Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yRmyhMExo3GGvWGXvp2gy1VFUMQ.roa
File: yRmyhMExo3GGvWGXvp2gy1VFUMQ.roa (raw, json)
Hash identifier: A5RFJTWCEGWcDMraRu/yI4jTsN2SzwSd+wft8kLlD0I=
Subject key identifier: C9:19:B2:84:C1:31:A3:71:86:BD:61:97:BE:9D:A0:CB:55:45:50:C4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01912F541387082CA4356EC2BF77C9C0519E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yRmyhMExo3GGvWGXvp2gy1VFUMQ.roa
Signing time: Thu 08 Aug 2024 00:12:04 +0000
ROA not before: Thu 08 Aug 2024 00:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2f:54:13:87:08:2c:a4:35:6e:c2:bf:77:c9:c0:51:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 8 00:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c919b284c131a37186bd6197be9da0cb554550c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8e:4d:73:19:13:18:87:d8:91:75:56:eb:f9:
17:1b:14:0b:2d:8c:a8:8a:9b:12:f2:f3:26:f3:b4:
4b:45:a6:d6:62:25:7a:3d:35:f1:d6:fa:f3:e7:2a:
26:30:9f:a2:0d:76:47:d0:d7:81:e7:8d:79:59:86:
4c:57:a7:ab:dd:81:a0:cd:27:f3:71:da:5c:4f:8a:
1b:ac:5b:2c:78:19:76:0b:b3:ec:9e:e6:6b:fe:ef:
25:5a:44:6a:56:b9:ac:71:7a:99:ae:f1:56:bb:8f:
2f:17:62:ad:c0:d4:e6:24:c2:d1:78:11:fd:4c:78:
a4:95:3c:78:5a:1b:dc:6a:21:84:25:15:64:28:03:
b5:36:96:50:91:17:e9:86:43:7b:c2:09:40:5b:85:
d9:50:7d:52:7f:0c:1d:9f:a1:08:32:cb:f9:03:84:
5a:9c:f6:f4:4b:18:f6:16:7b:4b:3d:0c:ae:10:90:
0c:6e:49:81:96:34:f4:01:31:ab:bd:ff:50:46:9d:
a9:cc:02:4b:15:d5:37:80:d3:e5:ad:25:43:c1:19:
46:43:ea:66:30:8e:97:3c:1a:49:cb:4f:ab:82:dd:
ab:6d:62:00:ef:81:c1:a8:d4:5c:81:34:79:1c:1c:
4a:19:14:d0:81:93:b0:8d:38:d2:b5:63:17:0a:90:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:19:B2:84:C1:31:A3:71:86:BD:61:97:BE:9D:A0:CB:55:45:50:C4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/yRmyhMExo3GGvWGXvp2gy1VFUMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
8f:5d:6f:d8:3f:a7:8a:6b:42:58:3b:79:c7:3f:e1:3b:e7:fc:
7e:9f:d0:5c:7e:27:1b:24:c6:d0:3a:f1:b7:98:bb:2a:17:c5:
31:49:76:f2:5e:9a:a7:4a:79:48:21:9d:1c:03:33:f3:31:52:
98:d0:8e:2d:77:c6:89:b4:09:0a:0a:e8:1c:6b:67:57:12:65:
06:82:83:8c:17:06:c7:89:02:e4:95:2b:78:48:06:df:76:c4:
f6:17:ec:d6:5c:5b:6d:51:61:0f:bb:49:06:1b:cb:b2:7f:ec:
fd:57:00:30:08:17:a1:91:12:25:ab:7e:d4:ef:26:db:45:67:
33:05:c6:9e:6e:5c:89:84:a0:7f:10:b3:8f:c0:8f:48:fc:31:
db:c1:75:a6:e2:0f:a9:c9:72:d1:81:c2:75:9c:27:17:f9:b9:
71:10:cc:c8:0b:de:3a:a6:d8:ed:fb:89:83:04:95:06:9a:ea:
1d:94:69:fd:3a:0f:c9:a3:fd:f6:fa:f6:70:f8:87:64:53:3c:
fe:09:66:f6:68:02:a2:54:82:ea:4a:cf:70:bb:55:83:09:09:
03:89:2b:dc:d2:7d:e8:4b:2b:62:8e:e6:4a:90:7a:c8:e1:2d:
bd:3b:67:0d:4e:27:cf:f3:1d:ce:0e:5d:ef:b5:29:e2:d7:06:
b5:3f:a0:86
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEvVBOHCCykNW7Cv3fJwFGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA4MDAxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE5YjI4NGMxMzFhMzcxODZiZDYxOTdiZTlkYTBjYjU1NDU1MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj45NcxkTGIfYkXVW6/kXGxQLLYyo
ipsS8vMm87RLRabWYiV6PTXx1vrz5yomMJ+iDXZH0NeB5415WYZMV6er3YGgzSfz
cdpcT4obrFsseBl2C7PsnuZr/u8lWkRqVrmscXqZrvFWu48vF2KtwNTmJMLReBH9
THiklTx4WhvcaiGEJRVkKAO1NpZQkRfphkN7wglAW4XZUH1Sfwwdn6EIMsv5A4Ra
nPb0Sxj2FntLPQyuEJAMbkmBljT0ATGrvf9QRp2pzAJLFdU3gNPlrSVDwRlGQ+pm
MI6XPBpJy0+rgt2rbWIA74HBqNRcgTR5HBxKGRTQgZOwjTjStWMXCpBmawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMkZsoTBMaNxhr1hl76doMtVRVDEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveVJteWhNRXhvM0dHdldHWHZwMmd5MVZGVU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAj11v2D+nimtCWDt5xz/hO+f8
fp/QXH4nGyTG0Drxt5i7KhfFMUl28l6ap0p5SCGdHAMz8zFSmNCOLXfGibQJCgro
HGtnVxJlBoKDjBcGx4kC5JUreEgG33bE9hfs1lxbbVFhD7tJBhvLsn/s/VcAMAgX
oZESJat+1O8m20VnMwXGnm5ciYSgfxCzj8CPSPwx28F1puIPqcly0YHCdZwnF/m5
cRDMyAveOqbY7fuJgwSVBprqHZRp/ToPyaP99vr2cPiHZFM8/glm9mgColSC6krP
cLtVgwkJA4kr3NJ96EsrYo7mSpB6yOEtvTtnDU4nz/Mdzg5d77Up4tcGtT+ghg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:28 2025 by rpki-client