Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ooybCBPLYVthlow7L_rAKDabTy0.roa
File: ooybCBPLYVthlow7L_rAKDabTy0.roa (raw, json)
Hash identifier: Z69sDtceKzPs1d+dh25YUYP/hjSJ5d/XvOOrWf/HGbc=
Subject key identifier: A2:8C:9B:08:13:CB:61:5B:61:96:8C:3B:2F:FA:C0:28:36:9B:4F:2D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019150CD5533632CD0052F0270DF2D80AFE3
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ooybCBPLYVthlow7L_rAKDabTy0.roa
Signing time: Wed 14 Aug 2024 12:11:59 +0000
ROA not before: Wed 14 Aug 2024 12:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:cd:55:33:63:2c:d0:05:2f:02:70:df:2d:80:af:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 14 12:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a28c9b0813cb615b61968c3b2ffac028369b4f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f6:65:aa:04:1a:e5:2d:b0:27:3b:80:ca:73:
62:2f:db:08:6b:3a:ec:33:ef:34:3e:99:44:88:4b:
25:e5:10:ce:70:90:2e:cc:ba:27:77:ce:12:29:ec:
ad:14:50:90:fa:88:22:1d:2d:a8:86:93:ee:f2:28:
49:bd:1f:fd:9d:ca:67:ff:d5:54:9f:fc:79:95:b1:
71:6b:2b:83:f5:16:2f:d3:36:26:47:32:91:12:2b:
39:39:e3:d1:6b:0d:e6:8b:02:f2:a7:04:43:08:25:
39:59:36:e3:52:0d:a0:83:68:36:8e:bd:41:47:e9:
e7:0f:3a:94:38:95:4a:0a:b7:05:15:0e:23:49:dc:
88:74:3d:51:93:3c:ab:13:c3:8c:df:43:0c:93:36:
9f:f1:54:3c:18:1a:a7:d9:46:92:b0:11:56:7c:d2:
c6:32:74:a7:15:c1:03:0c:cf:24:7d:3c:85:c0:9c:
b2:36:0b:bf:6e:e0:5b:f3:6b:41:96:85:2b:d8:9e:
45:fa:2a:4a:2e:e8:2e:03:67:6e:58:5e:8f:c9:59:
fe:32:56:36:d8:55:9c:10:f2:99:7f:bf:4d:39:40:
c0:d6:e7:1c:5f:8b:6b:72:a0:8a:fe:09:b7:57:38:
8a:a3:cf:94:9d:56:d5:02:bb:5a:0b:b8:94:41:11:
d9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8C:9B:08:13:CB:61:5B:61:96:8C:3B:2F:FA:C0:28:36:9B:4F:2D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ooybCBPLYVthlow7L_rAKDabTy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
36:8c:22:a6:30:3b:fb:c3:cd:af:5f:77:4f:9d:ff:73:65:91:
a1:5c:d9:33:19:9f:69:07:6d:b8:06:20:28:40:74:85:ef:2b:
74:b8:c2:26:f1:4e:76:0d:c7:c2:9e:a4:bd:67:93:83:22:98:
da:2b:92:cb:2f:b4:4b:45:55:b2:03:b6:e2:7f:e6:a0:0e:c4:
2e:a1:c3:f9:6e:39:46:53:cc:3b:23:17:b0:32:65:41:f8:c6:
77:a3:0d:65:37:f5:99:5e:ea:2c:f8:91:cd:72:e6:da:7b:36:
46:a2:24:c0:71:fd:5d:d6:ec:aa:f3:15:e0:59:71:b6:28:1c:
03:ff:39:23:22:16:db:e4:c7:5d:a9:7e:6a:a3:2e:c4:f5:f6:
a5:7c:60:a8:ee:1a:70:04:37:ba:29:a9:a7:3f:2b:d8:01:19:
de:a3:2d:1c:1c:4f:d5:24:7c:36:6f:86:c8:9d:fe:9d:86:ed:
d4:c3:15:8b:7f:5c:19:6e:e2:9e:47:db:19:ef:f4:fe:29:d1:
2c:cc:06:5e:96:de:e0:14:f7:52:a6:e3:41:93:4e:87:62:12:
5b:0a:9e:1d:61:94:b1:fa:d2:7d:a1:56:c4:13:99:44:6c:cb:
31:93:91:ea:6b:5a:77:20:d2:59:00:88:a5:7c:98:2a:54:4b:
20:fc:fc:5d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFQzVUzYyzQBS8CcN8tgK/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE0MTIxMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjhjOWIwODEzY2I2MTViNjE5NjhjM2IyZmZhYzAyODM2OWI0ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fZlqgQa5S2wJzuAynNiL9sIazrs
M+80PplEiEsl5RDOcJAuzLond84SKeytFFCQ+ogiHS2ohpPu8ihJvR/9ncpn/9VU
n/x5lbFxayuD9RYv0zYmRzKREis5OePRaw3miwLypwRDCCU5WTbjUg2gg2g2jr1B
R+nnDzqUOJVKCrcFFQ4jSdyIdD1RkzyrE8OM30MMkzaf8VQ8GBqn2UaSsBFWfNLG
MnSnFcEDDM8kfTyFwJyyNgu/buBb82tBloUr2J5F+ipKLuguA2duWF6PyVn+MlY2
2FWcEPKZf79NOUDA1uccX4trcqCK/gm3VziKo8+UnVbVArtaC7iUQRHZ6QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKKMmwgTy2FbYZaMOy/6wCg2m08tMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb295YkNCUExZVnRobG93N0xfckFLRGFiVHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEANowipjA7+8PNr193T53/c2WR
oVzZMxmfaQdtuAYgKEB0he8rdLjCJvFOdg3Hwp6kvWeTgyKY2iuSyy+0S0VVsgO2
4n/moA7ELqHD+W45RlPMOyMXsDJlQfjGd6MNZTf1mV7qLPiRzXLm2ns2RqIkwHH9
XdbsqvMV4FlxtigcA/85IyIW2+THXal+aqMuxPX2pXxgqO4acAQ3uimppz8r2AEZ
3qMtHBxP1SR8Nm+GyJ3+nYbt1MMVi39cGW7inkfbGe/0/inRLMwGXpbe4BT3Uqbj
QZNOh2ISWwqeHWGUsfrSfaFWxBOZRGzLMZOR6mtadyDSWQCIpXyYKlRLIPz8XQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:51 2025 by rpki-client