Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s8W6zM9s5xelDWrkbnwab26Dc84.roa
File: s8W6zM9s5xelDWrkbnwab26Dc84.roa (raw, json)
Hash identifier: uC7qu2Dh+bgdvtgbS+JMEmxbe7J9iNUs3/sE7Xkixgw=
Subject key identifier: B3:C5:BA:CC:CF:6C:E7:17:A5:0D:6A:E4:6E:7C:1A:6F:6E:83:73:CE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191724704D7A222F6D19341FD14F8405C93
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s8W6zM9s5xelDWrkbnwab26Dc84.roa
Signing time: Wed 21 Aug 2024 00:12:22 +0000
ROA not before: Wed 21 Aug 2024 00:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:72:47:04:d7:a2:22:f6:d1:93:41:fd:14:f8:40:5c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 21 00:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c5bacccf6ce717a50d6ae46e7c1a6f6e8373ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1d:a0:1a:01:24:a1:c0:a0:62:cc:79:04:1c:
e0:43:28:e9:ed:82:4f:bc:12:2b:07:8e:03:a8:91:
ab:46:88:22:b9:a6:3b:bb:e2:e1:48:71:17:2d:24:
aa:db:17:fa:18:ae:79:52:f6:21:72:26:02:37:90:
6a:d1:f8:87:3c:a8:c2:1b:8b:17:a4:15:c1:f9:2d:
9d:16:46:c1:53:ee:b9:62:35:9e:a1:ad:a5:7a:36:
77:ed:20:c0:c1:57:fa:3d:13:fb:86:15:c9:2a:a0:
3f:c1:e2:a5:fa:32:32:82:04:75:7e:bf:0a:82:9e:
e8:db:6d:df:d7:0a:06:59:34:1b:cf:d3:f3:cc:df:
77:85:04:dd:19:b4:ab:f6:3d:81:8c:31:94:fc:6d:
10:7d:cf:78:b4:e3:a5:2a:01:41:98:2f:c6:9f:6a:
5b:53:f9:b6:7d:32:38:71:07:c7:07:fa:c0:f2:38:
2e:0c:4f:f1:84:3e:8d:59:d3:d0:55:9e:d6:a8:27:
0c:d3:c9:b3:96:7b:72:4e:2d:49:3d:a8:c0:72:ca:
1c:84:55:74:50:44:58:94:03:ec:06:1d:a3:3a:f9:
d0:dd:19:0c:f0:3e:7f:c1:ff:06:db:ef:7a:bd:01:
b8:bc:fd:f7:0d:50:a0:7f:ff:b1:d1:b6:82:70:b3:
25:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C5:BA:CC:CF:6C:E7:17:A5:0D:6A:E4:6E:7C:1A:6F:6E:83:73:CE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/s8W6zM9s5xelDWrkbnwab26Dc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
2e:fa:23:b9:8f:ca:78:e1:72:ee:70:46:86:5e:c8:3d:a3:25:
b3:d0:38:8b:3b:bb:4a:7e:6e:a5:fd:9d:23:dd:de:16:78:1b:
9f:f0:82:c1:77:a7:ad:9a:5b:89:c1:a3:54:01:54:58:a2:70:
93:97:08:4d:c9:de:26:50:01:d7:f3:86:a2:3b:61:18:9a:c5:
33:85:2b:c8:16:84:f3:cc:62:6d:d4:c9:dc:35:20:b8:06:94:
b9:a4:8b:83:f2:67:c0:46:a5:ab:15:50:b7:23:4d:b9:21:b4:
96:36:e1:49:5d:ea:dc:65:9d:51:de:14:95:eb:d4:53:ef:63:
60:85:66:78:27:ad:0c:bb:1c:96:aa:07:4c:4a:de:cf:9c:9b:
fe:42:6a:9d:92:c4:ac:3c:7a:5c:56:30:0f:39:b9:7b:3a:7c:
28:6c:db:c7:0f:f0:6f:57:d7:ae:e2:a8:a1:94:60:80:eb:59:
65:e3:62:e2:c0:9f:23:43:99:54:b0:8d:9f:ee:be:32:c0:f2:
11:23:8e:4c:0c:d1:f7:ef:40:cf:b4:9a:d7:22:2e:3c:73:d7:
5d:d2:ea:87:02:52:e7:c4:82:21:38:59:7c:5d:b0:c6:6f:5a:
20:74:2f:fc:1e:67:aa:3b:b6:86:9a:3b:12:2c:e1:0e:d1:0f:
e5:71:3d:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFyRwTXoiL20ZNB/RT4QFyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODIxMDAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M1YmFjY2NmNmNlNzE3YTUwZDZhZTQ2ZTdjMWE2ZjZlODM3M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB2gGgEkocCgYsx5BBzgQyjp7YJP
vBIrB44DqJGrRogiuaY7u+LhSHEXLSSq2xf6GK55UvYhciYCN5Bq0fiHPKjCG4sX
pBXB+S2dFkbBU+65YjWeoa2lejZ37SDAwVf6PRP7hhXJKqA/weKl+jIyggR1fr8K
gp7o223f1woGWTQbz9PzzN93hQTdGbSr9j2BjDGU/G0Qfc94tOOlKgFBmC/Gn2pb
U/m2fTI4cQfHB/rA8jguDE/xhD6NWdPQVZ7WqCcM08mzlntyTi1JPajAcsochFV0
UERYlAPsBh2jOvnQ3RkM8D5/wf8G2+96vQG4vP33DVCgf/+x0baCcLMleQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLPFuszPbOcXpQ1q5G58Gm9ug3POMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvczhXNnpNOXM1eGVsRFdya2Jud2FiMjZEYzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEALvojuY/KeOFy7nBGhl7IPaMl
s9A4izu7Sn5upf2dI93eFngbn/CCwXenrZpbicGjVAFUWKJwk5cITcneJlAB1/OG
ojthGJrFM4UryBaE88xibdTJ3DUguAaUuaSLg/JnwEalqxVQtyNNuSG0ljbhSV3q
3GWdUd4UlevUU+9jYIVmeCetDLsclqoHTErez5yb/kJqnZLErDx6XFYwDzm5ezp8
KGzbxw/wb1fXruKooZRggOtZZeNi4sCfI0OZVLCNn+6+MsDyESOOTAzR9+9Az7Sa
1yIuPHPXXdLqhwJS58SCIThZfF2wxm9aIHQv/B5nqju2hpo7EizhDtEP5XE9mA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:58:54 2025 by rpki-client