Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eFT0qrkFMjysljZCEbIZewCx4QE.roa
File: eFT0qrkFMjysljZCEbIZewCx4QE.roa (raw, json)
Hash identifier: h9hyBdqU+KvlWONZCfq0UG7EZt/bm4uWEp0KnrH89fQ=
Subject key identifier: 78:54:F4:AA:B9:05:32:3C:AC:96:36:42:11:B2:19:7B:00:B1:E1:01
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01910EB58CD811883995B57896231A4CEB8E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eFT0qrkFMjysljZCEbIZewCx4QE.roa
Signing time: Thu 01 Aug 2024 16:11:04 +0000
ROA not before: Thu 01 Aug 2024 16:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:b5:8c:d8:11:88:39:95:b5:78:96:23:1a:4c:eb:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 1 16:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7854f4aab905323cac96364211b2197b00b1e101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:e4:2f:80:d7:86:2c:d5:fa:22:9e:75:9c:
3c:de:f0:7b:90:9f:dc:48:5f:74:aa:b0:bf:58:aa:
1a:6a:6d:f4:60:ff:fc:bb:14:8c:77:a9:18:21:cf:
84:a7:bd:1e:93:5c:ee:aa:9c:45:60:1b:02:7e:51:
e9:ab:82:48:24:a8:c1:c9:0e:ec:2f:f1:5f:41:13:
37:f6:98:fd:19:a2:45:37:d0:08:34:b3:f5:64:5f:
01:29:5b:bf:cc:e5:e3:76:ad:36:b5:f4:5a:a4:3b:
50:d5:22:cf:9c:85:8b:f6:ef:79:4e:9d:e8:0d:0d:
f8:05:29:de:61:50:64:6a:f6:a8:b0:b4:bb:1f:00:
32:ea:c3:32:58:aa:ed:e7:9b:4b:d5:92:aa:ab:06:
00:38:4e:0c:89:7d:38:a1:bb:7d:55:b0:1c:1d:8b:
bb:3b:d4:98:a5:df:00:4f:7d:bf:4f:0c:09:ab:69:
1b:8f:a9:09:b7:eb:21:20:9e:9e:b0:4a:bf:e9:03:
0d:6c:7c:aa:80:55:7a:6e:a3:2d:93:57:e3:15:09:
c7:3f:99:94:93:b2:12:2b:a5:a0:62:06:11:b0:02:
24:9a:eb:3c:4a:30:8a:b5:68:96:ec:ed:17:29:6c:
85:ab:94:bc:c3:e0:5c:81:c4:b0:5c:66:ef:6c:37:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:54:F4:AA:B9:05:32:3C:AC:96:36:42:11:B2:19:7B:00:B1:E1:01
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/eFT0qrkFMjysljZCEbIZewCx4QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
01:13:1d:ec:4f:af:78:d1:7b:8b:d9:80:85:b4:be:fc:75:3b:
e3:8e:56:2d:fb:80:36:09:a0:64:1c:dc:34:7c:80:9a:22:e1:
ee:79:81:41:f0:2f:ce:4a:19:e5:c7:fd:a1:02:d6:25:e4:15:
63:fd:56:f6:c0:97:f3:14:9b:52:00:de:ad:b5:c0:4d:47:7a:
03:fa:e5:ca:a0:7b:fb:30:0c:f4:80:4b:25:1e:c7:45:70:99:
e8:fb:27:78:43:9b:5d:5a:04:a8:2b:ea:e1:ba:97:d4:09:b4:
25:eb:dc:3d:d0:16:53:c1:53:bc:d6:59:f1:8a:f2:f6:50:af:
5e:0d:6e:84:0a:42:c8:83:4b:8f:bb:f6:24:84:76:a5:55:52:
c3:37:43:31:21:6b:38:97:31:7c:84:12:b1:17:ea:4d:97:b5:
b1:8c:ed:05:05:b6:58:4c:84:a1:7a:8d:db:b5:54:0e:04:a8:
c2:16:9e:1d:33:d3:b5:ef:8b:6b:dd:9d:72:80:d4:7d:84:3a:
1a:78:f8:40:04:12:49:85:24:0f:31:0b:12:ff:1a:23:42:46:
74:cb:86:4d:e0:dd:cf:7f:99:9a:60:55:7f:c5:b7:8f:83:ed:
69:d5:e8:73:59:5c:68:67:14:d2:eb:13:ec:1d:ac:c7:ac:2c:
ab:2d:23:c7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEOtYzYEYg5lbV4liMaTOuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAxMTYxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU0ZjRhYWI5MDUzMjNjYWM5NjM2NDIxMWIyMTk3YjAwYjFlMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjXkL4DXhizV+iKedZw83vB7kJ/c
SF90qrC/WKoaam30YP/8uxSMd6kYIc+Ep70ek1zuqpxFYBsCflHpq4JIJKjByQ7s
L/FfQRM39pj9GaJFN9AINLP1ZF8BKVu/zOXjdq02tfRapDtQ1SLPnIWL9u95Tp3o
DQ34BSneYVBkavaosLS7HwAy6sMyWKrt55tL1ZKqqwYAOE4MiX04obt9VbAcHYu7
O9SYpd8AT32/TwwJq2kbj6kJt+shIJ6esEq/6QMNbHyqgFV6bqMtk1fjFQnHP5mU
k7ISK6WgYgYRsAIkmus8SjCKtWiW7O0XKWyFq5S8w+BcgcSwXGbvbDcM4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHhU9Kq5BTI8rJY2QhGyGXsAseEBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZUZUMHFya0ZNanlzbGpaQ0ViSVpld0N4NFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAARMd7E+veNF7i9mAhbS+/HU7
445WLfuANgmgZBzcNHyAmiLh7nmBQfAvzkoZ5cf9oQLWJeQVY/1W9sCX8xSbUgDe
rbXATUd6A/rlyqB7+zAM9IBLJR7HRXCZ6PsneEObXVoEqCvq4bqX1Am0JevcPdAW
U8FTvNZZ8Yry9lCvXg1uhApCyINLj7v2JIR2pVVSwzdDMSFrOJcxfIQSsRfqTZe1
sYztBQW2WEyEoXqN27VUDgSowhaeHTPTte+La92dcoDUfYQ6Gnj4QAQSSYUkDzEL
Ev8aI0JGdMuGTeDdz3+ZmmBVf8W3j4PtadXoc1lcaGcU0usT7B2sx6wsqy0jxw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:04:55 2025 by rpki-client