Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yROdhj5WpUuyg6u2eJODrv0Qnwo.roa
File: yROdhj5WpUuyg6u2eJODrv0Qnwo.roa (raw, json)
Hash identifier: EXosd5qzcLLHKhjB/D57Z07BjaUPM4PxBinS8SWwazk=
Subject key identifier: C9:13:9D:86:3E:56:A5:4B:B2:83:AB:B6:78:93:83:AE:FD:10:9F:0A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01929123BEC3B6516BBC74A6CC35F088DBBB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yROdhj5WpUuyg6u2eJODrv0Qnwo.roa
Signing time: Tue 15 Oct 2024 17:04:51 +0000
ROA not before: Tue 15 Oct 2024 17:04:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:192:9123:5f15/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:23:be:c3:b6:51:6b:bc:74:a6:cc:35:f0:88:db:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Oct 15 17:04:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9139d863e56a54bb283abb6789383aefd109f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:4e:27:a2:21:cc:fa:b4:94:cf:7a:8e:05:
0b:3c:94:b8:f5:1e:99:8e:47:8d:cd:f0:d3:17:45:
3c:a3:c5:c6:92:51:4e:77:cc:c1:25:c6:7d:84:2d:
18:82:ed:eb:67:71:68:ba:05:90:d3:15:a5:09:88:
33:7c:91:b0:ce:28:c1:9a:b6:79:a8:fe:58:b8:95:
60:0e:bc:9e:38:9d:14:53:16:ca:a7:60:fa:42:4e:
88:bd:9e:4c:9c:64:7b:9d:0b:ef:e6:f0:b1:33:49:
7d:3c:e9:0d:06:57:00:8d:b0:49:23:f9:66:40:da:
c4:65:e2:8d:74:80:68:7c:11:5f:ee:e3:06:62:34:
0f:20:75:1a:83:37:25:a2:a9:fe:74:ea:31:04:57:
9c:50:2a:e9:7f:9e:2b:3e:ec:54:e0:65:7b:9e:1f:
de:54:20:77:db:db:16:a3:44:0c:dc:2e:a4:79:f0:
e1:bf:20:e5:db:1c:f2:14:59:86:18:97:eb:07:36:
12:09:7c:a3:9d:15:08:26:aa:f0:6f:75:e0:75:45:
bc:71:22:62:f2:7d:b9:96:eb:80:33:f5:ce:f1:82:
8a:94:32:b2:48:f3:3c:91:ad:13:ab:aa:71:31:12:
4f:10:15:24:fe:5a:7e:84:32:f8:af:f5:f4:fe:c5:
67:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:13:9D:86:3E:56:A5:4B:B2:83:AB:B6:78:93:83:AE:FD:10:9F:0A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yROdhj5WpUuyg6u2eJODrv0Qnwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:192:9123:5f15/128
Signature Algorithm: sha256WithRSAEncryption
58:4f:0f:18:05:ea:ae:c9:76:2a:a1:ab:be:56:a7:23:d8:ba:
00:83:6c:5d:b0:fd:b9:e7:23:71:e0:16:3b:e8:d1:cf:e7:04:
37:6a:df:b0:59:98:49:77:0e:6a:05:51:c7:f1:d2:83:c8:a7:
10:07:af:c9:dc:7b:9b:14:59:4a:6d:db:35:75:47:6b:b1:e8:
9b:84:1b:a2:1e:9e:63:e4:b0:50:a6:01:6f:48:07:85:97:e7:
b3:f3:86:f8:43:ec:b5:68:d4:65:f5:04:83:f1:a0:ed:73:81:
0f:ca:cd:19:c2:0c:06:eb:f1:76:d3:9b:91:8a:2c:62:72:eb:
6c:08:69:b0:f0:db:38:41:ba:98:68:eb:e5:34:d8:51:5a:3d:
80:0a:84:62:12:89:ae:d9:fe:13:42:cf:3f:92:ec:bd:8d:40:
d6:94:df:d5:cc:2d:b8:8a:37:b2:3f:88:f8:00:2f:c6:55:a9:
50:e3:6c:b2:88:cc:de:91:08:06:67:ce:3c:c6:16:c6:d9:12:
13:7a:f8:69:54:ff:b2:2c:fa:92:d5:ea:f7:91:b3:96:34:a9:
87:f0:28:11:97:f6:75:40:62:15:51:a3:96:4f:a2:44:60:61:
7b:d1:eb:b8:23:c8:52:51:3c:51:49:f3:e7:50:87:bf:50:f6:
9b:93:a7:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKRI77DtlFrvHSmzDXwiNu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMDE1MTcwNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTEzOWQ4NjNlNTZhNTRiYjI4M2FiYjY3ODkzODNhZWZkMTA5ZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGhOJ6IhzPq0lM96jgULPJS49R6Z
jkeNzfDTF0U8o8XGklFOd8zBJcZ9hC0Ygu3rZ3FougWQ0xWlCYgzfJGwzijBmrZ5
qP5YuJVgDryeOJ0UUxbKp2D6Qk6IvZ5MnGR7nQvv5vCxM0l9POkNBlcAjbBJI/lm
QNrEZeKNdIBofBFf7uMGYjQPIHUagzcloqn+dOoxBFecUCrpf54rPuxU4GV7nh/e
VCB329sWo0QM3C6kefDhvyDl2xzyFFmGGJfrBzYSCXyjnRUIJqrwb3XgdUW8cSJi
8n25luuAM/XO8YKKlDKySPM8ka0Tq6pxMRJPEBUk/lp+hDL4r/X0/sVnAwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMkTnYY+VqVLsoOrtniTg679EJ8KMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveVJPZGhqNVdwVXV5ZzZ1MmVKT0RydjBRbndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGSkSNfFTANBgkqhkiG9w0BAQsFAAOCAQEAWE8PGAXqrsl2KqGrvlanI9i6
AINsXbD9uecjceAWO+jRz+cEN2rfsFmYSXcOagVRx/HSg8inEAevydx7mxRZSm3b
NXVHa7Hom4Qboh6eY+SwUKYBb0gHhZfns/OG+EPstWjUZfUEg/Gg7XOBD8rNGcIM
BuvxdtObkYosYnLrbAhpsPDbOEG6mGjr5TTYUVo9gAqEYhKJrtn+E0LPP5LsvY1A
1pTf1cwtuIo3sj+I+AAvxlWpUONssojM3pEIBmfOPMYWxtkSE3r4aVT/siz6ktXq
95GzljSph/AoEZf2dUBiFVGjlk+iRGBhe9HruCPIUlE8UUnz51CHv1D2m5OnkQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:17:03 2025 by rpki-client