Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nC1pKhGx_dRcpnjR8d9XUEySB2E.roa
File: nC1pKhGx_dRcpnjR8d9XUEySB2E.roa (raw, json)
Hash identifier: sQLQrQ9GyyN18fMOeni/qyaj2/7zwvJkZQO7hL6646w=
Subject key identifier: 9C:2D:69:2A:11:B1:FD:D4:5C:A6:78:D1:F1:DF:57:50:4C:92:07:61
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190E87E3A2A1217F0D7DA5064101A536060
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nC1pKhGx_dRcpnjR8d9XUEySB2E.roa
Signing time: Thu 25 Jul 2024 06:05:04 +0000
ROA not before: Thu 25 Jul 2024 06:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:e87d:7aaf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:7e:3a:2a:12:17:f0:d7:da:50:64:10:1a:53:60:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 25 06:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c2d692a11b1fdd45ca678d1f1df57504c920761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:24:49:c1:67:3f:1d:fb:3e:ec:67:b4:71:00:
2e:ca:e5:8b:1e:4b:f6:3d:a5:1f:9a:c3:75:33:8f:
6a:73:a3:33:d8:8e:aa:cc:82:7b:c8:25:bf:18:ca:
ab:43:a7:f0:70:43:ab:16:a1:93:58:2b:14:b1:8e:
c1:b4:04:a9:1e:79:7e:68:66:43:15:4a:5a:ce:3f:
bb:ac:61:cd:da:ba:b5:8b:35:6a:59:61:73:94:96:
7f:bb:62:29:a0:89:40:4c:3a:80:e7:7c:6e:77:4b:
06:9d:4f:1f:63:8e:52:33:27:ee:82:70:8f:25:f6:
71:72:55:c7:91:c7:2d:7d:a7:cc:1a:9a:9a:bf:16:
b8:ac:81:12:25:16:e3:40:fe:cf:37:4b:8c:f7:98:
f1:58:4c:77:53:1e:fa:7b:b5:ff:f1:70:3c:9c:29:
10:85:65:2f:bb:43:f7:0d:ad:d1:23:07:96:5a:af:
da:4e:62:7a:6d:2a:17:fc:7c:e9:56:4e:40:41:0c:
95:c6:c4:fd:aa:40:dc:7f:33:e5:8a:d9:74:22:4c:
d9:63:a5:b8:c1:ad:b9:72:b2:a3:01:c1:08:08:13:
d1:73:cf:be:24:4b:b5:09:10:e4:6a:f5:8d:a4:30:
0d:5e:b7:36:77:4b:4b:1a:0b:a2:21:53:cd:98:f2:
fd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2D:69:2A:11:B1:FD:D4:5C:A6:78:D1:F1:DF:57:50:4C:92:07:61
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nC1pKhGx_dRcpnjR8d9XUEySB2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:e87d:7aaf/128
Signature Algorithm: sha256WithRSAEncryption
7f:2d:f5:91:82:18:be:28:77:d5:28:a5:60:ff:79:c3:09:33:
52:fe:68:06:b9:25:1c:db:f1:cb:d9:c8:25:59:86:b1:d3:d1:
81:7a:57:cd:45:89:b9:30:a2:c6:b9:8f:1d:36:e7:11:14:8c:
6f:22:c7:eb:42:d2:e1:58:6c:3b:60:ec:66:bb:2c:1f:b6:ec:
d4:6d:9c:15:c0:f5:d9:07:50:8c:03:c2:1e:6a:1f:c5:57:64:
53:ac:83:de:3f:8a:77:65:56:c0:6c:dc:a3:55:9c:6c:d5:b8:
cd:d6:20:60:47:59:36:04:15:44:eb:3c:1d:60:fc:81:6e:78:
92:e2:cf:b5:62:7d:50:96:1b:fd:16:f1:42:20:f1:f6:42:d2:
11:d9:ce:9f:49:5d:a8:c2:e1:3c:f5:51:32:e0:cc:84:13:f3:
cd:7d:51:79:a7:c4:18:ac:bb:56:9f:91:fe:bd:e1:c4:e3:0b:
36:e5:29:d8:f6:8a:ba:53:80:63:75:e4:77:da:44:09:9d:97:
af:3a:08:06:95:58:f2:5a:62:60:8c:d2:8b:42:1d:bb:99:a7:
f5:45:fe:31:18:bb:2c:18:bd:19:18:38:69:eb:e4:5f:c2:d7:
5d:45:88:51:54:32:1c:3c:f5:6a:0d:a1:58:5e:4b:b3:27:69:
a6:76:a8:05
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZDofjoqEhfw19pQZBAaU2BgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI1MDYwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJkNjkyYTExYjFmZGQ0NWNhNjc4ZDFmMWRmNTc1MDRjOTIwNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiRJwWc/Hfs+7Ge0cQAuyuWLHkv2
PaUfmsN1M49qc6Mz2I6qzIJ7yCW/GMqrQ6fwcEOrFqGTWCsUsY7BtASpHnl+aGZD
FUpazj+7rGHN2rq1izVqWWFzlJZ/u2IpoIlATDqA53xud0sGnU8fY45SMyfugnCP
JfZxclXHkcctfafMGpqavxa4rIESJRbjQP7PN0uM95jxWEx3Ux76e7X/8XA8nCkQ
hWUvu0P3Da3RIweWWq/aTmJ6bSoX/HzpVk5AQQyVxsT9qkDcfzPlitl0IkzZY6W4
wa25crKjAcEICBPRc8++JEu1CRDkavWNpDANXrc2d0tLGguiIVPNmPL9oQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJwtaSoRsf3UXKZ40fHfV1BMkgdhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbkMxcEtoR3hfZFJjcG5qUjhkOVhVRXlTQjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ6H16rzANBgkqhkiG9w0BAQsFAAOCAQEAfy31kYIYvih31SilYP95wwkz
Uv5oBrklHNvxy9nIJVmGsdPRgXpXzUWJuTCixrmPHTbnERSMbyLH60LS4VhsO2Ds
ZrssH7bs1G2cFcD12QdQjAPCHmofxVdkU6yD3j+Kd2VWwGzco1WcbNW4zdYgYEdZ
NgQVROs8HWD8gW54kuLPtWJ9UJYb/RbxQiDx9kLSEdnOn0ldqMLhPPVRMuDMhBPz
zX1ReafEGKy7Vp+R/r3hxOMLNuUp2PaKulOAY3Xkd9pECZ2XrzoIBpVY8lpiYIzS
i0Idu5mn9UX+MRi7LBi9GRg4aevkX8LXXUWIUVQyHDz1ag2hWF5LsydppnaoBQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:33:15 2025 by rpki-client