Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zosh3ibJ7w_mKYv1V7rFKippWj8.roa
File: Zosh3ibJ7w_mKYv1V7rFKippWj8.roa (raw, json)
Hash identifier: 2gyeXcLOcN1dwH9c5frFHdA4YSr27qqxG6OV5954IuM=
Subject key identifier: 66:8B:21:DE:26:C9:EF:0F:E6:29:8B:F5:57:BA:C5:2A:2A:69:5A:3F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191ABC8B2DFFEE278E940B533C8A3677AA2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zosh3ibJ7w_mKYv1V7rFKippWj8.roa
Signing time: Sun 01 Sep 2024 04:12:22 +0000
ROA not before: Sun 01 Sep 2024 04:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ab:c8:b2:df:fe:e2:78:e9:40:b5:33:c8:a3:67:7a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 1 04:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668b21de26c9ef0fe6298bf557bac52a2a695a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:f4:ef:98:f7:ef:33:bf:7f:88:3c:c2:52:
77:67:81:a2:07:ea:67:3b:5b:02:3f:d9:db:52:b7:
5f:aa:8b:eb:67:44:a4:ca:47:5d:e2:0b:dd:82:da:
7b:c7:8e:81:af:04:d6:26:36:f1:f3:d9:e9:af:4e:
c8:7a:5e:43:70:da:e1:8f:b8:59:c5:1b:89:96:f8:
ea:7f:bc:10:81:c5:c7:a1:dc:d9:5a:0d:bd:9d:8c:
10:5a:8b:f5:72:af:86:37:b3:4e:58:78:65:df:2f:
be:e5:6a:a8:67:09:1c:1f:08:94:9e:80:d5:6e:4b:
85:76:31:13:57:0a:64:6f:58:65:68:69:47:44:2f:
6c:e9:a6:09:18:f1:8b:7f:a7:d9:02:b9:eb:21:b2:
82:bf:a7:42:48:45:5b:4b:89:e0:72:ff:cc:7b:f3:
64:69:01:29:6c:c9:99:aa:eb:c2:b1:dc:8e:e5:7c:
fb:65:9a:90:a0:8e:94:1b:e5:0e:8b:bd:2a:a8:ba:
33:29:42:37:a1:79:74:d9:74:e1:33:4b:c4:96:6e:
55:2c:f1:37:6c:f8:6d:6c:5d:80:01:9c:bb:c9:7b:
02:37:be:a3:b5:42:4e:0e:d9:37:53:a6:20:45:be:
81:ae:a3:3e:1c:7c:80:96:c4:e4:03:77:33:ef:86:
03:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8B:21:DE:26:C9:EF:0F:E6:29:8B:F5:57:BA:C5:2A:2A:69:5A:3F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Zosh3ibJ7w_mKYv1V7rFKippWj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
53:8d:f4:c6:7e:7e:e0:c6:b8:18:59:ce:63:8c:4d:0e:49:3a:
6c:6e:08:50:b1:b6:d1:4e:d0:b5:6b:7a:e4:bf:f7:25:a2:d8:
51:8d:39:ed:ee:3d:d4:9e:78:f1:d5:3f:2e:20:0a:f2:05:7e:
5d:ab:8b:8e:f5:c5:f5:c0:e9:fb:8a:de:f4:74:e2:f8:a5:71:
5b:51:8c:17:c4:35:e3:13:ab:05:8a:29:3b:b2:a7:e6:02:75:
90:82:a6:bd:63:71:f3:6d:87:18:d7:e6:b5:db:c1:0e:26:3d:
b5:12:99:e2:6a:a7:c9:49:78:01:97:6d:81:2a:d1:7c:f0:ef:
fc:d8:84:fd:ac:67:18:a0:9e:3a:3d:d0:1f:cb:3c:11:58:35:
0d:59:a7:5c:26:5a:27:de:42:5c:da:8c:4d:36:39:f6:c1:d0:
14:a2:d9:50:1b:86:e0:7c:f5:e2:16:8e:78:ac:53:f6:76:30:
84:d8:e0:dc:a1:a2:0e:c1:ed:b3:0b:20:a0:10:b2:3c:e3:cb:
01:aa:e6:af:ed:4e:e9:8d:6c:89:f6:fc:62:91:2e:f4:16:31:
3e:8e:79:a3:95:eb:be:40:91:80:3b:e2:88:15:5c:d5:00:d7:
0c:f4:ab:e0:46:f6:50:82:54:e5:de:0b:17:ca:f2:c8:d4:5d:
9f:58:61:a9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGryLLf/uJ46UC1M8ijZ3qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAxMDQxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhiMjFkZTI2YzllZjBmZTYyOThiZjU1N2JhYzUyYTJhNjk1YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVn075j37zO/f4g8wlJ3Z4GiB+pn
O1sCP9nbUrdfqovrZ0Skykdd4gvdgtp7x46BrwTWJjbx89npr07Iel5DcNrhj7hZ
xRuJlvjqf7wQgcXHodzZWg29nYwQWov1cq+GN7NOWHhl3y++5WqoZwkcHwiUnoDV
bkuFdjETVwpkb1hlaGlHRC9s6aYJGPGLf6fZArnrIbKCv6dCSEVbS4ngcv/Me/Nk
aQEpbMmZquvCsdyO5Xz7ZZqQoI6UG+UOi70qqLozKUI3oXl02XThM0vElm5VLPE3
bPhtbF2AAZy7yXsCN76jtUJODtk3U6YgRb6BrqM+HHyAlsTkA3cz74YD1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGaLId4mye8P5imL9Ve6xSoqaVo/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWm9zaDNpYko3d19tS1l2MVY3ckZLaXBwV2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAU430xn5+4Ma4GFnOY4xNDkk6
bG4IULG20U7QtWt65L/3JaLYUY057e491J548dU/LiAK8gV+XauLjvXF9cDp+4re
9HTi+KVxW1GMF8Q14xOrBYopO7Kn5gJ1kIKmvWNx822HGNfmtdvBDiY9tRKZ4mqn
yUl4AZdtgSrRfPDv/NiE/axnGKCeOj3QH8s8EVg1DVmnXCZaJ95CXNqMTTY59sHQ
FKLZUBuG4Hz14haOeKxT9nYwhNjg3KGiDsHtswsgoBCyPOPLAarmr+1O6Y1sifb8
YpEu9BYxPo55o5XrvkCRgDviiBVc1QDXDPSr4Eb2UIJU5d4LF8ryyNRdn1hhqQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:48:55 2025 by rpki-client