Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uRFKFwIolDPC3-k1tJ8rleQAiZY.roa
File: uRFKFwIolDPC3-k1tJ8rleQAiZY.roa (raw, json)
Hash identifier: tEZ5fh/YEnWU2+TjM/Ca8xRCqdOUpdcV+2KOE3StaKk=
Subject key identifier: B9:11:4A:17:02:28:94:33:C2:DF:E9:35:B4:9F:2B:95:E4:00:89:96
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0193B78A6C4E4296CA84D0C219AE54412FC8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uRFKFwIolDPC3-k1tJ8rleQAiZY.roa
Signing time: Wed 11 Dec 2024 21:05:22 +0000
ROA not before: Wed 11 Dec 2024 21:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:b789:8e4e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b7:8a:6c:4e:42:96:ca:84:d0:c2:19:ae:54:41:2f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Dec 11 21:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9114a1702289433c2dfe935b49f2b95e4008996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:8b:d2:22:43:bc:aa:33:46:45:7c:0c:79:ae:
97:f6:d6:80:8e:f9:24:93:5a:5b:8a:f4:77:4f:76:
96:cd:0e:0d:58:25:f7:9c:0b:66:77:9f:4c:db:bb:
ec:5e:ec:86:90:76:b9:7e:33:e2:25:1c:eb:43:4e:
7d:b3:5c:f7:3f:9a:42:10:e1:3b:92:e0:54:3b:55:
0a:0e:98:23:65:8f:4a:cb:49:34:40:a7:ab:31:8c:
13:17:07:d6:90:2f:83:aa:78:e0:39:06:a3:0d:52:
ea:fb:60:af:71:a5:51:06:21:15:45:45:5a:22:56:
ef:46:73:45:0e:88:97:64:48:e1:5c:4d:b6:69:82:
33:66:a8:f4:66:37:33:69:31:9f:72:78:96:0c:d2:
8b:ca:9c:39:25:10:96:56:32:c9:cb:dd:00:3e:22:
25:d2:b4:6a:82:f2:95:9c:26:85:0d:8a:43:81:08:
e3:c7:b7:ce:e8:09:bb:c3:ae:46:4d:12:52:62:41:
6b:58:a0:f3:da:74:49:49:54:e2:7e:7c:07:64:85:
e6:9a:85:30:fd:c1:7a:a7:f6:d3:15:78:70:0f:19:
59:72:5d:0e:95:c6:df:d2:05:28:98:9a:1b:25:b8:
41:9f:59:88:f0:83:de:18:30:fa:1f:d5:b7:bd:76:
29:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:11:4A:17:02:28:94:33:C2:DF:E9:35:B4:9F:2B:95:E4:00:89:96
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uRFKFwIolDPC3-k1tJ8rleQAiZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:b789:8e4e/128
Signature Algorithm: sha256WithRSAEncryption
55:33:87:77:3c:2e:17:9e:ac:7c:f0:8c:95:76:e8:e7:0d:66:
d1:5b:76:e7:46:18:e9:5d:40:5f:d0:20:ae:08:ab:40:95:12:
59:fe:c0:13:00:d8:fb:f2:e5:88:94:5d:78:c2:17:4c:6b:84:
ec:65:f3:8a:8b:44:50:72:ee:b7:b3:d6:f3:76:7b:b5:55:83:
0c:15:a3:93:df:aa:7f:8e:e4:14:48:ff:a1:50:d4:33:37:5f:
86:e8:16:9c:d4:b8:97:1c:9a:a0:b9:b8:10:70:75:b0:c8:ff:
f8:ba:b5:d5:08:0f:48:84:73:19:e2:4a:ed:d5:ea:ba:da:26:
4b:2d:ab:3c:78:e1:aa:d7:bb:79:ea:8d:19:92:07:25:a7:b8:
ad:83:e3:58:ca:bf:6d:c1:6f:fe:a5:6a:90:10:40:d7:8f:10:
cf:5c:d6:45:c3:1e:cc:5b:10:6c:3f:cc:d1:d4:02:c4:54:11:
9e:c1:89:41:d5:2b:4b:1b:a9:f2:f3:36:81:02:c9:11:2a:1c:
08:f9:bf:e0:75:c1:9f:f2:19:14:c0:34:71:38:57:2e:b6:93:
18:68:35:ba:2c:6a:8c:0b:cd:12:7e:56:9f:fc:ec:e5:8f:c0:
e1:56:11:8c:87:f6:8d:ec:96:80:b9:04:71:f7:17:dc:5a:6d:
63:ec:02:6f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZO3imxOQpbKhNDCGa5UQS/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMjExMjEwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTExNGExNzAyMjg5NDMzYzJkZmU5MzViNDlmMmI5NWU0MDA4OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YvSIkO8qjNGRXwMea6X9taAjvkk
k1pbivR3T3aWzQ4NWCX3nAtmd59M27vsXuyGkHa5fjPiJRzrQ059s1z3P5pCEOE7
kuBUO1UKDpgjZY9Ky0k0QKerMYwTFwfWkC+DqnjgOQajDVLq+2CvcaVRBiEVRUVa
IlbvRnNFDoiXZEjhXE22aYIzZqj0ZjczaTGfcniWDNKLypw5JRCWVjLJy90APiIl
0rRqgvKVnCaFDYpDgQjjx7fO6Am7w65GTRJSYkFrWKDz2nRJSVTifnwHZIXmmoUw
/cF6p/bTFXhwDxlZcl0Olcbf0gUomJobJbhBn1mI8IPeGDD6H9W3vXYpjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLkRShcCKJQzwt/pNbSfK5XkAImWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdVJGS0Z3SW9sRFBDMy1rMXRKOHJsZVFBaVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTt4mOTjANBgkqhkiG9w0BAQsFAAOCAQEAVTOHdzwuF56sfPCMlXbo5w1m
0Vt250YY6V1AX9AgrgirQJUSWf7AEwDY+/LliJRdeMIXTGuE7GXziotEUHLut7PW
83Z7tVWDDBWjk9+qf47kFEj/oVDUMzdfhugWnNS4lxyaoLm4EHB1sMj/+Lq11QgP
SIRzGeJK7dXqutomSy2rPHjhqte7eeqNGZIHJae4rYPjWMq/bcFv/qVqkBBA148Q
z1zWRcMezFsQbD/M0dQCxFQRnsGJQdUrSxup8vM2gQLJESocCPm/4HXBn/IZFMA0
cThXLraTGGg1uixqjAvNEn5Wn/zs5Y/A4VYRjIf2jeyWgLkEcfcX3FptY+wCbw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:17:25 2025 by rpki-client