Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_OfaVfavaV6F9uEb08mGqxz6geY.roa
File: _OfaVfavaV6F9uEb08mGqxz6geY.roa (raw, json)
Hash identifier: 5zahfYBkn/z6O1lZIHtWiIJyccjvJqZdeDCwwb+TfT8=
Subject key identifier: FC:E7:DA:55:F6:AF:69:5E:85:F6:E1:1B:D3:C9:86:AB:1C:FA:81:E6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01911FA9266126182AC12756A32B41DF8D6C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_OfaVfavaV6F9uEb08mGqxz6geY.roa
Signing time: Sun 04 Aug 2024 23:11:04 +0000
ROA not before: Sun 04 Aug 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1f:a9:26:61:26:18:2a:c1:27:56:a3:2b:41:df:8d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 4 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fce7da55f6af695e85f6e11bd3c986ab1cfa81e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:06:07:57:88:51:50:f1:4d:58:57:ee:39:70:
7c:ae:36:63:9b:1c:15:de:18:9b:d5:fd:14:c5:d7:
07:dc:32:e1:fb:0c:bf:1b:ef:69:bf:3a:41:6e:4e:
1f:47:8e:b1:78:29:0c:92:18:de:ae:f6:19:b8:ae:
ac:2a:04:af:e7:e2:cb:b1:dc:e1:33:37:d6:8b:81:
51:2e:ae:c2:1f:52:d1:a6:09:56:e1:c2:69:f9:14:
72:98:25:4f:2b:83:ff:4f:04:ff:49:04:a0:de:dc:
bf:de:ec:33:3e:ed:01:36:f0:a8:7d:1f:7a:7e:3a:
e9:5a:b2:5d:23:22:50:d4:2a:a5:26:a1:86:3a:68:
06:15:83:3c:37:76:21:7b:74:43:70:e2:c7:0f:65:
c2:c6:36:19:86:eb:9f:d1:e3:e0:f6:c3:19:92:1a:
76:05:78:89:27:59:53:97:44:97:bc:ed:4d:b9:10:
e0:ff:0f:39:4b:24:a4:8e:db:e8:84:64:26:8e:63:
5f:f0:bb:6c:01:57:53:d3:06:22:80:c6:0a:67:10:
ec:73:54:00:95:26:9e:fe:c2:13:51:62:36:5a:66:
96:06:78:25:80:fe:95:3f:45:de:9a:b8:83:bc:c8:
22:8c:c7:94:8f:42:8d:90:41:23:6d:48:53:32:b0:
b3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E7:DA:55:F6:AF:69:5E:85:F6:E1:1B:D3:C9:86:AB:1C:FA:81:E6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_OfaVfavaV6F9uEb08mGqxz6geY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
50:e9:e9:12:ef:b5:eb:9d:31:18:7f:e3:fd:08:c5:d4:55:51:
46:73:28:83:5f:8f:20:02:53:9c:4c:8b:65:fa:4b:7e:69:07:
86:9c:90:fc:68:dd:5c:10:9e:d4:6b:e4:91:77:5c:9d:6b:d4:
a1:94:de:c4:63:db:e4:97:18:8d:39:e5:94:f2:94:e8:4b:c8:
0a:a1:a1:8e:ee:1c:2b:8e:95:f0:dd:d3:ee:32:bf:63:ca:57:
7e:ff:54:c5:3c:3c:9e:ca:30:ba:b0:df:10:15:63:40:c6:a8:
ae:81:0f:15:d7:dd:0d:2b:6e:b7:0d:f0:b9:92:25:fb:18:cd:
0f:fb:52:cf:4c:52:1b:31:7c:c3:c6:16:bb:4a:e0:1f:5d:88:
62:90:16:53:b8:f6:d4:47:25:26:a7:ff:04:dc:e9:4a:50:60:
ed:0d:7b:6f:ef:e9:11:41:9d:90:54:4d:9b:14:b2:19:86:7a:
ad:b9:d6:79:a8:73:3d:f2:a2:d7:95:21:a8:75:5f:8a:85:fb:
f1:df:d8:0d:d7:ad:c0:4f:bc:97:1d:84:6b:48:96:fd:d7:47:
fb:cb:57:81:71:c6:e1:5f:0e:01:b1:66:c7:6d:d3:79:ee:e1:
7e:1f:09:e4:bf:cc:85:d6:94:8b:bd:6d:68:14:79:bd:d3:1f:
e3:1c:82:af
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEfqSZhJhgqwSdWoytB341sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA0MjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2U3ZGE1NWY2YWY2OTVlODVmNmUxMWJkM2M5ODZhYjFjZmE4MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAYHV4hRUPFNWFfuOXB8rjZjmxwV
3hib1f0UxdcH3DLh+wy/G+9pvzpBbk4fR46xeCkMkhjervYZuK6sKgSv5+LLsdzh
MzfWi4FRLq7CH1LRpglW4cJp+RRymCVPK4P/TwT/SQSg3ty/3uwzPu0BNvCofR96
fjrpWrJdIyJQ1CqlJqGGOmgGFYM8N3Yhe3RDcOLHD2XCxjYZhuuf0ePg9sMZkhp2
BXiJJ1lTl0SXvO1NuRDg/w85SySkjtvohGQmjmNf8LtsAVdT0wYigMYKZxDsc1QA
lSae/sITUWI2WmaWBnglgP6VP0XemriDvMgijMeUj0KNkEEjbUhTMrCzxQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPzn2lX2r2lehfbhG9PJhqsc+oHmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX09mYVZmYXZhVjZGOXVFYjA4bUdxeHo2Z2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAUOnpEu+1650xGH/j/QjF1FVR
RnMog1+PIAJTnEyLZfpLfmkHhpyQ/GjdXBCe1GvkkXdcnWvUoZTexGPb5JcYjTnl
lPKU6EvICqGhju4cK46V8N3T7jK/Y8pXfv9UxTw8nsowurDfEBVjQMaoroEPFdfd
DStutw3wuZIl+xjND/tSz0xSGzF8w8YWu0rgH12IYpAWU7j21EclJqf/BNzpSlBg
7Q17b+/pEUGdkFRNmxSyGYZ6rbnWeahzPfKi15UhqHVfioX78d/YDdetwE+8lx2E
a0iW/ddH+8tXgXHG4V8OAbFmx23Tee7hfh8J5L/MhdaUi71taBR5vdMf4xyCrw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:16:42 2025 by rpki-client