Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lZUGYdTqEraurx9_dlo-2-e1gE8.roa
File: lZUGYdTqEraurx9_dlo-2-e1gE8.roa (raw, json)
Hash identifier: ae1r15yFThL1Axxe+Zd5KdFtIXrsX/ao6JesbvcdlC4=
Subject key identifier: 95:95:06:61:D4:EA:12:B6:AE:AF:1F:7F:76:5A:3E:DB:E7:B5:80:4F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191437F09B5DAB2C4F52DB12B5C3C59520B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lZUGYdTqEraurx9_dlo-2-e1gE8.roa
Signing time: Sun 11 Aug 2024 22:11:24 +0000
ROA not before: Sun 11 Aug 2024 22:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:43:7f:09:b5:da:b2:c4:f5:2d:b1:2b:5c:3c:59:52:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 11 22:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95950661d4ea12b6aeaf1f7f765a3edbe7b5804f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f8:15:45:9c:87:ae:68:fe:d9:63:74:1e:97:
80:67:6c:54:88:3b:57:fe:f6:53:fa:34:23:ab:62:
e4:ac:4f:bc:02:c4:69:bc:66:ff:ec:6f:d8:7c:09:
f7:59:43:29:24:27:3b:b5:5a:48:e0:2d:86:c4:ea:
d3:2c:a7:5f:8a:15:13:63:db:00:2a:d2:77:8c:91:
b5:97:1f:65:e5:71:c9:18:39:84:1d:aa:fd:2e:67:
2a:44:7f:77:60:8e:37:a6:00:75:b4:7c:58:34:5c:
db:0b:2f:7c:10:00:cd:48:a6:0f:a0:72:c2:04:b4:
71:73:8f:f6:05:12:d2:47:3b:d0:49:88:9f:5e:1e:
96:bc:bd:ab:65:03:f3:b5:a2:bb:9d:80:39:6a:ad:
52:f0:85:04:13:82:dd:69:f0:73:83:dc:bd:04:88:
2b:a2:4e:1b:4c:05:a3:d6:76:ad:a1:65:51:7e:46:
46:31:27:49:4c:3b:59:25:35:6e:09:0f:45:d1:27:
2d:fb:6e:e1:12:34:53:ec:db:73:6a:1a:55:e4:75:
40:04:48:8a:72:ee:a0:8f:53:fa:93:c0:ee:3a:a6:
bf:aa:9e:b9:58:25:8f:98:aa:bf:78:6c:b0:ef:49:
e5:5d:d9:09:46:cf:fd:a0:bf:7e:4d:01:66:61:9d:
00:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:95:06:61:D4:EA:12:B6:AE:AF:1F:7F:76:5A:3E:DB:E7:B5:80:4F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lZUGYdTqEraurx9_dlo-2-e1gE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5e:97:06:ca:b8:56:8a:2c:4c:89:c3:d7:ec:c5:33:38:82:c7:
cc:28:92:ef:9a:62:db:e7:88:ba:64:52:a5:bc:9c:c9:7d:41:
c9:26:06:db:44:25:5c:45:af:5c:5b:1a:80:75:ab:8d:e7:b4:
3e:cc:40:ba:fc:c8:b9:0d:63:09:dd:df:fa:62:35:9f:4d:74:
be:44:5f:fe:13:ec:02:c4:f4:33:8f:78:47:c4:0e:e4:16:4c:
1e:ef:cd:fd:8c:10:28:ec:01:61:a1:80:b5:9c:15:e4:9b:9f:
e7:41:8f:6f:be:66:9e:7d:74:66:93:8e:d5:55:ea:da:16:78:
fd:a5:c0:6c:90:1b:2b:cc:61:d2:89:2e:88:79:ad:6a:ea:e0:
9f:a9:dd:e8:f1:c5:68:c4:37:28:64:91:4f:59:23:f8:46:f8:
f7:85:86:b8:12:06:19:2b:ea:11:f7:d0:3c:ef:0d:c6:35:a7:
02:65:4b:69:20:9f:18:a6:51:22:0c:13:72:38:f8:fe:a3:cc:
ab:a9:51:3b:ef:27:75:b5:31:9b:fa:87:9e:f3:f4:57:0c:5e:
4a:3d:75:74:c8:31:66:bd:68:ed:26:d1:64:32:fa:3b:f0:6c:
c2:67:8c:e8:ff:30:2e:cf:1a:62:a8:79:43:36:73:49:0c:71:
e0:ac:5f:37
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFDfwm12rLE9S2xK1w8WVILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODExMjIxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk1MDY2MWQ0ZWExMmI2YWVhZjFmN2Y3NjVhM2VkYmU3YjU4MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPgVRZyHrmj+2WN0HpeAZ2xUiDtX
/vZT+jQjq2LkrE+8AsRpvGb/7G/YfAn3WUMpJCc7tVpI4C2GxOrTLKdfihUTY9sA
KtJ3jJG1lx9l5XHJGDmEHar9LmcqRH93YI43pgB1tHxYNFzbCy98EADNSKYPoHLC
BLRxc4/2BRLSRzvQSYifXh6WvL2rZQPztaK7nYA5aq1S8IUEE4LdafBzg9y9BIgr
ok4bTAWj1natoWVRfkZGMSdJTDtZJTVuCQ9F0Sct+27hEjRT7NtzahpV5HVABEiK
cu6gj1P6k8DuOqa/qp65WCWPmKq/eGyw70nlXdkJRs/9oL9+TQFmYZ0ArwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJWVBmHU6hK2rq8ff3ZaPtvntYBPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbFpVR1lkVHFFcmF1cng5X2Rsby0yLWUxZ0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAXpcGyrhWiixMicPX7MUzOILH
zCiS75pi2+eIumRSpbycyX1BySYG20QlXEWvXFsagHWrjee0PsxAuvzIuQ1jCd3f
+mI1n010vkRf/hPsAsT0M494R8QO5BZMHu/N/YwQKOwBYaGAtZwV5Juf50GPb75m
nn10ZpOO1VXq2hZ4/aXAbJAbK8xh0okuiHmtaurgn6nd6PHFaMQ3KGSRT1kj+Eb4
94WGuBIGGSvqEffQPO8NxjWnAmVLaSCfGKZRIgwTcjj4/qPMq6lRO+8ndbUxm/qH
nvP0VwxeSj11dMgxZr1o7SbRZDL6O/BswmeM6P8wLs8aYqh5QzZzSQxx4KxfNw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:09:12 2025 by rpki-client