Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ik_neOY56CPMr2TPzfN4hD0dlS8.roa
File: ik_neOY56CPMr2TPzfN4hD0dlS8.roa (raw, json)
Hash identifier: m/ZZMqrGfWoJ6mBw/+wXxD2OqxBBsM9ax+r/4Nd3v98=
Subject key identifier: 8A:4F:E7:78:E6:39:E8:23:CC:AF:64:CF:CD:F3:78:84:3D:1D:95:2F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019322D69B7530153EC667F4E139B5C05511
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ik_neOY56CPMr2TPzfN4hD0dlS8.roa
Signing time: Wed 13 Nov 2024 00:05:10 +0000
ROA not before: Wed 13 Nov 2024 00:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:22d5:ddcd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:22:d6:9b:75:30:15:3e:c6:67:f4:e1:39:b5:c0:55:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 13 00:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a4fe778e639e823ccaf64cfcdf378843d1d952f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fe:4f:7a:d6:e6:d0:29:3a:b3:36:e2:c8:97:
cc:8d:4a:15:e7:e4:b2:a9:05:b6:10:e2:cc:06:6b:
ce:33:fb:83:8c:6a:8c:1b:4a:10:23:74:ed:a8:c0:
54:dd:61:b9:70:fe:37:32:3d:6a:82:3f:b9:b9:cb:
11:fc:0c:0f:3c:76:65:06:4f:28:5f:aa:37:4f:28:
c3:65:f8:ee:09:e9:2b:f5:2f:03:11:99:ad:46:80:
01:5c:a4:02:2e:8e:8a:51:87:4d:9a:0e:9b:d2:31:
09:85:17:bd:03:5a:41:6c:f5:59:de:a8:92:09:5a:
84:69:2b:37:16:23:36:c2:cb:2a:62:eb:44:07:ae:
2d:31:28:1b:d4:80:ae:91:78:57:d4:38:32:ae:a2:
19:8f:7e:c3:64:54:ae:4e:df:c3:52:97:be:cd:55:
38:6f:4b:bb:84:72:61:9b:50:98:3a:b3:ca:ef:1d:
4e:c2:3e:e9:4c:a1:d6:5d:af:dd:c0:56:3f:54:73:
c3:e2:35:7e:af:79:4d:28:85:a1:5e:c1:de:bd:f7:
fc:19:9b:21:27:58:bf:5f:a8:55:a4:e3:97:ef:03:
50:ec:d0:fa:f3:81:9a:b4:49:d3:94:54:a9:a5:fb:
37:aa:50:b1:f8:3d:bb:37:5d:e0:75:b1:6d:09:19:
ce:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4F:E7:78:E6:39:E8:23:CC:AF:64:CF:CD:F3:78:84:3D:1D:95:2F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ik_neOY56CPMr2TPzfN4hD0dlS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:22d5:ddcd/128
Signature Algorithm: sha256WithRSAEncryption
0c:ae:5a:54:de:7a:86:a8:e3:54:47:c3:22:0d:a7:b2:c3:d2:
e1:31:76:85:98:00:39:86:90:64:64:bb:1d:fa:b1:a8:bd:0d:
ea:e1:27:20:a4:a7:75:ed:97:de:8c:67:cf:1d:fe:7d:fe:6a:
3b:16:82:5c:da:5a:6b:23:cb:55:07:df:0f:bf:89:be:a8:36:
b9:3a:21:86:fa:9d:10:4e:8a:1b:20:5f:67:a9:b7:28:d4:1c:
4d:a3:46:8f:85:2f:10:03:3f:32:1d:fe:d2:a8:5d:ab:c4:dd:
13:44:2b:89:2a:29:eb:78:db:63:78:b8:9b:3d:05:90:6e:24:
0f:4e:46:2f:c5:13:3b:fc:5b:79:6e:57:e3:09:c7:dd:59:2e:
61:85:08:0b:68:9a:3b:48:05:40:3a:78:59:c1:4f:7e:b1:eb:
3d:d2:2d:c4:f6:a7:78:0b:a1:87:b3:68:09:04:1a:e9:c8:ea:
ea:8e:a1:f8:53:33:21:49:a9:3d:33:d8:58:3c:c7:03:cf:9e:
f5:82:91:37:17:e8:a5:dc:01:1e:22:63:1e:af:93:a1:b4:cd:
1b:21:e0:08:10:e9:e1:64:81:e2:a4:95:a1:27:34:fb:da:02:
06:5e:e9:ca:26:a5:76:f3:78:93:d0:8f:53:ed:92:03:5b:0e:
fb:44:6e:9d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZMi1pt1MBU+xmf04Tm1wFURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTEzMDAwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRmZTc3OGU2MzllODIzY2NhZjY0Y2ZjZGYzNzg4NDNkMWQ5NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3P5Petbm0Ck6szbiyJfMjUoV5+Sy
qQW2EOLMBmvOM/uDjGqMG0oQI3TtqMBU3WG5cP43Mj1qgj+5ucsR/AwPPHZlBk8o
X6o3TyjDZfjuCekr9S8DEZmtRoABXKQCLo6KUYdNmg6b0jEJhRe9A1pBbPVZ3qiS
CVqEaSs3FiM2wssqYutEB64tMSgb1ICukXhX1DgyrqIZj37DZFSuTt/DUpe+zVU4
b0u7hHJhm1CYOrPK7x1Owj7pTKHWXa/dwFY/VHPD4jV+r3lNKIWhXsHevff8GZsh
J1i/X6hVpOOX7wNQ7ND684GatEnTlFSppfs3qlCx+D27N13gdbFtCRnOIwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIpP53jmOegjzK9kz83zeIQ9HZUvMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaWtfbmVPWTU2Q1BNcjJUUHpmTjRoRDBkbFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTItXdzTANBgkqhkiG9w0BAQsFAAOCAQEADK5aVN56hqjjVEfDIg2nssPS
4TF2hZgAOYaQZGS7HfqxqL0N6uEnIKSnde2X3oxnzx3+ff5qOxaCXNpaayPLVQff
D7+Jvqg2uTohhvqdEE6KGyBfZ6m3KNQcTaNGj4UvEAM/Mh3+0qhdq8TdE0QriSop
63jbY3i4mz0FkG4kD05GL8UTO/xbeW5X4wnH3VkuYYUIC2iaO0gFQDp4WcFPfrHr
PdItxPaneAuhh7NoCQQa6cjq6o6h+FMzIUmpPTPYWDzHA8+e9YKRNxfopdwBHiJj
Hq+TobTNGyHgCBDp4WSB4qSVoSc0+9oCBl7pyialdvN4k9CPU+2SA1sO+0RunQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:07:26 2025 by rpki-client