Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r3oyuwKGUjrVgdgHth-hGI376Tc.roa
File: r3oyuwKGUjrVgdgHth-hGI376Tc.roa (raw, json)
Hash identifier: FDuAD7twYzY/4UxaVNav5pSF6xW+BC3atzpYfV76obo=
Subject key identifier: AF:7A:32:BB:02:86:52:3A:D5:81:D8:07:B6:1F:A1:18:8D:FB:E9:37
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B758998971253E4E7753F85CD890F253
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r3oyuwKGUjrVgdgHth-hGI376Tc.roa
Signing time: Tue 03 Sep 2024 10:05:22 +0000
ROA not before: Tue 03 Sep 2024 10:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:b757:e8a5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:58:99:89:71:25:3e:4e:77:53:f8:5c:d8:90:f2:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 3 10:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af7a32bb0286523ad581d807b61fa1188dfbe937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:97:fc:ee:b2:8d:9a:04:3a:52:3c:76:55:6b:
78:14:95:a3:b9:e1:07:cf:aa:d7:f3:a7:f5:71:88:
2d:8e:2e:b7:c9:38:ac:33:52:27:6d:63:52:4e:48:
08:b6:b6:6f:31:75:cc:54:e8:f3:5d:19:28:e5:ff:
c4:82:be:48:a8:57:20:d0:f7:c4:29:d8:2e:f8:a9:
2d:38:fa:fb:f9:30:e2:ae:76:34:1e:be:7d:8b:ed:
32:0c:cb:02:fa:ae:88:47:1f:b4:b9:79:d7:fd:0b:
e4:07:fd:2a:bd:14:15:c8:6a:bb:5e:40:44:04:be:
82:0a:bb:fd:2d:2b:3f:7d:ba:eb:4e:f8:a5:d1:9f:
44:86:03:0a:fd:d9:71:4e:b5:e7:fd:15:09:a3:df:
91:35:0a:14:b2:f9:12:e5:fa:9a:6d:39:00:9b:c4:
83:5e:03:4d:71:ed:8a:a1:83:0c:22:78:cc:92:58:
da:e6:19:ff:e5:ee:50:e6:f3:66:a8:83:db:05:fa:
3f:33:11:e5:98:48:d4:80:59:8d:52:a7:6a:16:23:
cd:ca:4f:d8:b2:22:48:33:80:10:38:a3:a4:c0:30:
74:d8:77:d4:22:6a:55:da:eb:b8:44:a1:d1:67:45:
f8:7c:a8:42:aa:b9:fd:17:d5:c5:a9:5c:91:02:3d:
f3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7A:32:BB:02:86:52:3A:D5:81:D8:07:B6:1F:A1:18:8D:FB:E9:37
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r3oyuwKGUjrVgdgHth-hGI376Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:b757:e8a5/128
Signature Algorithm: sha256WithRSAEncryption
52:ce:0c:e7:28:1d:10:51:e3:5c:21:cb:8a:f4:fd:d8:83:3f:
9b:54:94:87:cf:85:14:3f:4e:10:12:4c:7c:be:00:0d:e4:18:
fd:da:91:39:2f:97:d9:07:59:b4:aa:b1:9a:84:b0:71:67:de:
44:26:a4:9a:88:3c:16:0c:2b:11:1e:dc:cb:0e:f4:2a:e1:2c:
e3:4d:e7:37:58:04:50:55:c8:2e:3c:52:c4:c5:df:cb:d3:04:
30:3a:d3:98:e6:56:92:93:cd:c6:3c:2f:e1:b4:db:01:bb:4d:
51:2a:9c:51:d3:07:2d:34:88:e6:3e:e0:1c:0e:be:c6:b5:2f:
ed:99:25:14:44:a9:79:f7:61:27:f6:25:21:56:ef:49:7b:91:
3f:5e:15:41:15:c4:78:51:28:f8:de:17:08:e5:7d:37:d0:96:
51:65:a6:ed:63:01:42:4a:d2:f1:02:8e:b6:de:cd:90:3f:ef:
2f:3b:d8:31:d1:a1:f8:cf:db:71:89:10:eb:45:95:4e:25:22:
74:8f:28:7d:ae:98:ee:ac:92:bb:e4:aa:97:a3:b0:3d:93:aa:
af:d7:6f:aa:b2:91:4c:1d:7f:61:46:5c:dc:06:88:83:bc:77:
dc:3a:31:94:62:b6:af:55:b5:59:56:2c:6f:af:58:f1:4d:73:
a9:c2:af:84
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZG3WJmJcSU+TndT+FzYkPJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAzMTAwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdhMzJiYjAyODY1MjNhZDU4MWQ4MDdiNjFmYTExODhkZmJlOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZf87rKNmgQ6Ujx2VWt4FJWjueEH
z6rX86f1cYgtji63yTisM1InbWNSTkgItrZvMXXMVOjzXRko5f/Egr5IqFcg0PfE
Kdgu+KktOPr7+TDirnY0Hr59i+0yDMsC+q6IRx+0uXnX/QvkB/0qvRQVyGq7XkBE
BL6CCrv9LSs/fbrrTvil0Z9EhgMK/dlxTrXn/RUJo9+RNQoUsvkS5fqabTkAm8SD
XgNNce2KoYMMInjMklja5hn/5e5Q5vNmqIPbBfo/MxHlmEjUgFmNUqdqFiPNyk/Y
siJIM4AQOKOkwDB02HfUImpV2uu4RKHRZ0X4fKhCqrn9F9XFqVyRAj3zvwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK96MrsChlI61YHYB7YfoRiN++k3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcjNveXV3S0dVanJWZ2RnSHRoLWhHSTM3NlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkbdX6KUwDQYJKoZIhvcNAQELBQADggEB
AFLODOcoHRBR41why4r0/diDP5tUlIfPhRQ/ThASTHy+AA3kGP3akTkvl9kHWbSq
sZqEsHFn3kQmpJqIPBYMKxEe3MsO9CrhLONN5zdYBFBVyC48UsTF38vTBDA605jm
VpKTzcY8L+G02wG7TVEqnFHTBy00iOY+4BwOvsa1L+2ZJRREqXn3YSf2JSFW70l7
kT9eFUEVxHhRKPjeFwjlfTfQllFlpu1jAUJK0vECjrbezZA/7y872DHRofjP23GJ
EOtFlU4lInSPKH2umO6skrvkqpejsD2Tqq/Xb6qykUwdf2FGXNwGiIO8d9w6MZRi
tq9VtVlWLG+vWPFNc6nCr4Q=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:33 2025 by rpki-client