Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xG3b_WYKfiGppYae4t8SVocZ9Uc.roa
File: xG3b_WYKfiGppYae4t8SVocZ9Uc.roa (raw, json)
Hash identifier: yBLUDJw9P5AXW9Jy7LNMFe8A+J9B6EWfnOosvLU6q3M=
Subject key identifier: C4:6D:DB:FD:66:0A:7E:21:A9:A5:86:9E:E2:DF:12:56:87:19:F5:47
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019116004F7FAC3F397AAE34CF2341FC95DE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xG3b_WYKfiGppYae4t8SVocZ9Uc.roa
Signing time: Sat 03 Aug 2024 02:10:04 +0000
ROA not before: Sat 03 Aug 2024 02:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:16:00:4f:7f:ac:3f:39:7a:ae:34:cf:23:41:fc:95:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 3 02:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c46ddbfd660a7e21a9a5869ee2df12568719f547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:91:3f:c1:0b:ad:de:1a:0f:99:40:64:73:
6b:67:1e:fb:02:18:21:20:ce:d5:62:8d:08:a8:9d:
63:cd:89:71:ae:45:cb:51:60:d0:0e:37:66:9a:8c:
a2:31:8f:3c:75:86:8d:f9:47:19:49:de:ad:84:85:
90:f0:6d:b8:44:87:4b:c8:1e:fb:29:8f:25:84:0a:
ed:b1:ef:53:ed:f4:cd:57:67:ec:0e:0c:ce:5c:84:
f7:7a:f0:1e:c1:87:bf:35:d7:13:f7:f7:e9:31:4f:
04:7f:04:9f:32:db:e3:78:ac:47:05:91:73:27:d1:
20:20:54:4a:e8:95:72:b0:d2:13:94:31:af:ae:2c:
31:eb:13:7e:1e:20:b3:2d:f3:3e:c1:e7:1f:c8:90:
b5:48:fa:51:c1:e7:3d:b8:03:d7:1d:9e:3f:31:b5:
c7:62:90:99:68:3b:e4:1f:0b:da:25:31:9b:8c:bf:
a0:39:06:a6:9a:db:56:f2:44:25:63:b2:42:6c:b6:
05:12:6a:b1:11:31:35:0b:56:c1:91:0b:41:d5:a8:
60:99:18:95:88:10:2a:fa:f5:c4:02:54:c0:5e:87:
96:0c:d4:51:92:64:ec:e2:29:34:37:17:13:37:44:
fc:18:2d:6f:1d:4b:e5:55:88:2c:f9:9a:62:b7:eb:
02:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6D:DB:FD:66:0A:7E:21:A9:A5:86:9E:E2:DF:12:56:87:19:F5:47
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xG3b_WYKfiGppYae4t8SVocZ9Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
6d:0c:3f:22:6a:85:28:5f:3d:33:24:03:0a:04:56:17:61:b3:
5d:ca:1a:6a:4a:ba:56:45:98:34:ee:07:85:fb:13:b3:c8:ee:
3b:9a:0b:ef:1b:53:f6:d1:46:35:74:aa:d0:0b:0a:f3:f5:3e:
6c:dc:f9:cd:65:d4:36:d7:cc:b6:a2:b4:5d:1e:22:64:b6:16:
a1:12:ef:75:9a:db:bd:b3:e2:17:1a:77:49:b6:fd:3a:52:ed:
0b:fa:2b:47:66:aa:80:6d:8b:00:cc:1d:59:dd:07:58:90:4b:
e4:83:75:d2:74:f8:75:fb:7a:c6:86:ee:f9:a7:b7:fe:d8:ad:
44:1a:05:8e:55:f0:34:22:db:10:3b:a4:2a:4b:ca:44:0c:79:
ee:8a:7c:38:fe:a7:4b:db:25:a4:41:35:43:70:c2:da:49:7c:
43:3d:da:33:8d:f2:b2:73:23:8e:0f:63:d4:6f:f8:a2:00:de:
67:d1:17:2f:23:6d:cf:22:b1:30:26:e0:6c:2a:20:fb:d5:71:
15:4a:9c:76:90:6f:c8:28:e9:f5:f6:ed:bf:10:5f:08:fe:ed:
ca:67:76:21:36:ce:52:07:9f:3f:bd:c1:05:f3:03:18:a6:5f:
b1:0f:58:25:4e:40:d4:04:c1:94:96:a8:a6:82:5c:5a:08:41:
d5:23:00:ee
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEWAE9/rD85eq40zyNB/JXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAzMDIxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZkZGJmZDY2MGE3ZTIxYTlhNTg2OWVlMmRmMTI1Njg3MTlmNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7GRP8ELrd4aD5lAZHNrZx77Ahgh
IM7VYo0IqJ1jzYlxrkXLUWDQDjdmmoyiMY88dYaN+UcZSd6thIWQ8G24RIdLyB77
KY8lhArtse9T7fTNV2fsDgzOXIT3evAewYe/NdcT9/fpMU8EfwSfMtvjeKxHBZFz
J9EgIFRK6JVysNITlDGvriwx6xN+HiCzLfM+wecfyJC1SPpRwec9uAPXHZ4/MbXH
YpCZaDvkHwvaJTGbjL+gOQammttW8kQlY7JCbLYFEmqxETE1C1bBkQtB1ahgmRiV
iBAq+vXEAlTAXoeWDNRRkmTs4ik0NxcTN0T8GC1vHUvlVYgs+Zpit+sCBwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMRt2/1mCn4hqaWGnuLfElaHGfVHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveEczYl9XWUtmaUdwcFlhZTR0OFNWb2NaOVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAbQw/ImqFKF89MyQDCgRWF2Gz
Xcoaakq6VkWYNO4HhfsTs8juO5oL7xtT9tFGNXSq0AsK8/U+bNz5zWXUNtfMtqK0
XR4iZLYWoRLvdZrbvbPiFxp3Sbb9OlLtC/orR2aqgG2LAMwdWd0HWJBL5IN10nT4
dft6xobu+ae3/titRBoFjlXwNCLbEDukKkvKRAx57op8OP6nS9slpEE1Q3DC2kl8
Qz3aM43ysnMjjg9j1G/4ogDeZ9EXLyNtzyKxMCbgbCog+9VxFUqcdpBvyCjp9fbt
vxBfCP7tymd2ITbOUgefP73BBfMDGKZfsQ9YJU5A1ATBlJaopoJcWghB1SMA7g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:28 2025 by rpki-client