Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nurejvX1ED8wbkj4v11qEcPSPfI.roa
File: nurejvX1ED8wbkj4v11qEcPSPfI.roa (raw, json)
Hash identifier: 8kcnALxllImukDYygKfwPIDHvq1SZIiaMaOEzMgE45g=
Subject key identifier: 9E:EA:DE:8E:F5:F5:10:3F:30:6E:48:F8:BF:5D:6A:11:C3:D2:3D:F2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B871C69745AD53C61E88D7A0501866B7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nurejvX1ED8wbkj4v11qEcPSPfI.roa
Signing time: Tue 03 Sep 2024 15:12:29 +0000
ROA not before: Tue 03 Sep 2024 15:12:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:71:c6:97:45:ad:53:c6:1e:88:d7:a0:50:18:66:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 3 15:12:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9eeade8ef5f5103f306e48f8bf5d6a11c3d23df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:94:d3:4b:fa:1a:60:ed:d1:fb:44:32:e7:
ec:a1:05:83:ea:9f:ea:ba:99:7b:58:3d:61:87:cd:
8d:47:ac:91:be:77:83:4d:6f:9a:ad:d1:fe:73:07:
05:84:1d:54:eb:35:e2:c5:33:68:e7:73:20:d5:f2:
c0:f0:c2:f2:96:9e:c6:0b:39:c5:8a:83:69:24:0a:
2e:94:fb:d7:c4:77:f7:96:fb:9e:66:e8:7e:6d:1a:
08:f8:9b:7f:8c:9b:57:cc:03:3f:4a:e1:5b:b3:de:
3b:62:e6:d7:c2:35:ae:2f:9d:24:d2:56:ec:1f:cf:
de:40:99:30:e3:5d:24:ef:6d:c2:7e:e0:a5:33:60:
ab:84:c2:fd:6f:c6:59:b1:f7:47:99:1b:43:69:a8:
3b:1e:6d:f5:49:17:85:6d:e7:dc:51:98:72:5b:8a:
b8:8d:6f:37:6a:67:7c:7e:c7:34:a0:db:b1:06:fa:
92:6b:7a:0b:9e:d9:88:ac:df:b2:7f:4f:ce:a9:b6:
0d:6e:d0:fa:ac:1a:1c:ab:15:06:6d:9c:40:2a:42:
0d:25:21:86:18:31:2a:25:c6:dd:b7:40:37:bb:6e:
12:49:18:50:12:36:76:3b:06:3e:f4:4e:9c:fd:32:
d0:2f:f3:04:2b:8f:0c:e4:78:39:2d:7f:1c:e6:d0:
19:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EA:DE:8E:F5:F5:10:3F:30:6E:48:F8:BF:5D:6A:11:C3:D2:3D:F2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/nurejvX1ED8wbkj4v11qEcPSPfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
60:56:a7:a7:da:2f:11:5b:97:ab:c2:6b:59:db:00:45:55:47:
97:c1:f6:c1:12:26:35:70:8b:93:08:81:56:8a:0e:5e:53:cc:
cc:68:21:c3:b7:50:0f:55:a2:92:90:8f:2b:43:0d:fc:60:07:
97:94:02:b5:a4:83:44:b0:7a:f1:77:24:05:b5:29:07:6d:75:
cf:22:da:90:3b:a1:a3:4e:a6:5b:94:78:d9:18:36:27:f0:18:
c9:49:81:62:69:c3:5e:ba:b7:10:b7:26:46:8b:cf:0a:4c:20:
df:08:a8:32:77:79:15:b0:3f:a5:05:ea:21:bd:23:89:0a:58:
40:0b:16:ba:34:34:6a:b8:b8:3c:65:76:e4:e6:0b:c3:44:33:
9a:71:e4:cd:fa:12:0b:a3:66:03:bb:21:a4:e5:59:f4:bb:b6:
10:c3:73:3c:06:d5:4a:d5:84:a5:6e:7a:09:24:f7:15:4b:0a:
f2:74:27:02:c2:af:68:60:b7:f2:e0:6e:5a:d5:15:e3:6b:a8:
1d:ea:85:83:a6:1c:ab:a6:98:10:75:0a:07:60:10:a7:e1:fa:
6b:d4:38:d0:49:f6:f0:45:4d:a9:49:cb:d8:8e:e3:49:21:f4:
07:6b:ff:85:02:c6:50:bc:e4:bc:70:b6:94:0f:9a:f2:05:94:
0d:8b:25:85
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG4ccaXRa1Txh6I16BQGGa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAzMTUxMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVhZGU4ZWY1ZjUxMDNmMzA2ZTQ4ZjhiZjVkNmExMWMzZDIzZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BCU00v6GmDt0ftEMufsoQWD6p/q
upl7WD1hh82NR6yRvneDTW+ardH+cwcFhB1U6zXixTNo53Mg1fLA8MLylp7GCznF
ioNpJAoulPvXxHf3lvueZuh+bRoI+Jt/jJtXzAM/SuFbs947YubXwjWuL50k0lbs
H8/eQJkw410k723CfuClM2CrhML9b8ZZsfdHmRtDaag7Hm31SReFbefcUZhyW4q4
jW83amd8fsc0oNuxBvqSa3oLntmIrN+yf0/OqbYNbtD6rBocqxUGbZxAKkINJSGG
GDEqJcbdt0A3u24SSRhQEjZ2OwY+9E6c/TLQL/MEK48M5Hg5LX8c5tAZqwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ7q3o719RA/MG5I+L9dahHD0j3yMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbnVyZWp2WDFFRDh3YmtqNHYxMXFFY1BTUGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAYFanp9ovEVuXq8JrWdsARVVH
l8H2wRImNXCLkwiBVooOXlPMzGghw7dQD1WikpCPK0MN/GAHl5QCtaSDRLB68Xck
BbUpB211zyLakDuho06mW5R42Rg2J/AYyUmBYmnDXrq3ELcmRovPCkwg3wioMnd5
FbA/pQXqIb0jiQpYQAsWujQ0ari4PGV25OYLw0QzmnHkzfoSC6NmA7shpOVZ9Lu2
EMNzPAbVStWEpW56CST3FUsK8nQnAsKvaGC38uBuWtUV42uoHeqFg6Ycq6aYEHUK
B2AQp+H6a9Q40En28EVNqUnL2I7jSSH0B2v/hQLGULzkvHC2lA+a8gWUDYslhQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:25 2025 by rpki-client