Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rdiCMiwl3apR-L05e-Pyo8dxCnk.roa
File: rdiCMiwl3apR-L05e-Pyo8dxCnk.roa (raw, json)
Hash identifier: hv8Vb8yLureph7alDJ3JCOzjf6cwPnvuhN11pU/DNUA=
Subject key identifier: AD:D8:82:32:2C:25:DD:AA:51:F8:BD:39:7B:E3:F2:A3:C7:71:0A:79
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CA781DF6DA06BCE352A43D361BB83152
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rdiCMiwl3apR-L05e-Pyo8dxCnk.roa
Signing time: Sat 07 Sep 2024 03:12:35 +0000
ROA not before: Sat 07 Sep 2024 03:12:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ca:78:1d:f6:da:06:bc:e3:52:a4:3d:36:1b:b8:31:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 7 03:12:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add882322c25ddaa51f8bd397be3f2a3c7710a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:48:95:9a:0e:52:ec:8c:47:c0:32:fc:03:b2:
e4:b6:72:b8:28:8c:8d:91:f2:bc:9a:33:83:7a:ac:
1c:f9:78:eb:c8:e7:bd:fa:66:e4:72:9e:81:4e:ce:
af:89:b1:de:ee:a5:bd:70:80:90:17:1b:49:eb:d1:
93:f9:85:8f:5f:1e:de:a9:13:9f:34:6b:5d:93:67:
c1:8b:e5:66:08:49:91:81:ec:f3:52:90:d2:1d:f1:
7c:2b:45:73:7e:7c:54:e4:35:16:f2:d2:f5:13:f1:
0b:23:dd:5e:4d:4a:cb:3f:62:7c:65:72:68:af:e8:
03:26:a8:e0:c5:a9:4b:a1:38:26:fd:70:a3:ba:7d:
93:b9:01:e3:cf:ab:62:3c:c9:14:5d:1f:77:4b:91:
61:09:33:1a:62:d1:9b:ef:f0:bb:19:a5:80:a2:0a:
2c:86:c6:9d:81:0b:a2:b0:1f:e0:da:c7:a2:52:18:
c3:0e:a6:c2:45:b9:ad:3e:ec:4e:6b:01:d2:bc:74:
d3:67:72:fa:b8:87:ec:7b:48:1f:1f:c1:25:3f:12:
eb:72:cd:8c:ee:b1:e0:e8:5c:37:c3:ee:51:2b:f7:
35:52:32:2d:ba:7a:e5:70:cc:73:b3:f6:b6:ef:ab:
4d:ae:f8:79:2c:24:3f:d1:75:21:c8:f1:d6:b5:ab:
57:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D8:82:32:2C:25:DD:AA:51:F8:BD:39:7B:E3:F2:A3:C7:71:0A:79
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rdiCMiwl3apR-L05e-Pyo8dxCnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
57:28:ff:cb:08:a5:fe:65:a2:7f:d6:fe:e5:2a:e0:27:2d:c0:
b7:b0:09:bf:29:f4:55:b5:f2:86:17:5c:4d:00:05:59:98:ba:
38:88:ab:9c:2c:2c:df:c9:88:c3:24:4c:88:9c:c1:b3:e5:da:
53:d9:74:c1:c7:a2:cd:46:63:24:48:58:b4:d2:4a:39:ce:9b:
99:ab:ae:d0:dc:3e:1e:ed:a7:cb:38:e2:8c:9f:58:db:6b:63:
80:b9:ed:f8:ff:33:f4:20:e7:34:f0:0c:17:d1:5d:d3:59:a2:
03:f3:45:30:e1:39:51:26:31:55:75:84:22:73:b6:d2:02:22:
44:90:90:35:2c:e8:98:95:0f:bf:8f:ed:cd:8f:51:c4:91:3b:
db:d8:23:74:f1:c0:44:02:3b:91:25:9e:d7:61:19:87:3f:89:
89:2a:cd:c6:6e:93:4f:5d:ce:a4:f7:17:02:13:62:89:97:1c:
0d:e4:0a:db:ff:45:13:6b:72:dc:c9:a6:8f:9c:a4:26:1e:5c:
b7:ab:ba:0f:94:4d:fb:df:ca:7d:75:48:bb:49:af:d8:e5:94:
2e:6f:98:2d:42:da:87:e4:0d:1e:bb:eb:94:42:d6:22:dc:04:
31:6d:b2:ea:f5:04:62:a4:0d:53:d9:f5:58:ca:77:f1:c1:b8:
99:00:ad:b4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHKeB322ga841KkPTYbuDFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA3MDMxMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ4ODIzMjJjMjVkZGFhNTFmOGJkMzk3YmUzZjJhM2M3NzEwYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUiVmg5S7IxHwDL8A7LktnK4KIyN
kfK8mjODeqwc+XjryOe9+mbkcp6BTs6vibHe7qW9cICQFxtJ69GT+YWPXx7eqROf
NGtdk2fBi+VmCEmRgezzUpDSHfF8K0VzfnxU5DUW8tL1E/ELI91eTUrLP2J8ZXJo
r+gDJqjgxalLoTgm/XCjun2TuQHjz6tiPMkUXR93S5FhCTMaYtGb7/C7GaWAogos
hsadgQuisB/g2seiUhjDDqbCRbmtPuxOawHSvHTTZ3L6uIfse0gfH8ElPxLrcs2M
7rHg6Fw3w+5RK/c1UjItunrlcMxzs/a276tNrvh5LCQ/0XUhyPHWtatXKwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK3YgjIsJd2qUfi9OXvj8qPHcQp5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcmRpQ01pd2wzYXBSLUwwNWUtUHlvOGR4Q25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAVyj/ywil/mWif9b+5SrgJy3A
t7AJvyn0VbXyhhdcTQAFWZi6OIirnCws38mIwyRMiJzBs+XaU9l0wceizUZjJEhY
tNJKOc6bmauu0Nw+Hu2nyzjijJ9Y22tjgLnt+P8z9CDnNPAMF9Fd01miA/NFMOE5
USYxVXWEInO20gIiRJCQNSzomJUPv4/tzY9RxJE729gjdPHARAI7kSWe12EZhz+J
iSrNxm6TT13OpPcXAhNiiZccDeQK2/9FE2ty3Mmmj5ykJh5ct6u6D5RN+9/KfXVI
u0mv2OWULm+YLULah+QNHrvrlELWItwEMW2y6vUEYqQNU9n1WMp38cG4mQCttA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:57:07 2025 by rpki-client