Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tl-bD4A1j9s6qz0lU5zI7skExYg.roa
File: tl-bD4A1j9s6qz0lU5zI7skExYg.roa (raw, json)
Hash identifier: 0DyDI83h3fCc9JdiaWBvsZRyuao9e7IVwgWrEZiz1+U=
Subject key identifier: B6:5F:9B:0F:80:35:8F:DB:3A:AB:3D:25:53:9C:C8:EE:C9:04:C5:88
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A9DA8FFB9CDA39D39129EBBFD365DAD8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tl-bD4A1j9s6qz0lU5zI7skExYg.roa
Signing time: Sat 31 Aug 2024 19:12:38 +0000
ROA not before: Sat 31 Aug 2024 19:12:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a9:da:8f:fb:9c:da:39:d3:91:29:eb:bf:d3:65:da:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 31 19:12:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b65f9b0f80358fdb3aab3d25539cc8eec904c588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:b5:9c:9a:40:30:ff:1b:77:a3:8b:f5:d7:
62:4a:6b:dd:66:c4:2d:46:99:db:79:4f:d4:61:33:
bb:30:ec:77:f3:62:19:09:5a:d1:07:03:81:34:4a:
87:72:db:2d:19:d4:74:1b:25:ab:1c:84:1e:64:2b:
c7:ae:13:81:72:a8:ca:50:db:ec:a4:20:d4:41:f0:
cd:36:da:d7:9b:8c:12:6c:a5:08:81:5d:99:3b:85:
1b:58:97:44:1e:f3:66:2f:de:ae:28:88:8f:88:c3:
ec:67:cd:8f:ef:d6:0a:5c:d0:1f:7d:18:1e:6d:dc:
2e:b4:9a:16:f4:80:aa:af:f2:05:d1:72:be:2d:5e:
94:58:66:f9:6f:d7:99:62:84:b8:7e:4e:08:d2:bb:
db:97:ef:b6:64:80:38:f5:90:15:15:23:1d:4e:cb:
e7:d0:aa:e8:1a:2b:ea:21:58:d0:65:d4:7f:02:4c:
5b:26:e1:8c:c8:4a:1e:6f:b9:b7:08:2c:e9:d4:e0:
1f:86:33:fd:98:d8:bd:c7:8d:1e:41:96:e6:ef:01:
f5:85:ea:a6:8e:ca:3b:44:3a:83:33:23:bf:ff:e9:
3b:e3:f3:34:42:b2:e0:7f:f7:39:b7:8c:ef:7c:3f:
7a:af:9c:ae:db:52:65:c4:e3:34:78:c9:86:a1:47:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5F:9B:0F:80:35:8F:DB:3A:AB:3D:25:53:9C:C8:EE:C9:04:C5:88
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tl-bD4A1j9s6qz0lU5zI7skExYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
09:31:25:29:3d:63:45:e9:8f:a7:1d:eb:ed:0f:8a:f3:2c:46:
fb:78:94:5e:72:a1:d8:5e:a6:65:88:d2:da:23:92:e4:78:ed:
b5:16:f7:99:a8:30:a9:f0:43:50:84:37:b9:70:ed:1e:49:4a:
be:52:65:58:f9:de:6c:04:d3:39:a6:90:d5:39:9f:4a:ce:ca:
aa:e0:d9:78:b8:9e:8f:eb:1d:db:96:3e:a6:4f:70:8c:3b:b5:
7e:3e:10:dd:b9:40:2d:cc:17:73:f8:80:08:28:02:de:57:8c:
db:e1:37:eb:6d:65:1a:7f:98:55:92:d8:48:c5:cb:d0:5e:87:
a2:2d:c9:54:c5:20:53:6e:47:e4:ab:68:b0:04:d4:a1:41:6e:
10:ba:5a:a6:db:13:b3:84:b0:e3:b8:79:b9:02:c3:b6:60:f9:
98:3a:65:c7:05:0b:dd:09:c5:1b:60:ff:4d:4f:da:6f:09:6f:
40:67:fe:b6:11:23:32:c9:df:3d:6e:c1:36:a3:f1:d1:e3:fc:
be:d1:d7:e2:85:dd:d1:fc:af:c6:d1:9e:47:81:38:7e:88:81:
f8:0e:f8:38:57:c2:e8:aa:b5:bd:79:05:6f:a1:35:a0:7f:3e:
7a:df:5d:ca:c4:1d:1a:59:3f:5c:2a:a4:53:c6:4f:a9:9b:2f:
c9:7c:02:ea
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGp2o/7nNo505Ep67/TZdrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMxMTkxMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjVmOWIwZjgwMzU4ZmRiM2FhYjNkMjU1MzljYzhlZWM5MDRjNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO61nJpAMP8bd6OL9ddiSmvdZsQt
RpnbeU/UYTO7MOx382IZCVrRBwOBNEqHctstGdR0GyWrHIQeZCvHrhOBcqjKUNvs
pCDUQfDNNtrXm4wSbKUIgV2ZO4UbWJdEHvNmL96uKIiPiMPsZ82P79YKXNAffRge
bdwutJoW9ICqr/IF0XK+LV6UWGb5b9eZYoS4fk4I0rvbl++2ZIA49ZAVFSMdTsvn
0KroGivqIVjQZdR/AkxbJuGMyEoeb7m3CCzp1OAfhjP9mNi9x40eQZbm7wH1heqm
jso7RDqDMyO//+k74/M0QrLgf/c5t4zvfD96r5yu21JlxOM0eMmGoUebbwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLZfmw+ANY/bOqs9JVOcyO7JBMWIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGwtYkQ0QTFqOXM2cXowbFU1ekk3c2tFeFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEACTElKT1jRemPpx3r7Q+K8yxG
+3iUXnKh2F6mZYjS2iOS5HjttRb3magwqfBDUIQ3uXDtHklKvlJlWPnebATTOaaQ
1TmfSs7KquDZeLiej+sd25Y+pk9wjDu1fj4Q3blALcwXc/iACCgC3leM2+E3621l
Gn+YVZLYSMXL0F6Hoi3JVMUgU25H5KtosATUoUFuELpaptsTs4Sw47h5uQLDtmD5
mDplxwUL3QnFG2D/TU/abwlvQGf+thEjMsnfPW7BNqPx0eP8vtHX4oXd0fyvxtGe
R4E4foiB+A74OFfC6Kq1vXkFb6E1oH8+et9dysQdGlk/XCqkU8ZPqZsvyXwC6g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:11 2025 by rpki-client