Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uF8EUIXDpuuFv-FJJ39O3Su8iVY.roa
File: uF8EUIXDpuuFv-FJJ39O3Su8iVY.roa (raw, json)
Hash identifier: l3T11Qlr5loU8FTu15fhF/tL/saBfEZQebIc0OIcDKY=
Subject key identifier: B8:5F:04:50:85:C3:A6:EB:85:BF:E1:49:27:7F:4E:DD:2B:BC:89:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01913CD65377BF07A929A6132716CF81CBBF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uF8EUIXDpuuFv-FJJ39O3Su8iVY.roa
Signing time: Sat 10 Aug 2024 15:09:24 +0000
ROA not before: Sat 10 Aug 2024 15:09:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:d6:53:77:bf:07:a9:29:a6:13:27:16:cf:81:cb:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 10 15:09:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85f045085c3a6eb85bfe149277f4edd2bbc8956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d4:02:7c:f8:6f:15:71:e0:10:13:c3:57:68:
6d:38:ae:05:9a:0b:83:40:3e:28:9a:50:54:7c:d8:
3a:50:bd:6b:7d:0a:ba:18:fa:7e:64:46:fa:80:7f:
35:e3:92:96:f3:8c:c6:68:54:67:63:7b:1e:6b:f6:
84:22:8c:db:b2:51:fb:f5:26:ae:c2:d8:69:93:5d:
1f:2d:47:fa:96:d8:c3:cb:f2:3a:16:38:63:f1:87:
5b:d0:d5:fe:af:fe:06:ea:f8:03:36:b8:59:c4:c6:
85:62:c8:8e:b8:ef:5c:20:e9:15:31:ec:79:cf:fa:
fb:cb:21:29:1b:ca:b8:d9:90:c4:f6:0d:06:41:32:
c0:ee:02:9f:2d:55:7a:f9:6c:80:4a:a0:67:37:80:
cb:a7:0d:37:e7:1e:c8:b7:12:66:b3:a1:6b:8f:96:
93:8d:19:d2:4e:7c:72:c8:e7:b5:41:0a:a8:c6:c8:
60:9e:2c:43:f3:79:11:d6:15:5c:ca:99:d2:ba:7c:
db:4c:b5:37:4f:4c:28:8d:5e:5a:bb:31:2a:59:64:
06:7c:3d:31:b5:53:07:84:c8:79:92:32:03:38:d4:
da:eb:f2:ee:d0:6e:da:f1:22:20:bd:2b:e6:15:27:
a0:80:24:28:de:4a:b4:93:91:3f:9c:df:c8:a5:ec:
1f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5F:04:50:85:C3:A6:EB:85:BF:E1:49:27:7F:4E:DD:2B:BC:89:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uF8EUIXDpuuFv-FJJ39O3Su8iVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5b:77:19:a9:60:69:9a:0e:52:7e:0e:ed:fb:02:b6:ef:c8:5e:
98:10:29:2a:02:ca:47:66:66:6e:ec:59:37:7d:c3:14:dc:d5:
89:c8:ac:b2:0a:92:c1:f2:84:f7:7e:55:08:57:ef:f8:a1:c3:
8d:15:3a:26:f8:a6:f1:63:da:fb:72:10:76:43:7b:3a:71:0b:
04:88:86:f0:58:4c:2d:67:3d:46:14:e7:00:2f:79:d1:23:2c:
2b:62:12:a0:fc:2d:8a:d7:6a:f6:31:88:18:a0:20:1e:53:55:
4d:18:ea:71:50:98:f1:5a:1d:a4:2c:96:95:a8:e9:24:28:d0:
f5:85:c1:49:a9:2f:96:3c:03:2f:0a:0d:e8:27:ef:7f:c0:01:
32:55:e5:6f:0f:46:e3:42:51:7f:a1:4a:03:f2:4e:a2:2e:4e:
46:11:cb:cb:10:02:96:cf:3d:36:5d:cd:19:a8:fe:a0:10:ff:
a5:ee:01:3b:60:d8:0f:87:ec:a9:04:24:4d:73:4d:e4:4c:fd:
9a:6f:10:bb:6c:3c:a0:ba:96:b5:ec:1d:82:4b:11:81:2e:9b:
99:c0:24:94:c3:b5:a1:77:67:2d:14:07:0e:fa:1e:76:8d:4b:
ee:6e:9a:a1:9f:11:0b:c3:ec:e6:60:c7:fa:c2:7b:b0:76:02:
76:64:22:1c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZE81lN3vwepKaYTJxbPgcu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEwMTUwOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVmMDQ1MDg1YzNhNmViODViZmUxNDkyNzdmNGVkZDJiYmM4OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntQCfPhvFXHgEBPDV2htOK4FmguD
QD4omlBUfNg6UL1rfQq6GPp+ZEb6gH8145KW84zGaFRnY3sea/aEIozbslH79Sau
wthpk10fLUf6ltjDy/I6Fjhj8Ydb0NX+r/4G6vgDNrhZxMaFYsiOuO9cIOkVMex5
z/r7yyEpG8q42ZDE9g0GQTLA7gKfLVV6+WyASqBnN4DLpw035x7ItxJms6Frj5aT
jRnSTnxyyOe1QQqoxshgnixD83kR1hVcypnSunzbTLU3T0wojV5auzEqWWQGfD0x
tVMHhMh5kjIDONTa6/Lu0G7a8SIgvSvmFSeggCQo3kq0k5E/nN/IpewfgwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLhfBFCFw6brhb/hSSd/Tt0rvIlWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdUY4RVVJWERwdXVGdi1GSkozOU8zU3U4aVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAW3cZqWBpmg5Sfg7t+wK278he
mBApKgLKR2ZmbuxZN33DFNzVicissgqSwfKE935VCFfv+KHDjRU6Jvim8WPa+3IQ
dkN7OnELBIiG8FhMLWc9RhTnAC950SMsK2ISoPwtitdq9jGIGKAgHlNVTRjqcVCY
8VodpCyWlajpJCjQ9YXBSakvljwDLwoN6Cfvf8ABMlXlbw9G40JRf6FKA/JOoi5O
RhHLyxACls89Nl3NGaj+oBD/pe4BO2DYD4fsqQQkTXNN5Ez9mm8Qu2w8oLqWtewd
gksRgS6bmcAklMO1oXdnLRQHDvoedo1L7m6aoZ8RC8Ps5mDH+sJ7sHYCdmQiHA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:35 2025 by rpki-client