Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kE-BNkNiMkrcP1SknimhVyMtEE8.roa
File: kE-BNkNiMkrcP1SknimhVyMtEE8.roa (raw, json)
Hash identifier: pslUAIxfHKcsae6X3fLHhRWlVHWUV64CfhGRenMHoY4=
Subject key identifier: 90:4F:81:36:43:62:32:4A:DC:3F:54:A4:9E:29:A1:57:23:2D:10:4F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019185272D4AC209585E54A22BA0A2C77F01
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kE-BNkNiMkrcP1SknimhVyMtEE8.roa
Signing time: Sat 24 Aug 2024 16:10:22 +0000
ROA not before: Sat 24 Aug 2024 16:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:85:27:2d:4a:c2:09:58:5e:54:a2:2b:a0:a2:c7:7f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 24 16:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904f81364362324adc3f54a49e29a157232d104f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bc:3b:57:1f:01:38:7f:d5:24:c6:33:77:54:
57:44:e7:db:14:00:37:a6:5a:7b:d2:28:a7:e0:3e:
fb:3f:6d:e2:6a:ae:8f:bd:2f:17:1d:1f:44:7c:0a:
71:28:24:7a:e4:80:3f:ce:d9:08:9f:20:6d:a5:6a:
80:d9:1f:0f:42:91:06:85:b6:28:2c:70:59:31:2b:
9e:cc:fd:bd:2d:38:0d:cb:9c:f9:f1:a4:dc:d7:3e:
8d:b7:72:48:9e:45:67:50:99:df:97:01:b2:77:dd:
72:90:55:20:7a:9e:75:2b:76:b8:47:a4:cd:7c:13:
fc:b2:b0:38:01:36:91:d9:81:b1:b2:a3:05:de:a6:
b9:d1:ce:22:57:73:17:38:2f:82:7a:41:d6:04:99:
da:38:74:d2:d8:c8:08:d2:45:73:23:94:df:17:8c:
52:8b:15:00:79:da:33:51:d5:e3:c8:0e:2e:b2:31:
e4:ed:86:87:2c:32:58:9d:66:40:65:95:b5:77:ea:
8a:5c:67:ba:51:23:86:f0:16:e3:3d:fc:a8:57:16:
86:e9:4c:1f:5c:70:ee:a3:1b:99:11:f1:3b:52:ce:
da:58:5e:ae:99:ce:1c:82:d4:f4:16:fb:dd:b3:c6:
72:6b:50:58:2b:23:b2:42:2c:d3:da:c2:d2:56:52:
19:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4F:81:36:43:62:32:4A:DC:3F:54:A4:9E:29:A1:57:23:2D:10:4F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kE-BNkNiMkrcP1SknimhVyMtEE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
01:2d:f6:d9:9e:93:3d:53:8b:f2:9e:c5:ed:5b:06:15:4e:99:
29:aa:a4:e8:12:59:22:3d:35:f7:4c:c2:a6:9a:c7:51:e0:b4:
36:25:93:ad:d7:e8:42:e0:f9:33:cf:35:2d:3d:b2:fd:24:4d:
4f:f0:7c:65:67:0d:9b:23:d4:fb:3e:62:a5:8e:52:80:40:18:
92:e5:cc:b3:e8:e9:41:17:ca:3e:c4:8a:cd:ff:8e:d0:48:df:
74:72:c1:4d:28:25:73:04:da:ac:01:82:c6:c1:cf:30:ce:a5:
a0:e1:3d:95:a6:2c:64:c7:10:71:bd:c1:0a:fd:13:f4:a5:68:
0f:87:3e:79:16:24:61:59:63:eb:10:e4:5b:ed:1d:4c:c1:65:
96:ea:5a:86:7a:47:b4:d6:04:f2:bb:b5:d1:96:97:d6:6a:c6:
f1:e4:2d:01:e7:45:ee:be:d5:30:63:f4:3d:5c:d4:2a:db:27:
d8:4a:ed:d4:b9:b5:03:29:7d:9a:88:eb:27:8f:24:c9:54:47:
39:d6:6d:ad:26:e0:69:c4:2e:1a:27:4a:c3:05:8b:db:ae:b8:
28:ba:7e:45:d5:b2:5a:54:79:3d:cf:00:0b:07:80:ae:d7:9a:
1e:9b:9f:22:b3:35:8d:3e:53:f5:83:41:f3:8f:5c:7e:1a:44:
7f:dd:55:f1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGFJy1KwglYXlSiK6Cix38BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI0MTYxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRmODEzNjQzNjIzMjRhZGMzZjU0YTQ5ZTI5YTE1NzIzMmQxMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrw7Vx8BOH/VJMYzd1RXROfbFAA3
plp70iin4D77P23iaq6PvS8XHR9EfApxKCR65IA/ztkInyBtpWqA2R8PQpEGhbYo
LHBZMSuezP29LTgNy5z58aTc1z6Nt3JInkVnUJnflwGyd91ykFUgep51K3a4R6TN
fBP8srA4ATaR2YGxsqMF3qa50c4iV3MXOC+CekHWBJnaOHTS2MgI0kVzI5TfF4xS
ixUAedozUdXjyA4usjHk7YaHLDJYnWZAZZW1d+qKXGe6USOG8BbjPfyoVxaG6Uwf
XHDuoxuZEfE7Us7aWF6umc4cgtT0Fvvds8Zya1BYKyOyQizT2sLSVlIZVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJBPgTZDYjJK3D9UpJ4poVcjLRBPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva0UtQk5rTmlNa3JjUDFTa25pbWhWeU10RUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAAS322Z6TPVOL8p7F7VsGFU6Z
Kaqk6BJZIj0190zCpprHUeC0NiWTrdfoQuD5M881LT2y/SRNT/B8ZWcNmyPU+z5i
pY5SgEAYkuXMs+jpQRfKPsSKzf+O0EjfdHLBTSglcwTarAGCxsHPMM6loOE9laYs
ZMcQcb3BCv0T9KVoD4c+eRYkYVlj6xDkW+0dTMFllupahnpHtNYE8ru10ZaX1mrG
8eQtAedF7r7VMGP0PVzUKtsn2Ert1Lm1Ayl9mojrJ48kyVRHOdZtrSbgacQuGidK
wwWL2664KLp+RdWyWlR5Pc8ACweArteaHpufIrM1jT5T9YNB849cfhpEf91V8Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:58:02 2025 by rpki-client