:87:d7:c7:3b:64:
2b:c6:b9:cb:f7:90:2d:14:3b:78:0b:1d:28:68:33:
34:85:84:fb:20:79:6c:15:0b:c4:12:3e:fd:ec:32:
d7:25:0d:17:c7:94:19:13:48:b3:49:f0:c3:d3:d1:
77:3e:e6:58:e0:95:7a:0a:d0:c8:d1:ae:98:89:09:
da:57:15:e9:7f:74:df:42:6e:e0:7c:fa:a3:40:3f:
98:3b:a1:c2:6b:7a:4c:86:e9:55:5f:64:fc:20:d7:
61:99:4a:79:f9:1b:d9:bc:ac:d4:f7:20:81:75:a5:
8a:89:d4:a3:f6:6f:01:f3:dc:18:0e:b8:51:05:34:
d6:ee:70:cb:99:1f:67:fe:fa:34:af:2c:83:24:70:
9e:c1:d9:ec:53:63:03:71:f6:92:68:d7:64:8a:ec:
d2:7c:41:ee:c5:e8:f6:4d:56:7f:32:f2:69:13:75:
ff:83:93:d6:ca:4a:d5:47:53:c2:15:50:7e:64:04:
0c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A0:CF:01:C4:BB:08:50:74:71:5F:1C:58:AA:1A:52:1B:4B:C6:9D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YqDPAcS7CFB0cV8cWKoaUhtLxp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
80:4e:55:58:b5:fe:54:e2:d4:83:79:91:d4:c5:fa:7a:04:03:
94:7d:e5:11:b8:2f:67:09:fe:41:18:4b:7f:85:0e:89:02:8b:
2a:5e:d8:4f:3e:b5:b8:29:d0:34:cd:55:6e:a0:98:72:94:46:
20:e5:ef:2b:c1:9d:27:36:3b:0e:61:c8:fc:99:3f:69:40:b8:
71:de:00:a0:93:9a:68:37:68:38:30:c2:ed:58:33:c2:4a:32:
94:f2:1d:cf:6a:38:93:a6:e1:b7:a3:87:0d:d3:0b:39:1a:a9:
78:f9:b6:fd:d1:79:7a:ec:1e:2f:b5:67:b2:50:df:17:74:85:
25:5f:2b:7a:20:8a:39:e2:e6:11:f0:fa:a1:6e:d3:03:fa:ac:
cd:31:07:81:b8:75:70:c9:80:3b:0a:aa:93:2e:bc:0b:7e:e4:
d9:3f:08:40:09:8c:c5:d9:33:89:d4:b4:46:f9:3d:51:a4:b5:
8d:16:2c:9e:e0:35:17:4f:c5:3e:5f:51:4c:16:d8:46:a4:fc:
53:7e:82:37:38:3b:82:ae:ad:7c:db:7a:12:e7:6f:29:79:79:
7a:79:ef:ae:3e:80:c7:25:7b:23:f7:b7:9b:33:46:c6:36:f7:
bb:63:19:56:e9:ad:ff:d4:42:bb:ba:8d:11:de:1a:55:d3:d2:
05:28:10:64
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEq0oJbbSIeON0E+pPIUFOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA3MDMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEwY2YwMWM0YmIwODUwNzQ3MTVmMWM1OGFhMWE1MjFiNGJjNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68YDb04qgZDH+p0jxy8EE2/K98V7
lhJmXHUhjDDkRQNt1rKpK7udMtSuJI+3xnbqs2C3DIQ5nLJqutHwuM0e41ghRDUz
h9fHO2QrxrnL95AtFDt4Cx0oaDM0hYT7IHlsFQvEEj797DLXJQ0Xx5QZE0izSfDD
09F3PuZY4JV6CtDI0a6YiQnaVxXpf3TfQm7gfPqjQD+YO6HCa3pMhulVX2T8INdh
mUp5+RvZvKzU9yCBdaWKidSj9m8B89wYDrhRBTTW7nDLmR9n/vo0ryyDJHCewdns
U2MDcfaSaNdkiuzSfEHuxej2TVZ/MvJpE3X/g5PWykrVR1PCFVB+ZAQMMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGKgzwHEuwhQdHFfHFiqGlIbS8adMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWXFEUEFjUzdDRkIwY1Y4Y1dLb2FVaHRMeHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAgE5VWLX+VOLUg3mR1MX6egQD
lH3lEbgvZwn+QRhLf4UOiQKLKl7YTz61uCnQNM1VbqCYcpRGIOXvK8GdJzY7DmHI
/Jk/aUC4cd4AoJOaaDdoODDC7VgzwkoylPIdz2o4k6bht6OHDdMLORqpePm2/dF5
euweL7VnslDfF3SFJV8reiCKOeLmEfD6oW7TA/qszTEHgbh1cMmAOwqqky68C37k
2T8IQAmMxdkzidS0Rvk9UaS1jRYsnuA1F0/FPl9RTBbYRqT8U36CNzg7gq6tfNt6
EudvKXl5ennvrj6AxyV7I/e3mzNGxjb3u2MZVumt/9RCu7qNEd4aVdPSBSgQZA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:12:19 2025 by rpki-client