Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wHZT4myyoSN-Y9_IU7tBG3WrwYw.roa
File: wHZT4myyoSN-Y9_IU7tBG3WrwYw.roa (raw, json)
Hash identifier: eZ5o0Wd25ZIYQLG3vnPvv7I2WfUokrIXteJRl5yQ744=
Subject key identifier: C0:76:53:E2:6C:B2:A1:23:7E:63:DF:C8:53:BB:41:1B:75:AB:C1:8C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A590054B9EED84D85A7FC916E4563C56
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wHZT4myyoSN-Y9_IU7tBG3WrwYw.roa
Signing time: Fri 30 Aug 2024 23:12:44 +0000
ROA not before: Fri 30 Aug 2024 23:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a5:90:05:4b:9e:ed:84:d8:5a:7f:c9:16:e4:56:3c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 23:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c07653e26cb2a1237e63dfc853bb411b75abc18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7c:f9:7a:cb:89:be:68:b2:bf:2f:6b:97:ce:
53:50:1c:e3:d1:01:48:fa:85:b1:c7:3e:46:b7:99:
20:96:cf:7d:ce:60:35:82:63:b7:c1:a7:3f:82:4e:
58:5c:58:2f:d7:e1:f0:c2:3a:a1:ea:74:4e:f5:5b:
64:45:37:e5:c2:ae:02:ba:2c:f3:e7:35:34:22:f2:
75:fb:c6:0d:17:8d:69:b8:b9:61:46:a7:6e:24:18:
32:f5:1b:40:2a:38:2b:b1:fe:ff:a3:3b:07:e4:59:
e3:8d:56:a7:5c:37:a6:98:12:65:fb:ae:08:8d:04:
46:4c:ca:33:2f:85:c0:1a:78:50:45:12:bb:9a:4b:
11:50:3a:fa:fd:e0:87:5f:fe:1f:d4:84:57:92:b3:
2c:0c:af:dd:6a:fa:e3:d2:3d:32:2c:e0:d0:6d:ff:
eb:2d:ea:b6:0f:8b:2c:54:76:72:9f:43:63:3d:95:
6e:5b:46:77:e7:c4:a5:c7:bc:40:ed:91:41:61:a3:
df:09:90:05:be:4f:3f:09:33:30:95:ba:8e:ff:e1:
7d:33:a1:6f:59:04:50:7b:b2:69:50:8c:b3:67:dd:
28:2d:35:d5:36:21:ae:9d:b2:a0:68:a5:6f:e5:ac:
be:f7:de:3f:fc:12:61:c0:01:01:25:a3:dd:aa:0a:
56:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:76:53:E2:6C:B2:A1:23:7E:63:DF:C8:53:BB:41:1B:75:AB:C1:8C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/wHZT4myyoSN-Y9_IU7tBG3WrwYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8a:45:a4:ab:68:0f:ca:e7:dd:6f:a4:1c:71:5b:af:5e:6b:24:
53:31:7a:ec:a0:ea:38:25:51:41:64:92:26:f1:30:05:97:62:
9e:1b:96:39:ce:b5:6e:27:62:6c:d1:94:47:c2:4d:76:09:81:
86:ac:c3:b6:2d:a6:76:40:c9:03:38:fb:87:4b:34:db:6d:29:
13:6a:a0:6e:39:55:33:dd:af:01:fa:38:c1:eb:a5:e5:d0:05:
41:8c:57:94:62:dc:a9:6b:db:43:73:06:16:02:49:cf:81:7c:
bc:ed:f6:ad:10:82:92:7a:3e:d6:7d:45:0c:fe:65:d6:45:0b:
fe:ae:e1:86:01:c0:80:c0:8e:34:f0:90:95:2b:3f:ea:b6:36:
d6:68:ce:b8:cc:00:fa:55:c7:7b:7a:23:67:99:d1:fc:ab:e5:
20:02:77:f8:22:b7:6f:dc:56:7a:24:18:78:2e:ae:28:ae:67:
e1:3d:d2:42:4a:f2:d3:74:60:f1:0d:41:b1:95:27:32:63:8c:
57:3b:a9:0f:9d:b3:ac:af:6f:27:c6:34:3d:f7:c4:fe:6a:de:
c7:8d:1d:ee:f9:ee:8d:3b:37:1a:48:a7:a6:f3:3e:76:5c:ca:
81:36:e3:82:4a:c3:1a:ef:8a:ee:c3:26:7a:97:58:de:9e:d7:
12:87:7d:23
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGlkAVLnu2E2Fp/yRbkVjxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMjMxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDc2NTNlMjZjYjJhMTIzN2U2M2RmYzg1M2JiNDExYjc1YWJjMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHz5esuJvmiyvy9rl85TUBzj0QFI
+oWxxz5Gt5kgls99zmA1gmO3wac/gk5YXFgv1+Hwwjqh6nRO9VtkRTflwq4Cuizz
5zU0IvJ1+8YNF41puLlhRqduJBgy9RtAKjgrsf7/ozsH5FnjjVanXDemmBJl+64I
jQRGTMozL4XAGnhQRRK7mksRUDr6/eCHX/4f1IRXkrMsDK/davrj0j0yLODQbf/r
Leq2D4ssVHZyn0NjPZVuW0Z358Slx7xA7ZFBYaPfCZAFvk8/CTMwlbqO/+F9M6Fv
WQRQe7JpUIyzZ90oLTXVNiGunbKgaKVv5ay+994//BJhwAEBJaPdqgpWRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMB2U+JssqEjfmPfyFO7QRt1q8GMMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvd0haVDRteXlvU04tWTlfSVU3dEJHM1dyd1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAikWkq2gPyufdb6QccVuvXmsk
UzF67KDqOCVRQWSSJvEwBZdinhuWOc61bidibNGUR8JNdgmBhqzDti2mdkDJAzj7
h0s0220pE2qgbjlVM92vAfo4weul5dAFQYxXlGLcqWvbQ3MGFgJJz4F8vO32rRCC
kno+1n1FDP5l1kUL/q7hhgHAgMCONPCQlSs/6rY21mjOuMwA+lXHe3ojZ5nR/Kvl
IAJ3+CK3b9xWeiQYeC6uKK5n4T3SQkry03Rg8Q1BsZUnMmOMVzupD52zrK9vJ8Y0
PffE/mrex40d7vnujTs3GkinpvM+dlzKgTbjgkrDGu+K7sMmepdY3p7XEod9Iw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:35 2025 by rpki-client