Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gjreWf-cZuOzpDioY0NuBWXqfdc.roa
File: gjreWf-cZuOzpDioY0NuBWXqfdc.roa (raw, json)
Hash identifier: VEWIpL0ifTIbgEhpz+jpi1hZznRey9mhBj8NQq4sUjA=
Subject key identifier: 82:3A:DE:59:FF:9C:66:E3:B3:A4:38:A8:63:43:6E:05:65:EA:7D:D7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191204D0708A836C4EF147CF99908D02A9F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gjreWf-cZuOzpDioY0NuBWXqfdc.roa
Signing time: Mon 05 Aug 2024 02:10:04 +0000
ROA not before: Mon 05 Aug 2024 02:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:20:4d:07:08:a8:36:c4:ef:14:7c:f9:99:08:d0:2a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 02:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=823ade59ff9c66e3b3a438a863436e0565ea7dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:6d:25:5d:f2:de:b2:cc:a5:c6:85:6e:8a:
36:71:66:1d:3f:bf:6e:6a:db:2f:1a:28:fe:32:95:
56:03:4d:0f:9c:62:8a:8c:ac:e6:0c:39:7d:f4:d8:
a4:19:59:6d:fd:f5:b7:0a:16:c6:18:b1:86:78:77:
47:15:45:b2:84:b0:39:a2:9b:ea:f5:08:f2:9c:e9:
46:71:08:e3:81:53:77:22:f7:03:9c:e4:d6:4f:a4:
3c:75:58:e9:33:ea:a6:58:38:49:ed:f2:67:85:90:
cd:95:28:d5:68:11:d9:41:29:1a:04:9f:e7:12:64:
17:6f:ee:a0:a2:55:35:37:82:0e:d8:e0:0b:50:3d:
fb:99:99:52:16:9b:f3:e7:62:ce:e3:0d:f5:6b:4d:
4c:92:18:cb:38:90:63:af:88:af:71:27:fc:c5:dd:
84:70:7c:08:49:c1:56:cc:dd:e9:fc:3e:70:70:ee:
70:e5:1b:5a:3d:fe:0f:63:b3:65:a7:c9:e0:2d:69:
93:d8:31:91:e6:f7:a1:d9:91:24:91:64:af:87:08:
23:5b:ed:7d:52:5b:c1:da:fd:d1:0f:50:c9:00:2b:
e2:bb:c5:6b:cd:af:56:a2:6b:d4:2e:fd:02:f1:e5:
73:90:3e:54:38:16:20:24:c9:eb:69:a6:94:52:8d:
b9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3A:DE:59:FF:9C:66:E3:B3:A4:38:A8:63:43:6E:05:65:EA:7D:D7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gjreWf-cZuOzpDioY0NuBWXqfdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1d:55:cd:e9:c6:ee:4a:08:43:73:2a:46:14:d2:9b:63:53:9c:
55:db:90:9a:6b:62:06:ab:f9:22:2b:99:a8:b1:d6:7f:39:46:
02:a7:c6:48:ff:da:b5:03:7a:32:5b:2f:dd:74:f1:fb:f0:bd:
73:cb:b1:c6:8b:82:1b:9d:ba:6c:b3:a0:42:ea:55:75:c3:00:
02:80:27:4c:e9:72:db:85:b2:e5:a2:42:1b:cb:e3:4c:3b:84:
a3:c4:25:80:b0:35:97:6c:af:61:56:79:51:c5:28:a4:4b:7e:
ab:78:37:ed:c3:ab:74:4e:68:4d:62:24:ae:85:80:56:70:7a:
88:f5:b5:54:9c:a2:98:70:c6:71:8f:fa:cb:10:12:cb:af:53:
8e:74:9d:ea:fe:c4:f1:44:7b:09:6c:91:57:68:2d:7d:ac:f0:
52:28:44:46:dd:44:04:c4:97:53:a4:3f:2d:2c:63:c2:64:99:
69:6e:ab:40:95:7a:8f:76:cd:f9:37:cd:96:80:57:fa:4e:20:
87:ff:d2:3b:80:a4:66:60:7c:35:a9:a9:cf:6b:a4:ab:85:e3:
d7:97:3e:dc:c8:4b:11:c7:0f:ad:7c:09:e9:ec:6c:93:c4:e4:
61:a6:61:da:41:a9:52:a9:d7:cf:c8:23:9c:3b:df:2b:a8:15:
c7:7e:43:b0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEgTQcIqDbE7xR8+ZkI0CqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MDIxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjNhZGU1OWZmOWM2NmUzYjNhNDM4YTg2MzQzNmUwNTY1ZWE3ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAJtJV3y3rLMpcaFboo2cWYdP79u
atsvGij+MpVWA00PnGKKjKzmDDl99NikGVlt/fW3ChbGGLGGeHdHFUWyhLA5opvq
9QjynOlGcQjjgVN3IvcDnOTWT6Q8dVjpM+qmWDhJ7fJnhZDNlSjVaBHZQSkaBJ/n
EmQXb+6golU1N4IO2OALUD37mZlSFpvz52LO4w31a01MkhjLOJBjr4ivcSf8xd2E
cHwIScFWzN3p/D5wcO5w5RtaPf4PY7Nlp8ngLWmT2DGR5veh2ZEkkWSvhwgjW+19
UlvB2v3RD1DJACviu8Vrza9WomvULv0C8eVzkD5UOBYgJMnraaaUUo259QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFII63ln/nGbjs6Q4qGNDbgVl6n3XMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ2pyZVdmLWNadU96cERpb1kwTnVCV1hxZmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAHVXN6cbuSghDcypGFNKbY1Oc
VduQmmtiBqv5IiuZqLHWfzlGAqfGSP/atQN6Mlsv3XTx+/C9c8uxxouCG526bLOg
QupVdcMAAoAnTOly24Wy5aJCG8vjTDuEo8QlgLA1l2yvYVZ5UcUopEt+q3g37cOr
dE5oTWIkroWAVnB6iPW1VJyimHDGcY/6yxASy69TjnSd6v7E8UR7CWyRV2gtfazw
UihERt1EBMSXU6Q/LSxjwmSZaW6rQJV6j3bN+TfNloBX+k4gh//SO4CkZmB8Namp
z2ukq4Xj15c+3MhLEccPrXwJ6exsk8TkYaZh2kGpUqnXz8gjnDvfK6gVx35DsA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:22:06 2025 by rpki-client