Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dUeUNx2aAUcCIz6gBRHGfdPe7o8.roa
File: dUeUNx2aAUcCIz6gBRHGfdPe7o8.roa (raw, json)
Hash identifier: nsGUqYOYUgV3Tjxyu9wBYVmLAOhrrXLXDFdIX+slWVk=
Subject key identifier: 75:47:94:37:1D:9A:01:47:02:23:3E:A0:05:11:C6:7D:D3:DE:EE:8F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01928C3450EBE9D3E5480235C04E211FA9A0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dUeUNx2aAUcCIz6gBRHGfdPe7o8.roa
Signing time: Mon 14 Oct 2024 18:04:51 +0000
ROA not before: Mon 14 Oct 2024 18:04:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:8c34:268e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8c:34:50:eb:e9:d3:e5:48:02:35:c0:4e:21:1f:a9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 14 18:04:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=754794371d9a014702233ea00511c67dd3deee8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:42:16:cc:da:6f:42:81:92:14:97:e7:62:f1:
9b:5b:39:d1:94:ef:cc:59:e5:e0:f7:b3:1b:07:50:
6a:91:a9:d1:ba:64:87:a5:09:dd:9e:f4:19:ee:e1:
56:ad:2e:3f:0e:c9:87:31:b5:77:e3:95:d8:5c:a6:
be:84:76:15:f8:1b:e0:3c:8a:ab:8c:e8:5a:2e:2f:
32:e2:25:17:a4:12:af:bc:e8:f3:ab:36:df:47:b3:
83:85:43:44:45:1b:ac:18:9b:24:16:89:38:ae:1e:
95:4a:7c:30:ca:bd:23:5f:60:a3:8e:78:0c:0c:98:
f5:4c:b7:8a:1d:34:70:cd:aa:93:a2:15:21:87:82:
56:ff:b3:b5:57:84:b0:14:fa:b4:15:26:24:3a:40:
55:07:bd:70:22:91:cf:24:5c:7c:97:85:87:91:17:
d8:3f:f0:35:b2:d5:6c:48:f0:5d:74:f8:0f:16:61:
10:7b:dd:05:24:ea:62:42:29:13:8f:8a:68:51:f9:
5e:0f:e0:0b:44:a8:91:71:be:ee:f5:b6:63:3a:21:
2e:1c:91:d8:28:05:1e:e0:e0:d9:e2:fe:7b:ed:8c:
74:2b:76:14:cd:05:b4:7c:13:87:4f:a2:f8:a1:4f:
00:6a:7f:1f:84:a9:93:7d:17:31:94:d2:f2:bc:c8:
f4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:47:94:37:1D:9A:01:47:02:23:3E:A0:05:11:C6:7D:D3:DE:EE:8F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dUeUNx2aAUcCIz6gBRHGfdPe7o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:8c34:268e/128
Signature Algorithm: sha256WithRSAEncryption
70:1c:8e:a8:d4:7d:1c:77:ea:d9:b3:9e:a0:d8:25:e1:04:74:
12:78:c4:d1:33:4d:32:e2:47:5d:29:3e:ad:be:62:7b:b1:62:
a4:a7:35:d9:bf:c2:95:87:a0:00:a4:ff:0c:02:15:1d:7a:7a:
b4:08:63:ec:1e:eb:cb:07:6e:92:da:eb:b6:da:ac:92:c1:09:
86:6e:08:10:53:1d:b4:c1:5b:de:19:ee:40:0b:9c:e9:01:f5:
2b:f7:80:f5:3d:6c:9f:7f:68:44:4e:68:a8:57:8c:b5:f9:20:
0e:a4:dd:37:c7:cc:29:45:fa:a5:76:6a:7e:94:9a:7e:0d:7b:
17:88:1d:a7:34:48:c2:b0:54:ae:02:77:a4:07:dd:db:ac:ac:
b5:fe:2e:a7:34:e5:ce:1a:3f:97:c2:09:4b:50:e7:af:43:bf:
1e:ed:69:f3:4a:0d:f7:9a:3c:dc:08:fe:55:73:b1:dd:42:4e:
0e:29:13:0a:b4:5c:a3:d7:d8:88:05:fa:fe:b1:6f:6c:85:3b:
4c:b7:a8:d6:f6:e6:36:97:19:a1:0d:25:83:fe:ad:89:1e:ee:
3b:bf:4a:c9:2e:67:81:5b:72:71:da:60:dd:78:58:9e:64:57:
ad:6d:32:61:fc:54:ee:51:b6:61:c1:80:75:fa:6a:bb:43:e0:
8d:61:33:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKMNFDr6dPlSAI1wE4hH6mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDE0MTgwNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ3OTQzNzFkOWEwMTQ3MDIyMzNlYTAwNTExYzY3ZGQzZGVlZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykIWzNpvQoGSFJfnYvGbWznRlO/M
WeXg97MbB1BqkanRumSHpQndnvQZ7uFWrS4/DsmHMbV345XYXKa+hHYV+BvgPIqr
jOhaLi8y4iUXpBKvvOjzqzbfR7ODhUNERRusGJskFok4rh6VSnwwyr0jX2CjjngM
DJj1TLeKHTRwzaqTohUhh4JW/7O1V4SwFPq0FSYkOkBVB71wIpHPJFx8l4WHkRfY
P/A1stVsSPBddPgPFmEQe90FJOpiQikTj4poUfleD+ALRKiRcb7u9bZjOiEuHJHY
KAUe4ODZ4v577Yx0K3YUzQW0fBOHT6L4oU8Aan8fhKmTfRcxlNLyvMj02wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHVHlDcdmgFHAiM+oAURxn3T3u6PMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZFVlVU54MmFBVWNDSXo2Z0JSSEdmZFBlN284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSjDQmjjANBgkqhkiG9w0BAQsFAAOCAQEAcByOqNR9HHfq2bOeoNgl4QR0
EnjE0TNNMuJHXSk+rb5ie7FipKc12b/ClYegAKT/DAIVHXp6tAhj7B7rywduktrr
ttqsksEJhm4IEFMdtMFb3hnuQAuc6QH1K/eA9T1sn39oRE5oqFeMtfkgDqTdN8fM
KUX6pXZqfpSafg17F4gdpzRIwrBUrgJ3pAfd26ystf4upzTlzho/l8IJS1Dnr0O/
Hu1p80oN95o83Aj+VXOx3UJODikTCrRco9fYiAX6/rFvbIU7TLeo1vbmNpcZoQ0l
g/6tiR7uO79KyS5ngVtycdpg3XhYnmRXrW0yYfxU7lG2YcGAdfpqu0PgjWEz5g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:04:50 2025 by rpki-client