Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_UUg3Xv6foldrxAeoYJmBBqxbbM.roa
File: _UUg3Xv6foldrxAeoYJmBBqxbbM.roa (raw, json)
Hash identifier: k+Gzbc4vGeQOEe3FH1b1aFlXmkc4yBlEBrEQ8llPR1Q=
Subject key identifier: FD:45:20:DD:7B:FA:7E:89:5D:AF:10:1E:A1:82:66:04:1A:B1:6D:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019177DA53C657A24E52DC66C4EDEA9951D7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_UUg3Xv6foldrxAeoYJmBBqxbbM.roa
Signing time: Thu 22 Aug 2024 02:11:22 +0000
ROA not before: Thu 22 Aug 2024 02:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:77:da:53:c6:57:a2:4e:52:dc:66:c4:ed:ea:99:51:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 22 02:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd4520dd7bfa7e895daf101ea18266041ab16db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:0b:7f:fe:1b:6c:f1:2b:3c:d1:e9:13:f6:
69:4e:31:a1:82:be:22:60:78:a5:2b:9f:6a:7f:cb:
0c:14:84:cb:5b:c0:8e:aa:fe:7a:e4:55:ee:19:7c:
89:f3:bd:5e:8a:e4:dd:af:11:83:77:0e:c8:54:3c:
ac:4a:cc:f6:73:a4:ca:ee:8e:c0:0a:f6:50:3f:05:
98:1a:49:3a:e4:5a:5c:d7:bf:83:fa:40:cd:42:75:
93:e8:8e:7e:a8:0d:b3:6b:8e:42:93:ef:df:f2:d3:
f5:1e:72:fc:c4:ea:c1:fd:db:72:b4:44:0e:bf:f1:
e7:88:6b:8b:7a:e6:0e:a2:0b:c0:2b:af:01:42:3d:
09:3e:34:05:37:f4:50:dc:c1:20:3a:e2:59:87:37:
7a:46:2d:6e:14:7f:28:63:4b:7b:74:b7:35:e4:dc:
af:21:4b:f5:91:56:3b:23:49:0d:f3:29:fc:a4:46:
5f:48:c7:6d:b5:8b:19:66:46:48:ee:da:3a:24:19:
53:ed:97:34:8c:f0:22:80:ca:e4:7e:3a:dd:9e:6a:
e2:e5:f0:71:6f:bd:96:44:df:57:2a:d3:6f:ab:c3:
24:d3:3f:6d:1b:f7:4a:41:58:ba:bc:e7:5c:6b:a1:
39:c4:8b:92:2d:a4:76:46:b6:68:11:91:8f:9a:f9:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:45:20:DD:7B:FA:7E:89:5D:AF:10:1E:A1:82:66:04:1A:B1:6D:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_UUg3Xv6foldrxAeoYJmBBqxbbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6c:3b:22:fa:da:51:e7:47:0c:21:3c:2e:c0:ec:5a:ff:3b:70:
02:db:f5:b3:52:34:a1:7e:f4:cc:71:ad:dc:45:60:0f:52:55:
10:bc:f5:16:76:17:3e:66:cb:e0:a4:8b:6d:49:51:80:be:ee:
cf:10:60:7e:fb:a0:8a:8c:1f:fa:1f:2d:a2:50:33:65:f4:7a:
1b:e2:fe:cd:34:76:49:c3:e3:56:ec:15:b1:54:f7:73:6b:64:
88:9f:31:05:a7:eb:e1:78:25:b6:ba:54:64:ab:a9:32:32:96:
6a:9e:34:5b:45:b1:a1:4f:3a:e9:19:5b:43:0e:49:c9:9a:78:
10:22:b1:ea:fe:d8:45:20:2a:8e:2d:60:a3:46:08:67:c6:bf:
f4:02:c7:72:11:71:60:ba:08:e0:dd:39:79:4e:fc:92:91:11:
3a:29:6a:2f:d5:ec:c3:c2:62:d0:02:81:16:37:02:2c:68:dd:
50:07:b3:f7:03:26:a6:46:4c:04:83:02:f6:ee:75:fb:16:16:
8a:6e:37:4a:4d:14:70:51:a3:6d:61:f3:18:20:c6:c9:18:67:
8c:1d:ef:8d:83:b7:e0:42:c9:ff:7c:90:0e:9c:2a:b3:f1:d3:
1a:1b:a5:ba:49:c5:ad:4a:bd:3e:e4:68:c3:91:e0:c3:8a:54:
1f:49:2d:f8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF32lPGV6JOUtxmxO3qmVHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIyMDIxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ1MjBkZDdiZmE3ZTg5NWRhZjEwMWVhMTgyNjYwNDFhYjE2ZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3YLf/4bbPErPNHpE/ZpTjGhgr4i
YHilK59qf8sMFITLW8COqv565FXuGXyJ871eiuTdrxGDdw7IVDysSsz2c6TK7o7A
CvZQPwWYGkk65Fpc17+D+kDNQnWT6I5+qA2za45Ck+/f8tP1HnL8xOrB/dtytEQO
v/HniGuLeuYOogvAK68BQj0JPjQFN/RQ3MEgOuJZhzd6Ri1uFH8oY0t7dLc15Nyv
IUv1kVY7I0kN8yn8pEZfSMdttYsZZkZI7to6JBlT7Zc0jPAigMrkfjrdnmri5fBx
b72WRN9XKtNvq8Mk0z9tG/dKQVi6vOdca6E5xIuSLaR2RrZoEZGPmvlTkQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP1FIN17+n6JXa8QHqGCZgQasW2zMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX1VVZzNYdjZmb2xkcnhBZW9ZSm1CQnF4YmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAbDsi+tpR50cMITwuwOxa/ztw
Atv1s1I0oX70zHGt3EVgD1JVELz1FnYXPmbL4KSLbUlRgL7uzxBgfvugiowf+h8t
olAzZfR6G+L+zTR2ScPjVuwVsVT3c2tkiJ8xBafr4XgltrpUZKupMjKWap40W0Wx
oU866RlbQw5JyZp4ECKx6v7YRSAqji1go0YIZ8a/9ALHchFxYLoI4N05eU78kpER
OilqL9Xsw8Ji0AKBFjcCLGjdUAez9wMmpkZMBIMC9u51+xYWim43Sk0UcFGjbWHz
GCDGyRhnjB3vjYO34ELJ/3yQDpwqs/HTGhuluknFrUq9PuRow5Hgw4pUH0kt+A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:53 2025 by rpki-client