Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oztbmLH4yTQL9Q2pYPNe7ZKNUbo.roa
File: oztbmLH4yTQL9Q2pYPNe7ZKNUbo.roa (raw, json)
Hash identifier: 05tdQmMdz4YLk/OGIlVwBtJng6Aey6sLTQHZkWdwaWo=
Subject key identifier: A3:3B:5B:98:B1:F8:C9:34:0B:F5:0D:A9:60:F3:5E:ED:92:8D:51:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01945A36D88BE6EA292A37FF020B6082DFC8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oztbmLH4yTQL9Q2pYPNe7ZKNUbo.roa
Signing time: Sun 12 Jan 2025 11:12:11 +0000
ROA not before: Sun 12 Jan 2025 11:12:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:36:d8:8b:e6:ea:29:2a:37:ff:02:0b:60:82:df:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 12 11:12:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a33b5b98b1f8c9340bf50da960f35eed928d51ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:3b:d4:7b:fa:1d:33:17:2b:c0:be:8c:5c:
ec:15:9b:32:32:9c:c0:e2:3d:fe:d2:54:7c:d3:74:
6a:97:2c:48:ea:9d:76:2d:17:28:cc:68:be:67:3c:
20:85:57:e6:2e:75:c8:15:31:4f:b0:10:6e:f0:fd:
01:52:f6:eb:c1:a8:be:8b:8c:d2:ad:0f:5b:aa:e2:
97:8d:52:e9:a9:13:bb:4b:c0:66:44:52:d1:57:05:
04:94:33:d1:b7:fd:8e:8f:9b:2e:7b:6d:eb:50:1b:
c6:a8:4d:1b:a0:88:8f:13:c7:11:4e:6c:e3:1f:6d:
e7:27:c9:b0:f1:f2:2e:ed:fb:1e:20:e6:c8:86:f6:
9c:dd:05:5a:43:60:0c:6d:a4:97:91:98:e6:42:bc:
ed:11:19:2f:1c:03:4a:44:cb:45:ba:58:4d:0c:9a:
33:54:09:10:72:71:30:bd:45:c5:f1:8c:20:07:f8:
14:7d:85:74:f1:44:fc:03:3d:d4:39:fe:4f:1e:1c:
48:e4:d0:eb:70:2f:d4:62:11:49:ec:30:7a:ed:58:
9b:e9:cd:fc:9c:d2:b5:2e:6b:4b:80:93:9e:21:94:
25:b9:a2:59:85:6d:3e:38:3a:3b:b1:42:fe:bb:2f:
53:ac:2a:09:ae:a5:98:33:7d:4f:1e:6e:38:58:bb:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3B:5B:98:B1:F8:C9:34:0B:F5:0D:A9:60:F3:5E:ED:92:8D:51:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/oztbmLH4yTQL9Q2pYPNe7ZKNUbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
84:dd:23:51:bd:d8:c3:3f:5f:4f:c1:04:19:e8:81:c4:f1:c6:
7a:2d:f7:55:84:43:c9:29:5c:2e:f7:69:96:a1:d1:43:e1:48:
90:ec:a0:32:8d:a9:b2:27:e5:63:4c:06:c2:68:6f:1d:32:36:
e3:d8:9c:5c:2c:ce:60:20:ed:b5:70:a5:8c:1b:0b:fb:f2:28:
bc:17:55:bf:a4:b6:ff:15:cc:24:d1:dc:e4:08:a0:6d:7a:27:
3e:06:9d:23:f8:44:f4:d6:65:8c:08:5a:03:47:b7:43:49:10:
a8:0c:4e:5a:d5:d4:51:b3:3a:f2:d0:d7:aa:cd:04:57:9e:26:
a2:93:cd:bb:46:69:aa:ed:06:6c:45:94:42:98:7c:4c:ab:a1:
71:88:e0:0e:cf:78:2c:64:72:18:7f:f4:df:2f:07:a3:5d:a8:
8b:39:3e:00:60:90:48:3b:97:f1:6b:ba:89:24:c5:ee:e0:74:
ed:76:51:65:4a:b5:1b:50:25:9e:d4:a8:cc:2e:95:0a:d9:78:
d1:1d:8a:13:52:16:62:5d:4d:30:8a:62:ee:6a:da:37:b8:16:
3d:c5:fd:bc:51:1e:0c:6e:05:0c:e0:af:26:1f:bc:05:2f:b6:
c1:ae:30:f8:99:01:24:20:d9:6a:28:25:50:27:01:b4:a8:55:
12:f8:79:92
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRaNtiL5uopKjf/Agtggt/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTEyMTExMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNiNWI5OGIxZjhjOTM0MGJmNTBkYTk2MGYzNWVlZDkyOGQ1MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAE71Hv6HTMXK8C+jFzsFZsyMpzA
4j3+0lR803RqlyxI6p12LRcozGi+ZzwghVfmLnXIFTFPsBBu8P0BUvbrwai+i4zS
rQ9bquKXjVLpqRO7S8BmRFLRVwUElDPRt/2Oj5sue23rUBvGqE0boIiPE8cRTmzj
H23nJ8mw8fIu7fseIObIhvac3QVaQ2AMbaSXkZjmQrztERkvHANKRMtFulhNDJoz
VAkQcnEwvUXF8YwgB/gUfYV08UT8Az3UOf5PHhxI5NDrcC/UYhFJ7DB67Vib6c38
nNK1LmtLgJOeIZQluaJZhW0+ODo7sUL+uy9TrCoJrqWYM31PHm44WLtMcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKM7W5ix+Mk0C/UNqWDzXu2SjVG6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvb3p0Ym1MSDR5VFFMOVEycFlQTmU3WktOVWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAhN0jUb3Ywz9fT8EEGeiBxPHG
ei33VYRDySlcLvdplqHRQ+FIkOygMo2psiflY0wGwmhvHTI249icXCzOYCDttXCl
jBsL+/IovBdVv6S2/xXMJNHc5AigbXonPgadI/hE9NZljAhaA0e3Q0kQqAxOWtXU
UbM68tDXqs0EV54mopPNu0Zpqu0GbEWUQph8TKuhcYjgDs94LGRyGH/03y8Ho12o
izk+AGCQSDuX8Wu6iSTF7uB07XZRZUq1G1AlntSozC6VCtl40R2KE1IWYl1NMIpi
7mraN7gWPcX9vFEeDG4FDOCvJh+8BS+2wa4w+JkBJCDZaiglUCcBtKhVEvh5kg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:06:59 2025 by rpki-client