Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kj2W8s1-4x43675awatS6qXnf0c.roa
File: kj2W8s1-4x43675awatS6qXnf0c.roa (raw, json)
Hash identifier: xdHD5p2V8LVk125yhxXQWJC92uw03NEpNDWIjxw1P4g=
Subject key identifier: 92:3D:96:F2:CD:7E:E3:1E:37:EB:BE:5A:C1:AB:52:EA:A5:E7:7F:47
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019170C6D840B7A1FE79D60D13110DC0CE36
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kj2W8s1-4x43675awatS6qXnf0c.roa
Signing time: Tue 20 Aug 2024 17:12:45 +0000
ROA not before: Tue 20 Aug 2024 17:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:c6:d8:40:b7:a1:fe:79:d6:0d:13:11:0d:c0:ce:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 20 17:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923d96f2cd7ee31e37ebbe5ac1ab52eaa5e77f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:c2:1b:c1:54:20:40:4c:5f:b9:dd:cf:99:
0b:3c:60:a5:bc:ca:44:a5:3f:74:2d:47:3e:05:24:
ef:22:5a:5e:f0:57:23:89:89:06:4d:7c:17:ea:a9:
48:74:fc:7a:fe:ea:17:98:1c:af:66:4d:48:4c:94:
f3:a0:1f:1b:33:1e:e7:95:75:ed:44:2f:63:8c:19:
84:16:d7:d0:da:af:e6:25:4c:1e:df:93:e7:d9:5d:
6e:9a:95:0c:d6:a8:4d:a6:0f:5e:1d:d1:b2:43:ac:
16:1d:4a:28:a0:01:96:2d:f6:68:a2:2d:f4:38:23:
8c:b2:72:30:b9:d7:f1:4d:f6:f4:3c:d8:e3:41:3c:
96:41:22:18:4d:19:40:0e:1e:05:bd:42:11:01:93:
73:b9:2e:9a:70:ce:b8:ba:09:23:14:be:fa:5a:31:
e5:9a:f4:77:93:fc:f8:8e:93:57:de:d6:3b:43:d1:
76:cc:32:72:04:0d:ae:57:88:19:20:eb:ae:84:05:
ed:23:be:a8:62:64:39:3d:e6:f1:43:90:89:e8:11:
de:9f:f1:75:5f:39:ad:6e:2a:0f:e6:e7:d6:ca:12:
a6:58:b1:e0:11:09:cb:f8:18:5a:ab:e8:d5:ed:df:
54:dd:74:8f:6a:d4:2a:45:b8:fa:c4:18:21:38:e7:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3D:96:F2:CD:7E:E3:1E:37:EB:BE:5A:C1:AB:52:EA:A5:E7:7F:47
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/kj2W8s1-4x43675awatS6qXnf0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
26:f4:a4:02:a3:52:b6:d0:fa:60:44:03:91:41:d6:3e:f5:97:
7d:22:6b:19:e6:64:ec:3d:0c:33:97:26:c7:03:c2:ba:5c:34:
28:53:f4:a6:09:21:f4:ce:c5:81:f0:51:43:0c:0a:9b:98:5e:
43:62:9b:bd:84:5f:47:eb:cf:a3:86:aa:2b:f7:e5:36:02:df:
61:51:bb:4d:28:08:05:06:c5:46:c2:c5:05:51:08:0f:b5:1f:
56:87:33:3a:c5:b0:f4:a8:6f:6b:f8:34:7a:0a:5f:7e:fe:7c:
4c:81:d1:03:d6:66:ba:20:3b:6d:cb:3d:7e:a4:01:fe:29:89:
cb:c7:a0:22:22:26:9a:eb:39:97:e2:7a:bf:cd:0f:42:d9:48:
5f:da:65:e5:c8:5d:76:da:81:75:3c:14:83:c2:75:04:20:af:
da:6a:56:fb:e5:1f:db:ba:3a:eb:a5:4b:09:1a:15:e0:68:5f:
71:01:64:46:02:2b:2c:0e:98:6f:24:07:e5:b0:46:76:d6:6f:
08:d7:40:fa:90:a8:70:16:31:b4:ea:e0:cd:1a:c9:39:77:4c:
c8:28:11:85:42:58:52:fd:ae:6d:37:e6:01:19:3b:f6:8e:9a:
8b:a1:3d:f3:c3:4e:18:a2:71:d8:d5:9f:e4:34:13:98:bd:46:
04:2d:c6:c6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFwxthAt6H+edYNExENwM42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIwMTcxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNkOTZmMmNkN2VlMzFlMzdlYmJlNWFjMWFiNTJlYWE1ZTc3ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r7CG8FUIEBMX7ndz5kLPGClvMpE
pT90LUc+BSTvIlpe8FcjiYkGTXwX6qlIdPx6/uoXmByvZk1ITJTzoB8bMx7nlXXt
RC9jjBmEFtfQ2q/mJUwe35Pn2V1umpUM1qhNpg9eHdGyQ6wWHUoooAGWLfZooi30
OCOMsnIwudfxTfb0PNjjQTyWQSIYTRlADh4FvUIRAZNzuS6acM64ugkjFL76WjHl
mvR3k/z4jpNX3tY7Q9F2zDJyBA2uV4gZIOuuhAXtI76oYmQ5PebxQ5CJ6BHen/F1
XzmtbioP5ufWyhKmWLHgEQnL+Bhaq+jV7d9U3XSPatQqRbj6xBghOOdYhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJI9lvLNfuMeN+u+WsGrUuql539HMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEva2oyVzhzMS00eDQzNjc1YXdhdFM2cVhuZjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAJvSkAqNSttD6YEQDkUHWPvWX
fSJrGeZk7D0MM5cmxwPCulw0KFP0pgkh9M7FgfBRQwwKm5heQ2KbvYRfR+vPo4aq
K/flNgLfYVG7TSgIBQbFRsLFBVEID7UfVoczOsWw9Khva/g0egpffv58TIHRA9Zm
uiA7bcs9fqQB/imJy8egIiImmus5l+J6v80PQtlIX9pl5chddtqBdTwUg8J1BCCv
2mpW++Uf27o666VLCRoV4GhfcQFkRgIrLA6YbyQH5bBGdtZvCNdA+pCocBYxtOrg
zRrJOXdMyCgRhUJYUv2ubTfmARk79o6ai6E988NOGKJx2NWf5DQTmL1GBC3Gxg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 13:57:02 2025 by rpki-client