Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yQ9cUhVgotD3gudnMnwyS2ajXlw.roa
File: yQ9cUhVgotD3gudnMnwyS2ajXlw.roa (raw, json)
Hash identifier: nY2ZcoY2LDLPkgge05z0TPo5rl79aerjhF48Ej8V9HI=
Subject key identifier: C9:0F:5C:52:15:60:A2:D0:F7:82:E7:67:32:7C:32:4B:66:A3:5E:5C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0192FDEE3B67A70C84BD89E541CB109F8B34
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yQ9cUhVgotD3gudnMnwyS2ajXlw.roa
Signing time: Tue 05 Nov 2024 20:05:01 +0000
ROA not before: Tue 05 Nov 2024 20:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:fded:9fd3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:ee:3b:67:a7:0c:84:bd:89:e5:41:cb:10:9f:8b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Nov 5 20:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c90f5c521560a2d0f782e767327c324b66a35e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:7a:9b:4c:c4:b9:2e:58:d1:c0:6c:cc:f2:
b6:62:f1:eb:d1:79:cf:04:18:1a:86:05:3c:00:ae:
f6:23:99:d0:cc:ab:08:7d:e9:9e:b3:6d:e3:32:df:
b9:d1:7a:ea:ad:12:b4:dd:0b:08:0f:31:68:d9:9a:
0f:14:26:29:ea:f8:5a:c1:d9:9b:a7:5a:4d:28:e2:
69:1b:2a:75:7d:dc:56:d9:69:9a:85:18:3c:09:96:
8e:3e:ab:3a:33:53:11:88:0d:c4:bf:76:c1:eb:76:
96:dd:c4:51:8c:fb:80:3f:93:18:df:97:b4:0f:cd:
c6:c8:cd:94:f4:4c:a9:b5:ee:0e:0c:31:1e:56:47:
63:c5:95:da:77:8c:52:e5:ee:2a:52:be:fe:4b:5b:
e2:73:c7:e8:2c:33:dc:ed:f8:00:ec:22:3c:de:62:
86:3d:98:b3:b7:33:47:4f:70:11:64:7b:c1:6c:96:
7c:9b:85:39:bb:df:d5:b7:31:35:53:ba:06:65:97:
12:a8:14:25:8a:8a:a9:69:ca:d1:62:cd:1d:ec:ad:
46:1d:dd:b5:01:7b:bb:cb:2e:98:27:ee:0f:0d:e5:
eb:57:ea:49:63:47:47:b2:9c:cf:a4:31:98:5d:6a:
27:36:85:85:75:e4:85:6d:a3:47:d3:8a:b8:8b:41:
e0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0F:5C:52:15:60:A2:D0:F7:82:E7:67:32:7C:32:4B:66:A3:5E:5C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yQ9cUhVgotD3gudnMnwyS2ajXlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:fded:9fd3/128
Signature Algorithm: sha256WithRSAEncryption
4b:eb:f3:4a:05:97:8c:58:41:6f:07:d5:f6:ff:16:b4:d8:81:
33:e0:a6:c2:8f:f2:de:f8:b9:f1:e2:d5:f0:e5:c7:13:86:ec:
14:b6:2b:11:13:5e:83:b0:a6:93:09:fa:27:91:d9:a6:ea:fa:
2c:dc:f7:e3:69:ab:8a:09:1e:cd:fc:38:aa:5e:0c:18:06:9c:
1d:47:a7:a8:c5:98:13:42:db:aa:4a:22:e8:73:d2:94:85:5d:
40:b7:7b:43:db:d2:23:15:61:68:02:5c:c7:19:e4:7e:c0:f5:
11:2b:ff:d6:0b:21:76:7c:8a:a7:09:a6:ae:31:d7:a4:42:75:
49:cd:af:50:d6:28:dd:33:cd:f8:c8:6b:f9:b0:a7:cf:05:15:
8d:7d:a5:9a:e2:74:2f:1f:70:ba:37:5e:31:15:7d:57:e0:ab:
dd:1a:c2:bf:3f:73:00:3d:a4:c9:8a:bb:79:fa:63:0e:4c:6d:
57:68:47:60:7b:85:d1:74:e2:74:80:ce:52:7e:af:2f:2e:08:
26:06:2a:8f:38:7f:db:4d:cc:45:14:c6:81:00:d6:6d:ea:38:
30:e2:f1:33:82:21:f1:88:84:3e:82:fa:6a:d0:16:ee:b8:c6:
1c:17:b8:4f:f4:82:89:f7:53:37:a7:3a:7d:c9:6c:19:4b:28:
e4:20:c1:68
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZL97jtnpwyEvYnlQcsQn4s0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMTA1MjAwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBmNWM1MjE1NjBhMmQwZjc4MmU3NjczMjdjMzI0YjY2YTM1ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxV6m0zEuS5Y0cBszPK2YvHr0XnP
BBgahgU8AK72I5nQzKsIfemes23jMt+50XrqrRK03QsIDzFo2ZoPFCYp6vhawdmb
p1pNKOJpGyp1fdxW2WmahRg8CZaOPqs6M1MRiA3Ev3bB63aW3cRRjPuAP5MY35e0
D83GyM2U9Eypte4ODDEeVkdjxZXad4xS5e4qUr7+S1vic8foLDPc7fgA7CI83mKG
PZiztzNHT3ARZHvBbJZ8m4U5u9/VtzE1U7oGZZcSqBQlioqpacrRYs0d7K1GHd21
AXu7yy6YJ+4PDeXrV+pJY0dHspzPpDGYXWonNoWFdeSFbaNH04q4i0HgxQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMkPXFIVYKLQ94LnZzJ8Mktmo15cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveVE5Y1VoVmdvdEQzZ3Vkbk1ud3lTMmFqWGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGS/e2f0zANBgkqhkiG9w0BAQsFAAOCAQEAS+vzSgWXjFhBbwfV9v8WtNiB
M+Cmwo/y3vi58eLV8OXHE4bsFLYrERNeg7Cmkwn6J5HZpur6LNz342mrigkezfw4
ql4MGAacHUenqMWYE0Lbqkoi6HPSlIVdQLd7Q9vSIxVhaAJcxxnkfsD1ESv/1gsh
dnyKpwmmrjHXpEJ1Sc2vUNYo3TPN+Mhr+bCnzwUVjX2lmuJ0Lx9wujdeMRV9V+Cr
3RrCvz9zAD2kyYq7efpjDkxtV2hHYHuF0XTidIDOUn6vLy4IJgYqjzh/203MRRTG
gQDWbeo4MOLxM4Ih8YiEPoL6atAW7rjGHBe4T/SCifdTN6c6fclsGUso5CDBaA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:53 2025 by rpki-client