Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hTKAtgkSKc868PLWdWxszfu6io4.roa
File: hTKAtgkSKc868PLWdWxszfu6io4.roa (raw, json)
Hash identifier: 6R3AFZ91Bt86ozAL3r4nTLXz6EPwPtqwu2CdD7iwPTU=
Subject key identifier: 85:32:80:B6:09:12:29:CF:3A:F0:F2:D6:75:6C:6C:CD:FB:BA:8A:8E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191701FDF88C708CB9C6B997BA6456313F2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hTKAtgkSKc868PLWdWxszfu6io4.roa
Signing time: Tue 20 Aug 2024 14:10:22 +0000
ROA not before: Tue 20 Aug 2024 14:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:1f:df:88:c7:08:cb:9c:6b:99:7b:a6:45:63:13:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 20 14:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853280b6091229cf3af0f2d6756c6ccdfbba8a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b0:46:cc:3a:ee:3c:e4:07:5c:a4:54:14:38:
ec:96:5f:33:cd:86:f5:00:e2:c2:6b:d4:2e:30:4b:
5f:82:25:a7:11:b0:eb:87:52:63:6a:0d:60:17:f2:
cf:21:ab:b7:83:82:85:25:e2:8e:cd:41:08:55:33:
13:fe:81:18:59:10:5a:1e:c7:03:75:4a:71:df:c9:
4d:c8:56:79:5b:e5:58:86:d7:a2:36:08:3d:50:07:
ca:f7:06:ea:b0:fd:d4:82:76:0b:12:3a:27:84:0f:
2e:92:ee:7c:af:33:da:3f:0c:91:95:d9:75:d3:7d:
1f:57:db:ee:39:47:5c:da:26:3d:0b:e9:a8:71:93:
75:3c:99:bd:1b:ca:8c:da:9e:46:f9:f9:e6:05:3f:
7b:1e:cb:98:01:dd:43:6f:00:16:30:2a:cc:4c:7a:
d0:03:80:78:25:10:03:20:c7:cf:da:10:08:ed:b3:
23:e4:02:0e:5b:f6:21:b3:82:bc:e0:73:5f:76:e9:
ae:8c:33:ca:96:15:ae:62:52:02:7e:11:85:40:36:
0d:41:27:9d:76:26:30:b5:25:2b:e1:c0:64:d1:65:
26:85:1a:98:d6:a4:9a:df:0b:b1:7c:42:ab:a9:cc:
51:cb:0d:79:bc:6a:57:3c:ed:7f:05:be:da:41:2f:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:32:80:B6:09:12:29:CF:3A:F0:F2:D6:75:6C:6C:CD:FB:BA:8A:8E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hTKAtgkSKc868PLWdWxszfu6io4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
81:72:05:36:ff:4a:2a:b6:4d:78:6d:ae:0e:0e:41:81:d6:e1:
16:9d:86:a7:15:55:f3:d2:65:ee:9e:98:d2:ec:e5:fe:90:d9:
7a:9e:99:8e:5c:8e:9f:85:6c:09:aa:49:65:9e:cd:46:47:72:
a0:a2:cb:70:3e:d4:d5:ba:34:20:95:d5:9e:65:3a:40:7b:55:
97:6b:b7:b0:6f:42:b6:b4:95:91:de:b0:74:48:75:2e:7a:de:
6a:33:aa:7b:71:c5:6f:fb:63:a9:cf:9a:43:9f:4b:77:e7:71:
90:09:47:0d:33:88:0d:af:99:df:84:54:d9:b8:a9:11:94:98:
4a:97:89:af:f6:a7:38:17:74:d0:e2:74:fe:d0:b2:07:80:39:
32:46:b0:45:0f:f5:52:da:d1:d2:e9:4d:4b:b0:90:2d:76:f6:
85:b7:3f:18:29:e7:cc:17:30:aa:e0:31:78:b5:9f:4c:50:14:
22:e2:e5:85:ae:fd:0a:6a:55:44:83:b5:29:3a:a1:d8:c3:8a:
26:29:bd:e7:72:c7:88:89:21:4b:aa:de:db:e3:6c:65:c8:95:
8f:b9:bc:90:4a:c9:a4:fd:f4:8f:10:41:ee:ad:37:85:09:22:
11:4d:cd:08:51:88:fd:a2:9d:d3:6d:1b:12:93:1f:48:bc:47:
70:25:98:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFwH9+IxwjLnGuZe6ZFYxPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIwMTQxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMyODBiNjA5MTIyOWNmM2FmMGYyZDY3NTZjNmNjZGZiYmE4YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorBGzDruPOQHXKRUFDjsll8zzYb1
AOLCa9QuMEtfgiWnEbDrh1Jjag1gF/LPIau3g4KFJeKOzUEIVTMT/oEYWRBaHscD
dUpx38lNyFZ5W+VYhteiNgg9UAfK9wbqsP3UgnYLEjonhA8uku58rzPaPwyRldl1
030fV9vuOUdc2iY9C+mocZN1PJm9G8qM2p5G+fnmBT97HsuYAd1DbwAWMCrMTHrQ
A4B4JRADIMfP2hAI7bMj5AIOW/Yhs4K84HNfdumujDPKlhWuYlICfhGFQDYNQSed
diYwtSUr4cBk0WUmhRqY1qSa3wuxfEKrqcxRyw15vGpXPO1/Bb7aQS+K0QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIUygLYJEinPOvDy1nVsbM37uoqOMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaFRLQXRna1NLYzg2OFBMV2RXeHN6ZnU2aW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAgXIFNv9KKrZNeG2uDg5Bgdbh
Fp2GpxVV89Jl7p6Y0uzl/pDZep6ZjlyOn4VsCapJZZ7NRkdyoKLLcD7U1bo0IJXV
nmU6QHtVl2u3sG9CtrSVkd6wdEh1LnreajOqe3HFb/tjqc+aQ59Ld+dxkAlHDTOI
Da+Z34RU2bipEZSYSpeJr/anOBd00OJ0/tCyB4A5MkawRQ/1UtrR0ulNS7CQLXb2
hbc/GCnnzBcwquAxeLWfTFAUIuLlha79CmpVRIO1KTqh2MOKJim953LHiIkhS6re
2+NsZciVj7m8kErJpP30jxBB7q03hQkiEU3NCFGI/aKd020bEpMfSLxHcCWYNg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:05:46 2025 by rpki-client