Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uIiYitINSHMMdyucTvl25aQxETo.roa
File: uIiYitINSHMMdyucTvl25aQxETo.roa (raw, json)
Hash identifier: CrYrIB3k4YRi7GfxYN613a/6y99tgT51w1nH6qgMGjk=
Subject key identifier: B8:88:98:8A:D2:0D:48:73:0C:77:2B:9C:4E:F9:76:E5:A4:31:11:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C7095AEF65EC45EEB4AA28ED42676CEA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uIiYitINSHMMdyucTvl25aQxETo.roa
Signing time: Fri 06 Sep 2024 11:12:44 +0000
ROA not before: Fri 06 Sep 2024 11:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:09:5a:ef:65:ec:45:ee:b4:aa:28:ed:42:67:6c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 6 11:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b888988ad20d48730c772b9c4ef976e5a431113a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a4:54:41:e8:01:c0:d3:10:6d:78:3e:5d:6a:
5d:92:b0:d5:6f:7a:94:b4:b5:bc:e6:e5:7c:8c:ef:
d6:d2:2d:6f:7c:46:93:ed:fd:f5:67:61:13:41:93:
4b:6c:be:42:7f:7f:8f:40:f5:f7:a6:ea:e2:42:2e:
b2:8c:3c:05:b6:46:e3:7f:0d:ff:30:8a:41:ba:3e:
0c:4a:de:66:d2:24:c6:58:98:22:0b:72:95:e5:3d:
fa:ae:dd:26:89:d2:75:f1:d2:e9:9e:23:43:8c:d8:
f5:c6:e5:02:74:4d:5b:ff:93:dc:06:4a:14:45:39:
15:09:a9:c8:99:36:96:0e:f2:7a:c0:12:57:a3:0b:
49:1e:c8:10:9f:e8:2c:39:81:70:a5:3c:85:6b:dd:
54:ea:6a:3b:2c:f2:ec:37:79:8a:35:38:26:36:60:
24:06:57:79:b8:0c:8a:0a:70:22:d1:a3:01:fa:6c:
1b:a5:0d:c1:93:89:8e:1a:a1:50:f0:77:6b:ea:84:
5a:00:c6:ef:77:90:6b:0a:eb:f1:31:b9:29:75:17:
2b:2b:2e:89:28:c6:02:9b:f1:5b:84:69:ea:27:48:
80:b9:8e:86:4f:e9:43:2c:d2:c5:be:20:d2:10:82:
55:2a:ed:b7:96:11:ce:f6:c9:13:2f:9c:2f:1a:0f:
8c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:88:98:8A:D2:0D:48:73:0C:77:2B:9C:4E:F9:76:E5:A4:31:11:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uIiYitINSHMMdyucTvl25aQxETo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
4f:73:7c:95:1a:12:5d:ac:7a:59:6b:43:03:f0:d3:7c:68:c9:
59:05:15:94:cf:7a:75:8a:15:30:2f:40:a2:19:f4:a5:9c:19:
dc:41:dd:ce:15:ab:ec:c7:ba:63:53:da:66:32:16:64:f0:72:
1c:69:41:10:df:50:e5:c5:a3:00:1a:6a:b7:5d:c8:ef:95:76:
67:4b:23:06:95:ba:04:f9:ab:b7:97:ad:7d:e9:da:71:16:10:
4d:df:be:b5:6b:c1:f5:db:36:a9:9e:59:15:10:ca:73:ec:ae:
20:8d:b2:37:26:fa:94:f8:9d:ed:ca:a4:0b:d4:50:59:97:da:
23:00:fe:ab:58:1e:94:dd:52:ea:cd:2f:83:07:4e:10:8a:26:
37:e0:3c:68:d2:4c:70:4b:14:91:5f:1a:8f:43:62:ae:db:87:
36:e7:a8:07:73:f8:ac:22:be:a4:a3:bb:4a:0a:99:bb:c1:6b:
dc:4b:a5:bb:f8:0b:01:ea:4f:55:2e:66:2c:ad:4d:b3:aa:88:
04:4e:dc:f4:9a:58:f2:b3:59:74:51:f9:21:b8:7f:d9:c7:32:
95:1a:27:0c:24:a4:03:af:66:91:42:ad:83:ec:2e:78:28:15:
99:86:8c:22:fe:ac:bb:d2:c4:cc:0f:e4:15:98:f6:1b:11:45:
53:01:67:92
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHHCVrvZexF7rSqKO1CZ2zqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA2MTExMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg4OTg4YWQyMGQ0ODczMGM3NzJiOWM0ZWY5NzZlNWE0MzExMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKRUQegBwNMQbXg+XWpdkrDVb3qU
tLW85uV8jO/W0i1vfEaT7f31Z2ETQZNLbL5Cf3+PQPX3puriQi6yjDwFtkbjfw3/
MIpBuj4MSt5m0iTGWJgiC3KV5T36rt0midJ18dLpniNDjNj1xuUCdE1b/5PcBkoU
RTkVCanImTaWDvJ6wBJXowtJHsgQn+gsOYFwpTyFa91U6mo7LPLsN3mKNTgmNmAk
Bld5uAyKCnAi0aMB+mwbpQ3Bk4mOGqFQ8Hdr6oRaAMbvd5BrCuvxMbkpdRcrKy6J
KMYCm/FbhGnqJ0iAuY6GT+lDLNLFviDSEIJVKu23lhHO9skTL5wvGg+McQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLiImIrSDUhzDHcrnE75duWkMRE6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdUlpWWl0SU5TSE1NZHl1Y1R2bDI1YVF4RVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAT3N8lRoSXax6WWtDA/DTfGjJ
WQUVlM96dYoVMC9Aohn0pZwZ3EHdzhWr7Me6Y1PaZjIWZPByHGlBEN9Q5cWjABpq
t13I75V2Z0sjBpW6BPmrt5etfenacRYQTd++tWvB9ds2qZ5ZFRDKc+yuII2yNyb6
lPid7cqkC9RQWZfaIwD+q1gelN1S6s0vgwdOEIomN+A8aNJMcEsUkV8aj0NirtuH
NueoB3P4rCK+pKO7SgqZu8Fr3Eulu/gLAepPVS5mLK1Ns6qIBE7c9JpY8rNZdFH5
Ibh/2ccylRonDCSkA69mkUKtg+wueCgVmYaMIv6su9LEzA/kFZj2GxFFUwFnkg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:51 2025 by rpki-client