Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qvHf5yOktfblqxTvgd1_22bYk_I.roa
File: qvHf5yOktfblqxTvgd1_22bYk_I.roa (raw, json)
Hash identifier: IQTfFG7i7zHhFuCoz3x2ri6XzIT8v7BB5xPpJKKYB5M=
Subject key identifier: AA:F1:DF:E7:23:A4:B5:F6:E5:AB:14:EF:81:DD:7F:DB:66:D8:93:F2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191F3A3DF7B0DEB823ECA308201D3A29ECD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qvHf5yOktfblqxTvgd1_22bYk_I.roa
Signing time: Sun 15 Sep 2024 03:04:48 +0000
ROA not before: Sun 15 Sep 2024 03:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:191:f3a3:c368/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f3:a3:df:7b:0d:eb:82:3e:ca:30:82:01:d3:a2:9e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 15 03:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaf1dfe723a4b5f6e5ab14ef81dd7fdb66d893f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7a:05:05:e3:dd:58:68:20:91:64:00:d9:50:
49:44:3b:23:8a:3c:7a:fa:ac:24:3e:95:1c:c5:80:
3d:0e:9c:cc:b2:c8:41:d0:d9:d7:46:26:fe:37:0d:
de:21:65:f9:f6:47:f2:d0:60:14:30:a9:61:78:27:
f8:92:ed:b8:be:f0:fe:99:04:0d:b3:f6:74:d4:b5:
e6:5b:91:4b:c7:8c:2b:fb:cd:00:49:83:5d:5a:df:
4a:46:56:69:1d:76:d4:a6:8c:a6:d5:77:ea:33:84:
21:ef:27:df:c8:a6:ac:19:81:6b:80:72:26:fb:fc:
5d:1b:59:a5:c7:c0:66:18:06:d6:7b:92:9f:03:d2:
2f:26:65:9e:fc:08:91:e3:c8:18:78:ab:e6:ce:87:
e6:31:1f:2e:ad:5b:bd:36:9e:95:8a:0c:d7:99:96:
d2:a1:08:86:f7:6d:c1:0d:0f:65:e9:ba:db:b4:bd:
e4:f7:2d:ec:25:3c:ed:66:30:0a:62:3d:54:27:3e:
ed:03:35:ee:66:5a:ae:f9:0a:74:e3:da:04:80:7c:
d7:dd:e7:d6:15:17:e4:f1:3f:0c:a9:9d:2e:ec:4d:
a8:ab:2f:71:57:1e:80:4b:d8:a3:4f:88:29:1a:7c:
8f:bd:40:8d:3c:28:b9:0d:3e:21:9e:a9:d6:11:a7:
99:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F1:DF:E7:23:A4:B5:F6:E5:AB:14:EF:81:DD:7F:DB:66:D8:93:F2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qvHf5yOktfblqxTvgd1_22bYk_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:191:f3a3:c368/128
Signature Algorithm: sha256WithRSAEncryption
7c:e3:41:6d:2a:35:44:f7:32:24:8a:50:af:cb:4c:ba:08:f1:
42:aa:09:16:9d:59:9c:9b:11:be:8a:99:0a:83:60:8e:4a:49:
d4:bb:dc:68:8e:45:58:56:78:06:89:8d:d2:03:72:04:22:3b:
8b:51:44:ea:16:a0:5d:a6:0b:15:bf:2b:cf:e6:ed:c8:8d:e1:
60:3d:05:88:ee:77:37:56:9a:fa:53:b8:e7:b0:82:0f:12:80:
50:28:22:77:5a:e9:d5:3a:99:0c:79:9d:8e:88:1e:aa:f1:c4:
09:50:00:e3:86:6a:30:7a:da:52:8b:5d:9d:7e:ed:f9:60:b3:
ae:bc:dd:41:8f:85:c3:26:0b:1b:d9:a1:c7:18:4f:a7:2e:d0:
77:ad:b3:20:f5:2e:ab:d6:b6:dc:5d:fa:5c:e2:0c:48:2d:7a:
be:a8:36:fc:68:14:a8:d4:40:7e:21:80:7d:f5:5a:37:b6:40:
05:fc:05:09:8a:03:1b:cc:72:fd:ea:64:e2:6b:72:c6:c8:33:
41:1e:b2:2c:b6:e1:e9:81:d0:71:53:22:09:4f:34:f1:5f:98:
6e:2a:a0:fa:73:ad:7e:cc:98:c2:32:c2:90:ae:6b:39:e1:58:
56:08:d7:5a:e9:f0:f7:f8:74:34:e9:16:be:ff:ef:fe:36:b6:
50:d3:9c:2f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHzo997DeuCPsowggHTop7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTE1MDMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWYxZGZlNzIzYTRiNWY2ZTVhYjE0ZWY4MWRkN2ZkYjY2ZDg5M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HoFBePdWGggkWQA2VBJRDsjijx6
+qwkPpUcxYA9DpzMsshB0NnXRib+Nw3eIWX59kfy0GAUMKlheCf4ku24vvD+mQQN
s/Z01LXmW5FLx4wr+80ASYNdWt9KRlZpHXbUpoym1XfqM4Qh7yffyKasGYFrgHIm
+/xdG1mlx8BmGAbWe5KfA9IvJmWe/AiR48gYeKvmzofmMR8urVu9Np6VigzXmZbS
oQiG923BDQ9l6brbtL3k9y3sJTztZjAKYj1UJz7tAzXuZlqu+Qp049oEgHzX3efW
FRfk8T8MqZ0u7E2oqy9xVx6AS9ijT4gpGnyPvUCNPCi5DT4hnqnWEaeZowIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKrx3+cjpLX25asU74Hdf9tm2JPyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcXZIZjV5T2t0ZmJscXhUdmdkMV8yMmJZa19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGR86PDaDANBgkqhkiG9w0BAQsFAAOCAQEAfONBbSo1RPcyJIpQr8tMugjx
QqoJFp1ZnJsRvoqZCoNgjkpJ1LvcaI5FWFZ4BomN0gNyBCI7i1FE6hagXaYLFb8r
z+btyI3hYD0FiO53N1aa+lO457CCDxKAUCgid1rp1TqZDHmdjogeqvHECVAA44Zq
MHraUotdnX7t+WCzrrzdQY+FwyYLG9mhxxhPpy7Qd62zIPUuq9a23F36XOIMSC16
vqg2/GgUqNRAfiGAffVaN7ZABfwFCYoDG8xy/epk4mtyxsgzQR6yLLbh6YHQcVMi
CU808V+Ybiqg+nOtfsyYwjLCkK5rOeFYVgjXWunw9/h0NOkWvv/v/ja2UNOcLw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:05:52 2025 by rpki-client