Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/daX_b0DMdt5C6443UqEyC9sILgE.roa
File: daX_b0DMdt5C6443UqEyC9sILgE.roa (raw, json)
Hash identifier: NpzIy1MPmf/zikE8h4Xy7edXJD13To83IpADMOULfRI=
Subject key identifier: 75:A5:FF:6F:40:CC:76:DE:42:EB:8E:37:52:A1:32:0B:DB:08:2E:01
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019519CE4250A9333E9F739372558EA21AA9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/daX_b0DMdt5C6443UqEyC9sILgE.roa
Signing time: Tue 18 Feb 2025 16:05:02 +0000
ROA not before: Tue 18 Feb 2025 16:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:19cd:f0f9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:ce:42:50:a9:33:3e:9f:73:93:72:55:8e:a2:1a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 18 16:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75a5ff6f40cc76de42eb8e3752a1320bdb082e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:41:db:81:9c:bf:1d:5d:4a:91:8e:a3:c4:9b:
52:33:ca:f5:b5:d6:2f:a3:fc:30:ac:0f:5d:f6:44:
73:5c:c9:48:fb:ae:45:fc:1c:1e:d4:05:04:93:3b:
4d:ae:09:9b:18:17:5f:d7:d9:06:4a:a5:b7:67:b4:
0a:42:26:7f:32:60:4c:5e:ee:7d:dc:f1:ea:6e:33:
59:0a:79:4f:e6:0d:d4:1b:88:d3:60:27:6b:96:eb:
f5:b7:d6:ba:c9:38:81:5b:85:9c:a2:2d:02:f5:6b:
56:43:bd:b6:ab:f0:2e:02:c8:a5:e6:40:84:fb:16:
f2:2a:70:e7:2e:d1:28:a7:31:19:a7:b6:1f:e7:46:
64:55:e5:cb:70:4b:cf:18:6d:87:2d:7b:66:f6:89:
79:0c:5e:45:0d:ea:13:26:42:33:25:b7:e3:f2:cf:
13:2f:db:86:66:bc:00:15:32:51:31:2c:dc:82:f3:
1c:f6:42:e9:9a:e5:a2:3e:00:a8:f7:64:b0:85:e9:
f8:6c:e3:01:a3:a5:c0:9b:8b:67:82:1c:c8:99:9f:
70:17:e0:03:70:78:20:18:52:09:87:55:5b:bf:26:
a2:74:1e:06:1e:e2:01:fd:47:1b:07:c2:0e:5f:ca:
9e:c8:6b:88:0b:86:ee:4c:e2:97:c7:f7:f3:de:ac:
1d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A5:FF:6F:40:CC:76:DE:42:EB:8E:37:52:A1:32:0B:DB:08:2E:01
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/daX_b0DMdt5C6443UqEyC9sILgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:19cd:f0f9/128
Signature Algorithm: sha256WithRSAEncryption
2f:c4:2c:92:51:d2:88:6b:0d:0d:b1:a7:3e:9b:e7:0b:ea:f5:
be:99:48:81:b3:7c:58:08:4f:39:87:d1:a1:35:6b:79:b7:c3:
52:47:51:76:06:f2:43:f4:95:ff:f4:f1:9b:fa:91:ea:4c:a8:
68:70:0c:da:54:15:3a:a6:b1:15:d6:44:38:4f:50:89:25:de:
35:53:5b:b3:9f:84:11:a8:ed:12:a8:7b:fa:15:3a:70:f2:a0:
49:49:c9:12:32:fd:9e:8a:b3:ef:5a:91:0a:e2:c4:36:27:82:
d6:a4:21:05:90:ca:e5:4a:00:94:c3:a5:33:33:58:b5:07:65:
78:08:11:ea:b3:ff:b8:4b:19:7d:5e:d9:5e:e7:f4:1b:30:7e:
90:97:e5:6e:a9:56:1e:54:5c:d2:bd:51:36:2e:d6:39:d0:d0:
3d:24:eb:58:4d:50:b0:06:fc:34:e0:e1:7c:c1:cf:8f:55:74:
a3:dc:8f:86:f7:d2:74:07:8f:bd:bb:26:12:92:ef:3b:f7:e3:
51:bc:f2:bc:9f:f7:f6:89:a9:a9:7e:ec:c2:de:dd:54:d2:65:
02:b4:45:1e:60:c0:3f:e8:69:34:86:d7:d5:eb:d7:a5:48:0c:
c9:12:e1:0e:d9:71:21:8c:2d:c6:76:cf:90:6e:db:0d:2e:b9:
2e:53:5f:7d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUZzkJQqTM+n3OTclWOohqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE4MTYwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE1ZmY2ZjQwY2M3NmRlNDJlYjhlMzc1MmExMzIwYmRiMDgyZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0HbgZy/HV1KkY6jxJtSM8r1tdYv
o/wwrA9d9kRzXMlI+65F/Bwe1AUEkztNrgmbGBdf19kGSqW3Z7QKQiZ/MmBMXu59
3PHqbjNZCnlP5g3UG4jTYCdrluv1t9a6yTiBW4Wcoi0C9WtWQ722q/AuAsil5kCE
+xbyKnDnLtEopzEZp7Yf50ZkVeXLcEvPGG2HLXtm9ol5DF5FDeoTJkIzJbfj8s8T
L9uGZrwAFTJRMSzcgvMc9kLpmuWiPgCo92Swhen4bOMBo6XAm4tnghzImZ9wF+AD
cHggGFIJh1VbvyaidB4GHuIB/UcbB8IOX8qeyGuIC4buTOKXx/fz3qwd8QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHWl/29AzHbeQuuON1KhMgvbCC4BMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZGFYX2IwRE1kdDVDNjQ0M1VxRXlDOXNJTGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVGc3w+TANBgkqhkiG9w0BAQsFAAOCAQEAL8QsklHSiGsNDbGnPpvnC+r1
vplIgbN8WAhPOYfRoTVrebfDUkdRdgbyQ/SV//Txm/qR6kyoaHAM2lQVOqaxFdZE
OE9QiSXeNVNbs5+EEajtEqh7+hU6cPKgSUnJEjL9noqz71qRCuLENieC1qQhBZDK
5UoAlMOlMzNYtQdleAgR6rP/uEsZfV7ZXuf0GzB+kJflbqlWHlRc0r1RNi7WOdDQ
PSTrWE1QsAb8NODhfMHPj1V0o9yPhvfSdAePvbsmEpLvO/fjUbzyvJ/39ompqX7s
wt7dVNJlArRFHmDAP+hpNIbX1evXpUgMyRLhDtlxIYwtxnbPkG7bDS65LlNffQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:23:48 2025 by rpki-client