Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ejh0PQiyGMbkyaRD7t4kizfNSWM.roa
File: ejh0PQiyGMbkyaRD7t4kizfNSWM.roa (raw, json)
Hash identifier: LHBNp0Z2oYDdwv4r2Y3wcUHXyiMYEux4CIG0r2M/cHM=
Subject key identifier: 7A:38:74:3D:08:B2:18:C6:E4:C9:A4:43:EE:DE:24:8B:37:CD:49:63
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CEF7A89BD4B03DE263691113B434B55A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ejh0PQiyGMbkyaRD7t4kizfNSWM.roa
Signing time: Sun 08 Sep 2024 00:10:22 +0000
ROA not before: Sun 08 Sep 2024 00:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ce:f7:a8:9b:d4:b0:3d:e2:63:69:11:13:b4:34:b5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 8 00:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a38743d08b218c6e4c9a443eede248b37cd4963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:2c:cc:7a:6e:18:4d:6f:d8:24:61:48:d0:
20:db:de:14:d1:51:67:76:51:0a:01:dc:50:ad:8a:
98:1f:45:70:27:73:dd:24:38:00:b6:a1:6c:f8:a7:
50:96:ce:16:77:ef:f4:95:69:52:3a:db:15:34:b9:
c3:ff:b5:10:02:d1:75:78:88:6e:18:ee:37:50:6c:
b8:e2:4e:c8:bf:88:a1:4b:f9:66:2a:20:f6:27:7c:
60:e3:59:6b:f4:5a:64:2d:b6:02:2a:dd:e9:90:5e:
22:5b:12:ba:e1:56:3c:2b:02:30:3e:e8:8b:4e:9d:
dd:df:75:97:17:4d:c6:ab:86:c8:29:1e:10:5b:18:
20:50:a6:61:46:e8:7c:7c:bb:cd:45:9a:53:1e:a9:
ec:06:b1:5c:b8:69:39:75:ca:cc:1a:f1:4b:d9:67:
d5:33:c8:9b:2c:0c:a9:45:82:d2:76:df:21:3e:38:
65:44:90:09:ab:cc:67:94:3e:ff:14:03:b8:fc:27:
af:9f:2f:6e:67:31:c7:bb:e6:c3:3e:63:2a:32:99:
30:c3:76:a7:64:e0:a5:c1:8e:95:7b:73:0f:8a:cb:
32:bd:8c:20:5e:49:9b:6b:4c:5d:69:13:38:d6:da:
23:86:f0:19:0b:d4:81:59:74:a1:e4:f8:ad:1b:88:
73:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:38:74:3D:08:B2:18:C6:E4:C9:A4:43:EE:DE:24:8B:37:CD:49:63
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ejh0PQiyGMbkyaRD7t4kizfNSWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
31:f0:39:f7:9c:f9:b3:6f:5f:d7:77:26:8a:34:5a:ee:be:eb:
a3:85:7d:e7:52:fb:e5:47:e6:39:43:c1:5c:13:9c:ca:ad:fd:
09:a3:39:b0:06:dd:d0:bd:70:79:70:04:4c:2e:49:45:c0:63:
98:85:07:cd:fe:fb:b5:9c:5c:1b:d6:3e:fe:89:66:6c:90:c1:
0e:a6:5c:04:bb:29:c4:6d:5a:6f:58:75:6a:b2:ac:c5:7b:f6:
dc:43:97:25:cf:90:24:3f:41:5e:03:cb:10:0a:37:85:52:24:
9d:16:74:5e:6c:1e:95:1b:01:ae:31:cb:c7:a4:e5:0a:61:8c:
b0:4a:09:6c:ea:07:82:34:97:05:ef:8f:51:83:00:12:4c:88:
b2:2c:bf:0a:a4:dd:d4:b7:54:b2:32:09:75:38:5e:c1:6d:b7:
fd:51:22:36:8a:61:34:55:92:27:42:e5:e9:ed:0a:33:a4:5f:
a0:cb:f8:3c:5e:2a:a7:19:c6:52:50:f5:49:98:fa:19:03:b2:
e0:d8:b5:ef:c2:7b:fa:bb:25:b6:62:cb:63:56:80:ac:18:e1:
64:17:a8:df:4d:83:69:76:ab:ef:b6:58:93:bb:98:b5:2a:7a:
52:8c:66:5f:ee:56:da:0b:ce:a5:c7:86:2f:80:0f:1b:85:39:
41:c4:1f:9f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHO96ib1LA94mNpERO0NLVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA4MDAxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM4NzQzZDA4YjIxOGM2ZTRjOWE0NDNlZWRlMjQ4YjM3Y2Q0OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdYszHpuGE1v2CRhSNAg294U0VFn
dlEKAdxQrYqYH0VwJ3PdJDgAtqFs+KdQls4Wd+/0lWlSOtsVNLnD/7UQAtF1eIhu
GO43UGy44k7Iv4ihS/lmKiD2J3xg41lr9FpkLbYCKt3pkF4iWxK64VY8KwIwPuiL
Tp3d33WXF03Gq4bIKR4QWxggUKZhRuh8fLvNRZpTHqnsBrFcuGk5dcrMGvFL2WfV
M8ibLAypRYLSdt8hPjhlRJAJq8xnlD7/FAO4/Cevny9uZzHHu+bDPmMqMpkww3an
ZOClwY6Ve3MPissyvYwgXkmba0xdaRM41tojhvAZC9SBWXSh5PitG4hzkQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHo4dD0IshjG5MmkQ+7eJIs3zUljMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZWpoMFBRaXlHTWJreWFSRDd0NGtpemZOU1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAMfA595z5s29f13cmijRa7r7r
o4V951L75UfmOUPBXBOcyq39CaM5sAbd0L1weXAETC5JRcBjmIUHzf77tZxcG9Y+
/olmbJDBDqZcBLspxG1ab1h1arKsxXv23EOXJc+QJD9BXgPLEAo3hVIknRZ0Xmwe
lRsBrjHLx6TlCmGMsEoJbOoHgjSXBe+PUYMAEkyIsiy/CqTd1LdUsjIJdThewW23
/VEiNophNFWSJ0Ll6e0KM6RfoMv4PF4qpxnGUlD1SZj6GQOy4Ni178J7+rsltmLL
Y1aArBjhZBeo302DaXar77ZYk7uYtSp6UoxmX+5W2gvOpceGL4APG4U5QcQfnw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:22 2025 by rpki-client