Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nXgDieLv4T4qy7amPC25xZj2W4I.roa
File: nXgDieLv4T4qy7amPC25xZj2W4I.roa (raw, json)
Hash identifier: 64tvPUNhhRQ/zwLU2jnU2e+Mq26ukV535eolBHK6o2Y=
Subject key identifier: 9D:78:03:89:E2:EF:E1:3E:2A:CB:B6:A6:3C:2D:B9:C5:98:F6:5B:82
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190FED49C48ECBDE49A40EBC547AE42F599
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nXgDieLv4T4qy7amPC25xZj2W4I.roa
Signing time: Mon 29 Jul 2024 14:11:04 +0000
ROA not before: Mon 29 Jul 2024 14:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:d4:9c:48:ec:bd:e4:9a:40:eb:c5:47:ae:42:f5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 29 14:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d780389e2efe13e2acbb6a63c2db9c598f65b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6b:30:ee:a0:b9:f6:59:2d:bb:04:a8:29:33:
47:a5:00:03:94:04:bd:5d:1b:fd:1e:7f:aa:26:74:
80:04:53:38:ee:fa:01:6f:b0:ff:31:ee:05:0f:3a:
60:90:03:20:92:d1:d8:ff:c1:f3:e0:e1:b5:88:ec:
18:88:e6:2f:7c:27:52:bf:ac:88:a6:cf:8a:b5:4d:
f8:1a:47:e4:aa:6b:f3:91:6e:3a:27:e7:82:4d:7c:
5b:5f:37:ab:6a:a7:e4:a2:b5:e7:da:48:d4:04:61:
76:ec:e6:83:60:89:09:a3:45:6e:c0:e9:c9:90:1c:
a5:b5:10:96:17:60:80:aa:08:7d:22:28:59:db:da:
d9:7c:29:aa:16:47:1c:45:8c:0b:54:d1:60:f1:50:
8a:d0:16:57:72:2d:7b:e6:70:eb:8b:a3:4c:c4:89:
2a:34:0b:36:0a:fe:ed:8a:eb:79:e7:0c:3a:81:4d:
7b:e0:3f:8c:d0:44:ab:7e:f9:c3:0c:f4:8b:3e:5a:
9e:2b:bb:9b:cd:bc:55:36:c8:be:d6:69:f5:73:71:
83:93:02:0f:68:05:55:ef:9f:41:04:6c:f8:95:1c:
ad:62:b1:c7:2e:a2:c1:ba:1a:90:95:48:12:44:9e:
9e:d5:50:a5:c7:d9:8a:fd:24:a2:44:e2:33:4d:8c:
07:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:78:03:89:E2:EF:E1:3E:2A:CB:B6:A6:3C:2D:B9:C5:98:F6:5B:82
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nXgDieLv4T4qy7amPC25xZj2W4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
08:75:35:b7:f0:7e:f3:cc:3e:b5:e4:26:24:77:22:24:6d:ae:
ac:c1:69:ce:6d:00:28:32:26:26:fe:f1:74:a7:84:9f:0a:1f:
2a:46:f5:e3:da:97:d9:0f:49:ee:b9:4c:10:e4:cc:dc:4f:68:
6a:26:5c:73:0f:28:df:09:ae:21:d0:e1:03:81:e1:d9:05:67:
ea:b6:2b:1c:c6:15:41:9e:01:8b:fd:b7:3c:e2:64:ee:7a:5c:
ab:5b:9a:8b:7e:bd:7f:40:71:3b:ef:d3:fd:4b:fe:ab:f9:8b:
e6:65:53:0e:59:ad:49:b5:0e:35:98:6a:60:94:8f:b2:c2:c7:
b0:da:0f:5a:02:f0:1d:86:84:41:25:f3:28:8f:18:14:90:c7:
48:d7:32:75:f7:10:69:a2:51:83:c3:6e:ce:e1:63:54:b6:52:
9e:df:aa:d6:71:ed:8a:dc:83:75:16:8c:64:16:12:ec:76:b0:
4a:b3:36:48:a6:47:de:12:1e:63:c5:71:a9:62:07:59:c7:40:
9e:cf:b2:45:a0:09:e1:c0:e8:6f:e8:0e:37:97:b8:09:b1:21:
ea:77:2f:42:d3:41:c1:ae:ab:ba:c4:8e:c4:f8:92:c3:0e:7f:
35:91:99:74:cd:52:fa:35:4c:ad:57:2b:6f:bc:eb:81:45:c1:
01:6f:95:f2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZD+1JxI7L3kmkDrxUeuQvWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzI5MTQxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc4MDM4OWUyZWZlMTNlMmFjYmI2YTYzYzJkYjljNTk4ZjY1YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmsw7qC59lktuwSoKTNHpQADlAS9
XRv9Hn+qJnSABFM47voBb7D/Me4FDzpgkAMgktHY/8Hz4OG1iOwYiOYvfCdSv6yI
ps+KtU34GkfkqmvzkW46J+eCTXxbXzeraqfkorXn2kjUBGF27OaDYIkJo0VuwOnJ
kByltRCWF2CAqgh9IihZ29rZfCmqFkccRYwLVNFg8VCK0BZXci175nDri6NMxIkq
NAs2Cv7tiut55ww6gU174D+M0ESrfvnDDPSLPlqeK7ubzbxVNsi+1mn1c3GDkwIP
aAVV759BBGz4lRytYrHHLqLBuhqQlUgSRJ6e1VClx9mK/SSiROIzTYwHUwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ14A4ni7+E+Ksu2pjwtucWY9luCMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvblhnRGllTHY0VDRxeTdhbVBDMjV4WmoyVzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEACHU1t/B+88w+teQmJHciJG2u
rMFpzm0AKDImJv7xdKeEnwofKkb149qX2Q9J7rlMEOTM3E9oaiZccw8o3wmuIdDh
A4Hh2QVn6rYrHMYVQZ4Bi/23POJk7npcq1uai369f0BxO+/T/Uv+q/mL5mVTDlmt
SbUONZhqYJSPssLHsNoPWgLwHYaEQSXzKI8YFJDHSNcydfcQaaJRg8NuzuFjVLZS
nt+q1nHtityDdRaMZBYS7HawSrM2SKZH3hIeY8VxqWIHWcdAns+yRaAJ4cDob+gO
N5e4CbEh6ncvQtNBwa6rusSOxPiSww5/NZGZdM1S+jVMrVcrb7zrgUXBAW+V8g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:16:45 2025 by rpki-client