Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_zrM5XcqcCclR_641wpVBIl6hTU.roa
File: _zrM5XcqcCclR_641wpVBIl6hTU.roa (raw, json)
Hash identifier: sIXt2iQpXc748Bmq9fMz55OpHkfMvixNAzZSgto1hwg=
Subject key identifier: FF:3A:CC:E5:77:2A:70:27:25:47:FE:B8:D7:0A:55:04:89:7A:85:35
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0193C6FC962DF403CFE1D072CD9C6E6271F2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_zrM5XcqcCclR_641wpVBIl6hTU.roa
Signing time: Sat 14 Dec 2024 21:04:22 +0000
ROA not before: Sat 14 Dec 2024 21:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:c6fc:8bf8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c6:fc:96:2d:f4:03:cf:e1:d0:72:cd:9c:6e:62:71:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Dec 14 21:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff3acce5772a70272547feb8d70a5504897a8535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b3:63:dd:22:34:8d:94:d4:e7:0a:d4:cb:d7:
d9:bf:7d:26:0a:73:de:74:1e:ec:d0:fe:7f:06:82:
82:66:7b:77:70:5c:a5:06:03:b6:13:ff:50:00:72:
30:51:2b:dc:0d:c4:82:fc:0a:e9:5c:99:a2:f4:78:
25:fd:f3:90:a6:38:76:49:a1:a7:23:b2:4b:74:d4:
9c:cb:b5:4e:19:6b:cc:28:5f:a6:dc:61:5a:ab:0b:
51:5d:11:bd:fd:0b:ba:7f:ea:2b:d1:20:85:55:ce:
ce:06:8f:82:87:91:08:d8:aa:bf:e5:36:87:17:85:
85:05:b4:b1:3a:15:ba:12:ec:0b:cf:37:0c:d1:1c:
b9:67:5d:e0:70:51:e7:17:30:ac:e8:a4:cb:a7:f8:
92:62:86:40:8e:65:58:38:49:75:4a:41:ad:ff:0a:
15:d9:d4:56:c1:91:1b:ba:69:d6:1a:8f:65:fe:93:
f6:51:11:bc:63:3a:2f:fe:e6:aa:48:2a:0a:dc:8c:
0e:00:47:1b:1b:4e:cd:63:f2:3b:78:64:dc:bc:51:
42:e2:3b:eb:31:b4:e0:ee:78:52:c0:d8:c8:ef:74:
27:57:12:2e:02:b5:39:72:81:57:a3:ab:fc:7f:00:
89:74:02:80:f4:2b:1a:fa:9b:1f:7d:22:6d:5b:81:
0b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3A:CC:E5:77:2A:70:27:25:47:FE:B8:D7:0A:55:04:89:7A:85:35
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_zrM5XcqcCclR_641wpVBIl6hTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:c6fc:8bf8/128
Signature Algorithm: sha256WithRSAEncryption
3d:39:32:4d:98:10:76:e6:40:43:a5:7e:ac:7e:ec:e7:c0:be:
f8:0e:00:42:e5:f5:01:66:88:47:4e:80:0a:c3:25:84:c0:b0:
2d:c7:93:a3:5c:fe:04:e9:27:65:b5:0b:07:0e:16:03:36:14:
64:e3:b0:86:2e:a6:63:00:d8:45:33:91:d1:f3:48:95:ea:62:
e1:66:60:87:9a:76:89:7c:d8:0a:9c:2c:dc:c4:0c:49:97:1e:
c8:c0:3a:9a:5a:a9:d1:a2:59:ab:ad:2c:18:d0:c0:3f:7b:d8:
5c:f4:35:09:e3:9a:40:71:85:55:f0:25:71:9b:c3:8c:72:3c:
0a:ef:ab:50:7e:e0:7f:4d:99:32:32:77:ad:bd:d2:98:75:92:
aa:db:dd:45:22:4c:a7:9f:4d:f1:e9:cd:b1:6f:9d:a1:6e:c0:
7a:47:a4:1d:b6:38:62:c1:75:e1:cd:d0:17:f5:7e:38:54:80:
80:3b:be:20:2e:fd:c8:0a:15:67:6c:d6:08:68:e0:18:29:40:
c3:43:f4:fd:d4:74:49:ae:86:f4:e5:ce:ab:66:5c:7f:78:8d:
37:36:07:d0:95:a2:5e:e6:41:3b:f7:f6:ab:76:a5:13:52:45:
f5:64:14:5c:87:75:63:d6:1f:8c:b5:09:03:68:94:86:cd:11:
0c:22:e8:c1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZPG/JYt9APP4dByzZxuYnHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMjE0MjEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNhY2NlNTc3MmE3MDI3MjU0N2ZlYjhkNzBhNTUwNDg5N2E4NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rNj3SI0jZTU5wrUy9fZv30mCnPe
dB7s0P5/BoKCZnt3cFylBgO2E/9QAHIwUSvcDcSC/ArpXJmi9Hgl/fOQpjh2SaGn
I7JLdNScy7VOGWvMKF+m3GFaqwtRXRG9/Qu6f+or0SCFVc7OBo+Ch5EI2Kq/5TaH
F4WFBbSxOhW6EuwLzzcM0Ry5Z13gcFHnFzCs6KTLp/iSYoZAjmVYOEl1SkGt/woV
2dRWwZEbumnWGo9l/pP2URG8Yzov/uaqSCoK3IwOAEcbG07NY/I7eGTcvFFC4jvr
MbTg7nhSwNjI73QnVxIuArU5coFXo6v8fwCJdAKA9Csa+psffSJtW4ELjQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP86zOV3KnAnJUf+uNcKVQSJeoU1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX3pyTTVYY3FjQ2NsUl82NDF3cFZCSWw2aFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTxvyL+DANBgkqhkiG9w0BAQsFAAOCAQEAPTkyTZgQduZAQ6V+rH7s58C+
+A4AQuX1AWaIR06ACsMlhMCwLceTo1z+BOknZbULBw4WAzYUZOOwhi6mYwDYRTOR
0fNIlepi4WZgh5p2iXzYCpws3MQMSZceyMA6mlqp0aJZq60sGNDAP3vYXPQ1CeOa
QHGFVfAlcZvDjHI8Cu+rUH7gf02ZMjJ3rb3SmHWSqtvdRSJMp59N8enNsW+doW7A
ekekHbY4YsF14c3QF/V+OFSAgDu+IC79yAoVZ2zWCGjgGClAw0P0/dR0Sa6G9OXO
q2Zcf3iNNzYH0JWiXuZBO/f2q3alE1JF9WQUXId1Y9YfjLUJA2iUhs0RDCLowQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:24 2025 by rpki-client