Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZqfKlN-v2JK2LMJe-UeHFM8YFUA.roa
File: ZqfKlN-v2JK2LMJe-UeHFM8YFUA.roa (raw, json)
Hash identifier: W3KwBBv1dC0fYRgq9ksd2zTO84mtRKRx9atxgXRsj9Q=
Subject key identifier: 66:A7:CA:94:DF:AF:D8:92:B6:2C:C2:5E:F9:47:87:14:CF:18:15:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E5B44046960E9128BDCBD7DD5FA3D3DB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZqfKlN-v2JK2LMJe-UeHFM8YFUA.roa
Signing time: Thu 12 Sep 2024 10:08:01 +0000
ROA not before: Thu 12 Sep 2024 10:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:191:e5b0:d2b2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:b4:40:46:96:0e:91:28:bd:cb:d7:dd:5f:a3:d3:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 12 10:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a7ca94dfafd892b62cc25ef9478714cf181540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:c3:01:29:1d:c8:28:99:a5:fe:db:6c:c5:
a8:8c:47:ba:d0:20:33:c8:48:1e:ca:fa:9c:25:0e:
4a:f4:06:10:40:b4:27:71:cc:4c:bb:1c:c4:33:56:
e1:82:70:85:1a:38:bb:1b:4f:7e:da:db:b0:88:02:
ca:36:2e:14:68:3a:ea:44:51:e3:f2:e0:55:ea:f2:
d4:33:ad:06:ae:0e:b7:86:59:08:f6:97:f5:50:13:
86:7e:11:83:db:55:d1:9c:a9:38:fd:80:4e:94:12:
69:50:42:30:b8:47:b5:a7:ec:66:bc:c6:48:1d:81:
1a:2d:17:58:70:dc:74:0b:0f:26:52:ed:c3:d6:a4:
65:68:9f:54:1d:68:8a:8c:3a:c0:76:30:08:f9:a1:
31:2e:33:06:ad:e3:67:c6:95:62:26:ca:38:1e:d0:
3c:43:65:88:28:7d:e2:61:c2:bd:c8:b7:69:9c:28:
19:58:db:88:0e:40:61:1c:92:00:35:1a:0f:e5:10:
96:3b:f4:22:08:56:33:82:26:e1:fc:0b:d8:9b:0d:
d0:74:6a:94:17:ae:d5:97:f0:09:00:70:c0:56:38:
11:1d:03:00:56:58:ba:eb:eb:b3:fd:35:02:38:89:
e6:6b:91:7d:18:f1:2f:8b:1f:58:ed:13:8d:49:b0:
c3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A7:CA:94:DF:AF:D8:92:B6:2C:C2:5E:F9:47:87:14:CF:18:15:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ZqfKlN-v2JK2LMJe-UeHFM8YFUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:191:e5b0:d2b2/128
Signature Algorithm: sha256WithRSAEncryption
1d:90:39:17:25:67:19:aa:7f:44:0c:0b:7e:8b:f5:75:0c:c6:
b4:f9:85:47:d8:d8:47:69:7b:66:9b:1f:fe:9b:2b:ea:57:2e:
7c:32:81:fe:99:72:7a:ac:e4:4a:c1:20:a2:10:fa:9f:7d:71:
bf:c9:df:7d:69:21:36:65:56:d9:f3:3c:54:72:1a:bd:be:68:
cb:f8:cf:bf:f6:80:14:6a:16:6e:80:1d:81:d5:0c:63:b2:29:
3c:00:cf:a0:31:1a:5e:d9:d6:af:94:e6:a2:10:93:85:03:60:
bc:02:41:89:55:93:36:0a:74:4e:56:a2:fe:f5:27:db:ce:73:
81:a7:a8:b9:e4:56:77:4b:ee:1e:d8:1f:88:10:bd:a2:66:b4:
38:42:92:58:38:57:2a:62:bb:54:33:40:29:87:be:61:fb:ef:
6c:22:34:59:2a:38:e9:bc:87:fc:63:0d:b7:e2:a7:9b:01:5e:
a3:0a:36:96:fb:d8:37:10:bf:3a:eb:24:f0:86:a0:6c:a0:fb:
29:0f:c8:a4:1d:0a:7f:46:c9:65:9c:bf:2f:5d:bf:f2:0d:44:
42:30:68:49:d4:f2:10:52:1a:ad:1a:54:0f:96:bc:bc:01:0e:
1d:ef:dd:de:97:9d:33:f1:4e:15:d8:07:7a:78:24:8e:a3:a3:
0a:a3:5e:9a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHltEBGlg6RKL3L191fo9PbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEyMTAwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE3Y2E5NGRmYWZkODkyYjYyY2MyNWVmOTQ3ODcxNGNmMTgxNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8nDASkdyCiZpf7bbMWojEe60CAz
yEgeyvqcJQ5K9AYQQLQnccxMuxzEM1bhgnCFGji7G09+2tuwiALKNi4UaDrqRFHj
8uBV6vLUM60Grg63hlkI9pf1UBOGfhGD21XRnKk4/YBOlBJpUEIwuEe1p+xmvMZI
HYEaLRdYcNx0Cw8mUu3D1qRlaJ9UHWiKjDrAdjAI+aExLjMGreNnxpViJso4HtA8
Q2WIKH3iYcK9yLdpnCgZWNuIDkBhHJIANRoP5RCWO/QiCFYzgibh/AvYmw3QdGqU
F67Vl/AJAHDAVjgRHQMAVli66+uz/TUCOInma5F9GPEvix9Y7RONSbDDtwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGanypTfr9iStizCXvlHhxTPGBVAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWnFmS2xOLXYySksyTE1KZS1VZUhGTThZRlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGR5bDSsjANBgkqhkiG9w0BAQsFAAOCAQEAHZA5FyVnGap/RAwLfov1dQzG
tPmFR9jYR2l7Zpsf/psr6lcufDKB/plyeqzkSsEgohD6n31xv8nffWkhNmVW2fM8
VHIavb5oy/jPv/aAFGoWboAdgdUMY7IpPADPoDEaXtnWr5TmohCThQNgvAJBiVWT
Ngp0Tlai/vUn285zgaeoueRWd0vuHtgfiBC9oma0OEKSWDhXKmK7VDNAKYe+Yfvv
bCI0WSo46byH/GMNt+KnmwFeowo2lvvYNxC/Ousk8IagbKD7KQ/IpB0Kf0bJZZy/
L12/8g1EQjBoSdTyEFIarRpUD5a8vAEOHe/d3pedM/FOFdgHengkjqOjCqNemg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:29 2025 by rpki-client