Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z0Mz8j60yGOeR7xCBDTeJfOux2c.roa
File: z0Mz8j60yGOeR7xCBDTeJfOux2c.roa (raw, json)
Hash identifier: Hp8YVXnOKSWt2+0WdrI9Dv1srMDDnpNKkyX+8EXfKfo=
Subject key identifier: CF:43:33:F2:3E:B4:C8:63:9E:47:BC:42:04:34:DE:25:F3:AE:C7:67
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019188613CEB0B2726BFD05E256D1F5D2764
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z0Mz8j60yGOeR7xCBDTeJfOux2c.roa
Signing time: Sun 25 Aug 2024 07:12:39 +0000
ROA not before: Sun 25 Aug 2024 07:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:88:61:3c:eb:0b:27:26:bf:d0:5e:25:6d:1f:5d:27:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 25 07:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf4333f23eb4c8639e47bc420434de25f3aec767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b6:9e:3d:dd:b6:08:d3:e2:83:5d:df:2d:f7:
d3:a6:bb:2d:0c:50:05:20:85:a8:aa:62:69:2a:48:
02:cb:f1:56:77:ca:a3:04:49:3c:df:83:fd:2a:6a:
e3:36:b7:b9:af:d7:1d:df:9f:fa:2d:44:df:73:d1:
62:13:30:9a:af:64:6d:cd:45:f8:9d:47:58:ed:b9:
52:d9:61:a0:80:31:ce:ed:e7:3b:29:87:a1:58:e9:
8b:3a:92:7f:bc:1c:db:87:e4:ec:f8:b5:77:4c:bc:
90:54:e5:af:e0:ad:c4:6d:06:cc:02:72:fc:d3:44:
b0:b9:eb:cc:e6:c2:3f:a1:77:83:88:96:75:c4:19:
32:4e:5a:e2:4f:7c:5b:82:4b:1e:06:f9:34:e0:bf:
97:ff:97:b0:58:4e:95:16:31:f9:ea:c9:29:dd:c2:
84:d3:c1:65:90:18:50:a5:f0:97:a7:7d:d7:18:78:
71:c7:5f:10:55:3a:4c:e9:d9:50:f7:0b:54:34:94:
93:f9:cb:72:5a:a7:b3:2c:95:1c:36:a9:31:00:a9:
da:7e:ea:db:8b:0e:c3:ed:77:e9:e3:15:8b:27:06:
05:6b:be:dd:d5:8e:ff:c1:65:3a:aa:45:26:1d:77:
b2:e8:3d:69:95:30:e5:fe:53:a5:b1:10:e3:3b:6b:
36:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:43:33:F2:3E:B4:C8:63:9E:47:BC:42:04:34:DE:25:F3:AE:C7:67
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z0Mz8j60yGOeR7xCBDTeJfOux2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
11:3e:49:55:e5:fd:bf:2f:32:57:b7:85:19:48:89:54:b2:5b:
07:8f:f0:12:86:75:b6:da:8c:78:84:7a:aa:11:04:53:c8:eb:
90:9a:19:1d:ad:2f:3f:e6:36:59:70:b5:c9:c8:34:30:ee:d4:
90:1d:f0:86:f5:c4:12:85:7d:8f:cd:e8:87:ba:0b:e2:db:4f:
84:bf:c1:c3:d2:99:ab:3d:80:27:da:74:00:97:fc:37:33:ac:
0f:17:c1:6f:a9:6b:43:07:99:0c:81:1f:33:f2:17:c0:62:d5:
7e:a6:1d:73:8f:0e:27:c7:d2:76:46:48:2d:de:17:e0:48:c0:
bc:8b:76:67:80:fa:22:fd:a4:c5:ae:7f:fa:6b:f3:f9:56:ed:
b0:5c:4f:84:f8:b7:95:58:18:c8:43:1d:95:22:91:77:16:01:
f2:1a:cd:70:a1:b5:61:99:de:67:5a:9e:e8:6d:1d:62:22:f9:
59:48:44:70:83:cd:15:0e:3c:cc:d0:4c:08:e8:77:f4:13:b9:
97:37:da:76:47:72:8c:ae:dc:8d:ab:de:e0:ff:c2:62:76:63:
1c:6a:d1:65:50:2d:de:1e:a5:53:10:43:70:54:33:e0:76:4b:
d8:c1:ff:5e:34:03:70:16:c3:37:51:35:a7:ef:bd:43:52:5d:
31:ff:22:01
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGIYTzrCycmv9BeJW0fXSdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI1MDcxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQzMzNmMjNlYjRjODYzOWU0N2JjNDIwNDM0ZGUyNWYzYWVjNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbaePd22CNPig13fLffTprstDFAF
IIWoqmJpKkgCy/FWd8qjBEk834P9KmrjNre5r9cd35/6LUTfc9FiEzCar2RtzUX4
nUdY7blS2WGggDHO7ec7KYehWOmLOpJ/vBzbh+Ts+LV3TLyQVOWv4K3EbQbMAnL8
00SwuevM5sI/oXeDiJZ1xBkyTlriT3xbgkseBvk04L+X/5ewWE6VFjH56skp3cKE
08FlkBhQpfCXp33XGHhxx18QVTpM6dlQ9wtUNJST+ctyWqezLJUcNqkxAKnafurb
iw7D7Xfp4xWLJwYFa77d1Y7/wWU6qkUmHXey6D1plTDl/lOlsRDjO2s2GwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM9DM/I+tMhjnke8QgQ03iXzrsdnMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvejBNejhqNjB5R09lUjd4Q0JEVGVKZk91eDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAET5JVeX9vy8yV7eFGUiJVLJb
B4/wEoZ1ttqMeIR6qhEEU8jrkJoZHa0vP+Y2WXC1ycg0MO7UkB3whvXEEoV9j83o
h7oL4ttPhL/Bw9KZqz2AJ9p0AJf8NzOsDxfBb6lrQweZDIEfM/IXwGLVfqYdc48O
J8fSdkZILd4X4EjAvIt2Z4D6Iv2kxa5/+mvz+VbtsFxPhPi3lVgYyEMdlSKRdxYB
8hrNcKG1YZneZ1qe6G0dYiL5WUhEcIPNFQ48zNBMCOh39BO5lzfadkdyjK7cjave
4P/CYnZjHGrRZVAt3h6lUxBDcFQz4HZL2MH/XjQDcBbDN1E1p++9Q1JdMf8iAQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:05:36 2025 by rpki-client