Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mk0oZnViOVfrzxm78H3Raxfkxl8.roa
File: mk0oZnViOVfrzxm78H3Raxfkxl8.roa (raw, json)
Hash identifier: aOfVadz5fleB1QAirgRSWU0hEEif0mXkSGs+hqhlvy0=
Subject key identifier: 9A:4D:28:66:75:62:39:57:EB:CF:19:BB:F0:7D:D1:6B:17:E4:C6:5F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01917E14708BD4BE9735C0D857CA70EFD42B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mk0oZnViOVfrzxm78H3Raxfkxl8.roa
Signing time: Fri 23 Aug 2024 07:12:34 +0000
ROA not before: Fri 23 Aug 2024 07:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:14:70:8b:d4:be:97:35:c0:d8:57:ca:70:ef:d4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 23 07:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a4d286675623957ebcf19bbf07dd16b17e4c65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:b8:72:fe:8d:23:cb:17:bd:49:97:3b:36:
a2:11:90:f8:6e:13:4e:2b:10:31:94:da:a2:b2:79:
77:ae:6a:69:94:b2:e8:e8:fc:d8:de:4d:29:06:dd:
42:3a:22:e4:70:50:c7:e2:55:bc:18:69:d6:95:d7:
38:49:2d:f3:22:ae:25:fd:ae:af:57:dd:d4:f7:e8:
bc:5a:dd:f4:f3:02:84:29:c1:55:e2:db:90:a8:52:
c0:d7:79:2e:48:33:cd:c2:f1:f7:78:5c:5c:16:cd:
f4:be:fd:2b:0f:e6:8e:13:bb:5c:33:e2:09:61:61:
f6:97:ed:c2:88:81:a8:65:79:6f:22:68:73:9c:e2:
80:0c:4a:a2:ae:23:8e:cf:e8:12:26:c0:8a:0b:d7:
6e:79:ce:e0:28:2d:cb:cf:27:a0:98:95:07:6b:0c:
7a:79:03:99:f9:9e:62:70:37:c8:18:54:05:89:55:
15:d3:65:00:dc:ae:aa:0e:bb:bc:26:1a:c4:b6:4a:
16:67:d6:51:d3:bb:f8:cf:bd:94:39:06:c6:0c:1d:
4a:77:02:b7:94:c7:19:de:93:ef:2e:2c:ce:6e:71:
65:d9:91:03:ae:83:5e:17:90:d3:e5:55:fc:d1:2f:
8a:51:54:7e:58:9f:6c:aa:ae:9c:43:5d:ef:f3:66:
8e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4D:28:66:75:62:39:57:EB:CF:19:BB:F0:7D:D1:6B:17:E4:C6:5F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mk0oZnViOVfrzxm78H3Raxfkxl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
09:2c:8b:26:78:99:63:b2:90:db:24:87:5b:dc:e2:25:9c:6e:
6a:2e:c3:a9:2b:9f:98:67:04:84:ca:80:56:eb:de:3d:12:93:
68:29:3c:69:d4:2a:5d:50:e3:75:8a:c8:75:f9:c0:5b:5e:49:
15:63:01:44:f1:7b:c8:bf:5b:85:a7:4a:bc:5d:7c:40:0f:eb:
4f:d7:f6:8a:52:4b:1b:05:3a:5d:7a:76:f6:19:a0:8a:9b:55:
7c:a3:5d:ab:29:bb:01:9b:0b:7e:03:91:75:73:a0:bc:77:e7:
c1:bd:84:b8:59:a0:05:3b:69:b9:61:74:b6:49:b2:4b:0e:fb:
34:f3:a9:4a:c1:d5:68:3a:e2:f5:18:f7:1d:6a:9b:90:a2:0e:
b6:1b:6a:80:3c:b9:89:29:24:03:84:6f:37:87:5b:49:ff:12:
60:1d:51:bd:5a:cf:54:08:64:f9:60:48:7a:aa:bd:8f:c2:ce:
80:59:2f:e7:da:37:8a:73:84:b8:3a:6f:fc:fd:cb:60:9f:cd:
94:e9:ab:fd:5c:8c:99:41:31:83:eb:71:a1:c8:5e:77:c9:45:
96:15:fe:f6:90:a7:3c:af:31:e5:66:70:7e:a3:2d:3c:92:23:
ba:54:77:72:cc:66:84:6d:fa:de:bb:36:16:13:4c:f5:10:b3:
f6:e6:1d:4f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZF+FHCL1L6XNcDYV8pw79QrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIzMDcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRkMjg2Njc1NjIzOTU3ZWJjZjE5YmJmMDdkZDE2YjE3ZTRjNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ai4cv6NI8sXvUmXOzaiEZD4bhNO
KxAxlNqisnl3rmpplLLo6PzY3k0pBt1COiLkcFDH4lW8GGnWldc4SS3zIq4l/a6v
V93U9+i8Wt308wKEKcFV4tuQqFLA13kuSDPNwvH3eFxcFs30vv0rD+aOE7tcM+IJ
YWH2l+3CiIGoZXlvImhznOKADEqiriOOz+gSJsCKC9duec7gKC3LzyegmJUHawx6
eQOZ+Z5icDfIGFQFiVUV02UA3K6qDru8JhrEtkoWZ9ZR07v4z72UOQbGDB1KdwK3
lMcZ3pPvLizObnFl2ZEDroNeF5DT5VX80S+KUVR+WJ9sqq6cQ13v82aO3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJpNKGZ1YjlX688Zu/B90WsX5MZfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbWswb1puVmlPVmZyenhtNzhIM1JheGZreGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEACSyLJniZY7KQ2ySHW9ziJZxu
ai7DqSufmGcEhMqAVuvePRKTaCk8adQqXVDjdYrIdfnAW15JFWMBRPF7yL9bhadK
vF18QA/rT9f2ilJLGwU6XXp29hmgiptVfKNdqym7AZsLfgORdXOgvHfnwb2EuFmg
BTtpuWF0tkmySw77NPOpSsHVaDri9Rj3HWqbkKIOthtqgDy5iSkkA4RvN4dbSf8S
YB1RvVrPVAhk+WBIeqq9j8LOgFkv59o3inOEuDpv/P3LYJ/NlOmr/VyMmUExg+tx
oched8lFlhX+9pCnPK8x5WZwfqMtPJIjulR3csxmhG363rs2FhNM9RCz9uYdTw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:17 2025 by rpki-client