Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/umRXXBGSM3pAc7p2UG_EM0YfMAc.roa
File: umRXXBGSM3pAc7p2UG_EM0YfMAc.roa (raw, json)
Hash identifier: VamwctbyAWIQQnfVj3d3+DUyj5NYKxjU2sP4vkskr2Y=
Subject key identifier: BA:64:57:5C:11:92:33:7A:40:73:BA:76:50:6F:C4:33:46:1F:30:07
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194CA32AF3B974B69C55D24EDE4B2609EE6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/umRXXBGSM3pAc7p2UG_EM0YfMAc.roa
Signing time: Mon 03 Feb 2025 05:05:06 +0000
ROA not before: Mon 03 Feb 2025 05:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:ca31:f560/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:32:af:3b:97:4b:69:c5:5d:24:ed:e4:b2:60:9e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 3 05:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba64575c1192337a4073ba76506fc433461f3007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:c8:3c:7f:1e:ce:53:25:7f:dd:3a:c1:92:
ff:19:21:f2:f0:42:9c:2c:47:e7:f5:98:4b:90:4f:
8d:48:9c:5c:69:ac:c5:87:98:08:40:c4:e4:31:75:
7a:50:35:36:25:6a:f9:a0:ff:47:c5:7a:04:4b:48:
cd:26:8e:ac:49:0f:8a:bd:4b:38:a5:25:ed:7d:87:
48:d5:04:f5:0a:a2:7b:03:20:13:98:00:c7:64:9d:
5d:bb:0a:0e:cd:a7:de:76:c4:eb:dc:42:d7:cd:c3:
15:08:7d:d0:f0:f8:ab:e0:22:9a:82:e0:68:35:b4:
e2:c7:4a:92:a5:1d:db:79:90:5e:bd:f0:98:8d:81:
66:77:41:17:da:a0:b4:42:c7:87:1c:5e:cf:f6:79:
20:80:37:a9:f5:ce:e3:a1:99:63:29:7b:4e:a8:c1:
5c:2b:53:13:74:6b:95:41:12:d3:5b:60:2a:12:d6:
9b:98:80:b9:f2:3f:58:5b:60:67:e3:36:ae:eb:d7:
3f:0e:fd:79:75:71:9c:97:12:86:ed:1b:cb:ed:2d:
ad:e0:1d:29:41:ce:dc:3b:44:2c:10:b7:a0:40:eb:
bf:e4:ba:f4:ae:bb:76:28:e7:10:62:da:52:8e:e6:
41:d8:ce:4a:2d:8c:dc:01:49:5d:84:64:89:f1:22:
c8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:64:57:5C:11:92:33:7A:40:73:BA:76:50:6F:C4:33:46:1F:30:07
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/umRXXBGSM3pAc7p2UG_EM0YfMAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:ca31:f560/128
Signature Algorithm: sha256WithRSAEncryption
96:db:dd:b9:11:d0:55:86:ac:3d:32:c2:47:42:20:95:4c:b5:
a2:29:d7:86:7f:86:06:32:73:e3:18:56:88:71:56:d8:63:1d:
f3:d7:25:39:04:24:ec:fa:19:94:21:77:5f:f0:d6:2e:8e:7b:
a6:f1:f9:f1:68:49:85:51:70:72:e3:bf:4f:c0:b1:43:ee:4e:
7e:ca:9d:90:1e:d3:83:af:1e:8c:c6:35:ae:00:ec:fa:48:cc:
74:c7:cb:5a:a8:8d:97:c3:15:39:3c:bc:f4:83:3c:45:5c:3b:
c6:40:e0:4e:cd:6f:da:17:9a:96:4b:27:7e:4d:52:21:50:90:
c7:24:bc:9b:01:fc:1a:a3:2a:48:ee:20:87:e7:78:72:a1:1d:
fd:b3:75:67:4d:90:c9:fa:b2:4c:ab:bb:8c:40:53:e9:e0:4a:
19:ef:d0:26:c2:20:8f:7b:bd:10:eb:bb:c5:3c:db:54:f3:06:
4c:29:1f:b8:52:ac:8a:30:f2:09:a1:6e:10:a5:66:b1:18:c1:
38:b6:8e:a2:6e:43:5a:e3:85:48:37:34:74:71:3c:05:56:ab:
e1:8c:7d:1b:eb:da:87:de:4c:25:a3:19:f3:f3:ad:b5:1a:9c:
a3:4f:8e:9f:a8:6a:00:50:2c:8f:1c:c3:01:52:52:c5:3f:6c:
77:f1:db:45
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZTKMq87l0tpxV0k7eSyYJ7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjAzMDUwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTY0NTc1YzExOTIzMzdhNDA3M2JhNzY1MDZmYzQzMzQ2MWYzMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7XIPH8ezlMlf906wZL/GSHy8EKc
LEfn9ZhLkE+NSJxcaazFh5gIQMTkMXV6UDU2JWr5oP9HxXoES0jNJo6sSQ+KvUs4
pSXtfYdI1QT1CqJ7AyATmADHZJ1duwoOzafedsTr3ELXzcMVCH3Q8Pir4CKaguBo
NbTix0qSpR3beZBevfCYjYFmd0EX2qC0QseHHF7P9nkggDep9c7joZljKXtOqMFc
K1MTdGuVQRLTW2AqEtabmIC58j9YW2Bn4zau69c/Dv15dXGclxKG7RvL7S2t4B0p
Qc7cO0QsELegQOu/5Lr0rrt2KOcQYtpSjuZB2M5KLYzcAUldhGSJ8SLIAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLpkV1wRkjN6QHO6dlBvxDNGHzAHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdW1SWFhCR1NNM3BBYzdwMlVHX0VNMFlmTUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUyjH1YDANBgkqhkiG9w0BAQsFAAOCAQEAltvduRHQVYasPTLCR0IglUy1
oinXhn+GBjJz4xhWiHFW2GMd89clOQQk7PoZlCF3X/DWLo57pvH58WhJhVFwcuO/
T8CxQ+5OfsqdkB7Tg68ejMY1rgDs+kjMdMfLWqiNl8MVOTy89IM8RVw7xkDgTs1v
2healksnfk1SIVCQxyS8mwH8GqMqSO4gh+d4cqEd/bN1Z02QyfqyTKu7jEBT6eBK
Ge/QJsIgj3u9EOu7xTzbVPMGTCkfuFKsijDyCaFuEKVmsRjBOLaOom5DWuOFSDc0
dHE8BVar4Yx9G+vah95MJaMZ8/OttRqco0+On6hqAFAsjxzDAVJSxT9sd/HbRQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:19:21 2025 by rpki-client