Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bLint67oylIaFoEhg0sMhejo0pc.roa
File: bLint67oylIaFoEhg0sMhejo0pc.roa (raw, json)
Hash identifier: zlI7qFq0dczwUzBUN215TOYfC2f2e36LylQKSspY7lI=
Subject key identifier: 6C:B8:A7:B7:AE:E8:CA:52:1A:16:81:21:83:4B:0C:85:E8:E8:D2:97
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019159638361F7B48479D53E089605F1AB77
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bLint67oylIaFoEhg0sMhejo0pc.roa
Signing time: Fri 16 Aug 2024 04:12:59 +0000
ROA not before: Fri 16 Aug 2024 04:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:59:63:83:61:f7:b4:84:79:d5:3e:08:96:05:f1:ab:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 16 04:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb8a7b7aee8ca521a168121834b0c85e8e8d297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:9f:92:68:9e:61:a0:b6:44:86:67:a2:ab:
24:bf:19:d0:1c:51:09:4c:dd:c9:6c:44:74:87:08:
8f:4f:c9:94:8f:59:7a:bc:25:9b:9c:f3:1e:f5:ee:
f4:45:73:6b:4b:44:81:00:3b:9f:e7:ec:b0:da:7b:
8b:3a:d4:8a:d8:c1:86:a8:25:d2:0e:4a:98:16:3f:
0f:db:21:ce:8d:0f:9b:e7:e1:3a:47:10:42:d5:53:
28:d4:23:c3:b8:a4:10:cd:e7:7b:75:39:b7:25:90:
f1:83:57:40:97:05:84:a3:4b:9e:5f:1c:7a:84:72:
f7:19:d7:f6:11:d4:a3:58:52:51:1b:30:82:0b:b1:
c3:51:98:bd:ff:e5:7a:ab:a3:d7:c6:5d:4a:ea:90:
41:73:55:6c:8e:5d:1a:57:e0:da:b3:67:7f:39:a6:
ff:b7:2c:0d:bd:ba:ad:2d:4b:90:42:7f:6f:de:46:
56:25:09:b1:54:ae:27:81:4c:a8:ae:6b:1a:5a:37:
2f:93:d2:af:cd:76:c2:ad:0f:18:05:5c:17:cc:dd:
e1:0a:b0:59:69:18:04:86:e9:24:f0:83:be:83:77:
a4:d3:f0:78:f5:28:4e:14:b8:80:46:3a:68:8c:8c:
7a:e3:a6:a6:e1:f1:44:86:9e:c5:9a:6b:14:63:91:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B8:A7:B7:AE:E8:CA:52:1A:16:81:21:83:4B:0C:85:E8:E8:D2:97
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bLint67oylIaFoEhg0sMhejo0pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2f:ba:c1:cb:4d:4f:3a:d9:88:e2:a2:57:19:73:fe:4f:03:9d:
3d:05:07:ec:11:b2:73:8d:e0:f2:9b:da:19:6c:3e:b5:ba:e3:
9d:62:30:cf:ba:b2:f2:43:ae:83:a3:4d:da:25:18:79:09:4d:
b7:87:7d:89:f5:6c:75:0f:3b:08:63:26:f9:39:52:60:4c:01:
07:0c:92:90:09:c0:28:80:79:3b:32:f8:96:40:d6:4b:c6:c1:
63:0a:35:ce:8a:35:9f:d2:65:7c:34:e7:24:a7:31:f8:59:b8:
e0:24:fa:aa:6e:45:c5:49:4b:09:68:2c:d6:a1:ea:2c:cb:77:
64:01:37:07:fc:b1:8f:c6:de:35:00:3a:8c:a5:6c:99:30:e4:
5f:ae:3e:ce:81:e4:b2:fc:a0:96:b7:33:31:18:fd:34:60:3d:
c9:4c:a3:b3:b3:f2:49:fe:d7:54:80:01:79:15:d4:e8:aa:06:
4e:c3:cd:55:d7:de:0c:d4:fb:37:ee:9a:16:bf:80:68:77:09:
d1:5e:8f:4e:ba:a1:3e:2e:f3:6b:fe:f7:16:63:41:93:03:8b:
ee:f8:f4:f2:4a:96:3f:d8:10:29:13:3f:4e:85:f1:ba:e0:8a:
29:e6:2d:49:76:36:66:b3:c5:3b:0d:c4:a5:9e:3f:40:3e:a9:
e3:df:06:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFZY4Nh97SEedU+CJYF8at3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE2MDQxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I4YTdiN2FlZThjYTUyMWExNjgxMjE4MzRiMGM4NWU4ZThkMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZGfkmieYaC2RIZnoqskvxnQHFEJ
TN3JbER0hwiPT8mUj1l6vCWbnPMe9e70RXNrS0SBADuf5+yw2nuLOtSK2MGGqCXS
DkqYFj8P2yHOjQ+b5+E6RxBC1VMo1CPDuKQQzed7dTm3JZDxg1dAlwWEo0ueXxx6
hHL3Gdf2EdSjWFJRGzCCC7HDUZi9/+V6q6PXxl1K6pBBc1Vsjl0aV+Das2d/Oab/
tywNvbqtLUuQQn9v3kZWJQmxVK4ngUyormsaWjcvk9KvzXbCrQ8YBVwXzN3hCrBZ
aRgEhukk8IO+g3ek0/B49ShOFLiARjpojIx646am4fFEhp7FmmsUY5Fw1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGy4p7eu6MpSGhaBIYNLDIXo6NKXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYkxpbnQ2N295bElhRm9FaGcwc01oZWpvMHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAL7rBy01POtmI4qJXGXP+TwOd
PQUH7BGyc43g8pvaGWw+tbrjnWIwz7qy8kOug6NN2iUYeQlNt4d9ifVsdQ87CGMm
+TlSYEwBBwySkAnAKIB5OzL4lkDWS8bBYwo1zoo1n9JlfDTnJKcx+Fm44CT6qm5F
xUlLCWgs1qHqLMt3ZAE3B/yxj8beNQA6jKVsmTDkX64+zoHksvyglrczMRj9NGA9
yUyjs7PySf7XVIABeRXU6KoGTsPNVdfeDNT7N+6aFr+AaHcJ0V6PTrqhPi7za/73
FmNBkwOL7vj08kqWP9gQKRM/ToXxuuCKKeYtSXY2ZrPFOw3EpZ4/QD6p498G5g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 13:57:11 2025 by rpki-client