Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t87REJJRBAH9n66NkC2eohNLw8s.roa
File: t87REJJRBAH9n66NkC2eohNLw8s.roa (raw, json)
Hash identifier: adRwpKsI1KcOrTKpEbUwWWsQGC/2LGrarsNe9u7hTDs=
Subject key identifier: B7:CE:D1:10:92:51:04:01:FD:9F:AE:8D:90:2D:9E:A2:13:4B:C3:CB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019123F2DD8DB08E7879BEACF2259B3CB0BF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t87REJJRBAH9n66NkC2eohNLw8s.roa
Signing time: Mon 05 Aug 2024 19:10:04 +0000
ROA not before: Mon 05 Aug 2024 19:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:f2:dd:8d:b0:8e:78:79:be:ac:f2:25:9b:3c:b0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 5 19:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7ced11092510401fd9fae8d902d9ea2134bc3cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:58:33:83:87:94:a9:b5:3f:e7:b9:ef:87:
92:da:6b:42:40:55:09:95:d7:9d:92:67:f8:49:e7:
9a:eb:98:76:11:08:e7:44:da:46:ce:d6:92:95:40:
73:68:dc:09:90:2b:a5:e8:ec:b2:c6:90:02:5c:ab:
64:32:b7:66:1c:86:aa:04:4a:c0:59:77:db:44:12:
2e:0a:89:d5:49:a8:31:7c:a6:d5:65:5b:54:6b:af:
ce:97:bd:fc:72:50:ef:1e:89:15:62:ec:cf:a1:60:
80:e0:b5:22:3f:bd:6d:7c:cf:b4:10:d9:c9:ee:bf:
85:77:b9:9f:01:91:cd:75:e8:dd:a5:7b:41:8a:db:
0a:5b:3e:6e:39:85:95:87:cd:b3:2c:13:4d:59:98:
8b:0d:b3:86:f0:eb:15:bd:a2:9b:16:58:92:15:e1:
0e:d6:17:c1:30:e3:1e:60:14:6f:b6:7f:37:86:87:
5f:60:87:66:30:19:ff:ee:75:4a:75:67:ee:74:35:
bd:07:90:fe:eb:9f:4a:d5:f8:d4:d9:0f:30:46:5c:
7d:c6:41:4d:97:6e:f0:03:f5:4a:46:90:7d:ea:13:
c1:25:ae:99:ad:94:85:36:d6:67:9f:0a:5f:78:ed:
32:1b:47:63:57:00:08:ba:b8:4f:71:13:78:5f:a6:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CE:D1:10:92:51:04:01:FD:9F:AE:8D:90:2D:9E:A2:13:4B:C3:CB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t87REJJRBAH9n66NkC2eohNLw8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
76:5a:f3:23:54:a8:72:dd:c9:f6:3d:6a:51:98:12:b4:4d:f3:
dc:77:d4:5e:7b:ed:44:e8:90:58:49:36:93:ac:be:e7:ee:fb:
0b:22:7e:fd:df:07:21:ec:a8:58:dd:a8:b4:7a:14:67:90:8d:
bb:e0:36:79:63:6e:e2:af:3c:12:0d:d6:0b:c7:ac:33:eb:16:
2f:c2:dd:3e:7d:11:c6:55:dd:b5:d9:f4:1a:01:ad:5b:71:ae:
fb:33:85:f2:30:d5:1c:4b:45:ab:5f:3f:ff:44:f0:8a:b8:a2:
d4:5c:b9:0a:01:80:44:2c:3e:30:b1:71:f1:2f:6f:99:cd:56:
66:a6:6a:ca:ae:d2:b8:b7:c6:30:0a:a9:dd:44:8c:28:9b:50:
bf:40:5e:ef:c6:f2:e5:f0:cb:01:5c:cb:0e:27:ef:30:33:a4:
dc:fa:1c:d0:ac:cb:ed:7a:c8:55:63:be:00:6d:f1:cd:9d:2e:
d5:57:90:84:10:80:26:e1:ba:c0:13:c7:b6:82:f3:5f:07:ad:
5d:aa:f3:4e:a4:f4:aa:dc:7f:34:62:a5:0a:aa:e4:dc:b5:3d:
a4:81:ad:a7:8a:b3:a2:91:3b:32:a3:a1:ed:cb:b2:74:38:b3:
cd:f8:92:08:a1:76:7e:9e:e4:95:4a:5d:ce:7c:a1:78:df:ea:
83:2d:45:af
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEj8t2NsI54eb6s8iWbPLC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA1MTkxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NlZDExMDkyNTEwNDAxZmQ5ZmFlOGQ5MDJkOWVhMjEzNGJjM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPFYM4OHlKm1P+e574eS2mtCQFUJ
ldedkmf4Seea65h2EQjnRNpGztaSlUBzaNwJkCul6OyyxpACXKtkMrdmHIaqBErA
WXfbRBIuConVSagxfKbVZVtUa6/Ol738clDvHokVYuzPoWCA4LUiP71tfM+0ENnJ
7r+Fd7mfAZHNdejdpXtBitsKWz5uOYWVh82zLBNNWZiLDbOG8OsVvaKbFliSFeEO
1hfBMOMeYBRvtn83hodfYIdmMBn/7nVKdWfudDW9B5D+659K1fjU2Q8wRlx9xkFN
l27wA/VKRpB96hPBJa6ZrZSFNtZnnwpfeO0yG0djVwAIurhPcRN4X6ZmRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLfO0RCSUQQB/Z+ujZAtnqITS8PLMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdDg3UkVKSlJCQUg5bjY2TmtDMmVvaE5MdzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAdlrzI1Soct3J9j1qUZgStE3z
3HfUXnvtROiQWEk2k6y+5+77CyJ+/d8HIeyoWN2otHoUZ5CNu+A2eWNu4q88Eg3W
C8esM+sWL8LdPn0RxlXdtdn0GgGtW3Gu+zOF8jDVHEtFq18//0Twirii1Fy5CgGA
RCw+MLFx8S9vmc1WZqZqyq7SuLfGMAqp3USMKJtQv0Be78by5fDLAVzLDifvMDOk
3Poc0KzL7XrIVWO+AG3xzZ0u1VeQhBCAJuG6wBPHtoLzXwetXarzTqT0qtx/NGKl
Cqrk3LU9pIGtp4qzopE7MqOh7cuydDizzfiSCKF2fp7klUpdznyheN/qgy1Frw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:51 2025 by rpki-client