Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cD8yKBieglE-ZsWIt0ZjVqkkbnc.roa
File: cD8yKBieglE-ZsWIt0ZjVqkkbnc.roa (raw, json)
Hash identifier: Iq1+cJ2vMjqtV9nFq6PW5Sy/5SJnco9KWv9Za89KEeM=
Subject key identifier: 70:3F:32:28:18:9E:82:51:3E:66:C5:88:B7:46:63:56:A9:24:6E:77
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191DDC82BFB9517E13BBE1170B1BF5D16C3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cD8yKBieglE-ZsWIt0ZjVqkkbnc.roa
Signing time: Tue 10 Sep 2024 21:12:48 +0000
ROA not before: Tue 10 Sep 2024 21:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
2001:67c:64:ffff:0:191:d82c:371b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:c8:2b:fb:95:17:e1:3b:be:11:70:b1:bf:5d:16:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 10 21:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=703f3228189e82513e66c588b7466356a9246e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:52:d2:66:d5:1e:ff:f1:1d:e7:5d:07:d5:
a9:9f:6b:2d:b7:3f:78:a8:e2:48:7d:25:2f:e0:e7:
12:12:4b:19:b6:e3:db:8f:f2:bf:6b:9e:a5:7e:75:
62:12:f2:d0:eb:52:34:2b:61:c9:5a:2b:41:5e:9c:
9a:fd:2c:45:24:ed:ac:90:2c:12:7d:6c:9d:41:95:
57:44:05:f2:33:73:46:aa:45:66:72:8c:f0:36:60:
6d:1b:fa:fc:29:99:63:23:57:90:10:e9:d1:fd:fe:
dc:65:6a:19:41:4b:e8:00:3a:12:ce:a2:16:2b:c4:
b9:c5:09:eb:a6:fa:77:61:a1:6b:84:35:ab:91:34:
8c:a7:2d:38:64:1f:62:cc:20:49:bd:e2:21:53:5c:
35:12:50:d0:ea:18:a4:82:f3:d8:92:2a:fe:53:de:
67:06:3b:ed:ea:e8:aa:9b:90:3e:86:3d:ae:bf:c9:
14:47:e3:cd:8d:a6:ba:be:ce:47:64:46:6d:67:e5:
97:32:c2:64:90:4d:2c:7c:35:1f:58:79:8f:b8:d8:
62:9d:2d:07:79:79:8e:2e:ba:ab:ad:e2:ee:92:d5:
d8:94:95:c8:a3:2f:9b:7f:8c:56:a9:74:20:52:d4:
6e:7a:9e:05:20:f1:a3:f8:f9:a0:fc:00:92:7d:e1:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3F:32:28:18:9E:82:51:3E:66:C5:88:B7:46:63:56:A9:24:6E:77
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cD8yKBieglE-ZsWIt0ZjVqkkbnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
2001:67c:64:ffff:0:191:d82c:371b/128
Signature Algorithm: sha256WithRSAEncryption
1a:2d:4f:20:e8:65:34:e8:bf:e7:b0:87:de:3f:7c:26:bf:48:
4f:fe:00:49:dc:f0:06:bb:ae:98:ac:e5:ad:24:4a:a1:2f:d2:
52:d8:94:4e:6e:74:0b:c2:31:16:c1:30:ee:89:ab:5c:6f:07:
c0:df:9d:b0:1d:cb:f1:a4:55:e9:42:e9:c8:d5:a6:fd:14:1d:
69:87:47:0d:74:f4:3d:06:4d:c9:14:30:87:b8:a4:23:df:a6:
5e:0e:d6:85:46:64:8b:6a:58:e9:8b:c0:68:41:9f:2c:43:d4:
f6:1d:d9:29:1b:af:a7:7e:41:32:9d:dc:37:b9:dd:9e:f9:43:
f9:72:a8:dc:c8:fd:77:2d:de:90:29:c1:c3:19:81:5e:66:99:
d9:b0:3a:69:f4:97:e5:9e:e4:14:e1:3a:5c:f2:05:44:cf:02:
a9:89:1b:c3:45:6f:e7:1d:af:b5:42:c2:85:5e:1e:50:d1:a4:
06:41:9a:d6:cf:f8:5f:39:8e:bb:a1:49:2a:ad:79:64:3f:df:
f0:a5:35:6b:6b:98:fb:e7:fc:0d:25:92:9b:84:ea:80:f6:ee:
79:a2:8e:37:e5:13:c8:14:d6:5b:b0:c6:f0:41:12:04:5d:15:
50:f8:4f:f9:65:9c:c7:d2:ae:3e:23:18:f4:0b:bf:fa:68:85:
34:9c:0b:30
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHdyCv7lRfhO74RcLG/XRbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEwMjExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNmMzIyODE4OWU4MjUxM2U2NmM1ODhiNzQ2NjM1NmE5MjQ2ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujZS0mbVHv/xHeddB9Wpn2sttz94
qOJIfSUv4OcSEksZtuPbj/K/a56lfnViEvLQ61I0K2HJWitBXpya/SxFJO2skCwS
fWydQZVXRAXyM3NGqkVmcozwNmBtG/r8KZljI1eQEOnR/f7cZWoZQUvoADoSzqIW
K8S5xQnrpvp3YaFrhDWrkTSMpy04ZB9izCBJveIhU1w1ElDQ6hikgvPYkir+U95n
Bjvt6uiqm5A+hj2uv8kUR+PNjaa6vs5HZEZtZ+WXMsJkkE0sfDUfWHmPuNhinS0H
eXmOLrqrreLuktXYlJXIoy+bf4xWqXQgUtRuep4FIPGj+Pmg/ACSfeGBjQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHA/MigYnoJRPmbFiLdGY1apJG53MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY0Q4eUtCaWVnbEUtWnNXSXQwWmpWcWtrYm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wDEQAgAQZ8AGT//wAAAZHYLDcb
MA0GCSqGSIb3DQEBCwUAA4IBAQAaLU8g6GU06L/nsIfeP3wmv0hP/gBJ3PAGu66Y
rOWtJEqhL9JS2JRObnQLwjEWwTDuiatcbwfA352wHcvxpFXpQunI1ab9FB1ph0cN
dPQ9Bk3JFDCHuKQj36ZeDtaFRmSLaljpi8BoQZ8sQ9T2HdkpG6+nfkEyndw3ud2e
+UP5cqjcyP13Ld6QKcHDGYFeZpnZsDpp9JflnuQU4Tpc8gVEzwKpiRvDRW/nHa+1
QsKFXh5Q0aQGQZrWz/hfOY67oUkqrXlkP9/wpTVra5j75/wNJZKbhOqA9u55oo43
5RPIFNZbsMbwQRIEXRVQ+E/5ZZzH0q4+Ixj0C7/6aIU0nAsw
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:19:01 2025 by rpki-client