Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z1JGPAILlBfYEC-Ss8s_AqiTI4k.roa
File: z1JGPAILlBfYEC-Ss8s_AqiTI4k.roa (raw, json)
Hash identifier: /8gYVPSxjmS1yHxETIM0m5NjGL+dSJZWqHJmwonJU1I=
Subject key identifier: CF:52:46:3C:02:0B:94:17:D8:10:2F:92:B3:CB:3F:02:A8:93:23:89
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019114B88D672FA9B038019CD6D92583CD9E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z1JGPAILlBfYEC-Ss8s_AqiTI4k.roa
Signing time: Fri 02 Aug 2024 20:12:04 +0000
ROA not before: Fri 02 Aug 2024 20:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:14:b8:8d:67:2f:a9:b0:38:01:9c:d6:d9:25:83:cd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 20:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf52463c020b9417d8102f92b3cb3f02a8932389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e5:e3:91:a8:97:43:9b:45:4d:ec:47:7e:44:
93:16:ae:07:45:63:39:44:ea:1d:41:75:0f:2c:aa:
39:9a:b3:de:95:90:a0:68:2a:fc:68:55:8f:d7:5d:
19:5a:04:21:aa:88:d4:72:46:d3:fd:a2:db:83:99:
1e:38:f3:73:49:f5:f0:df:c8:cd:6c:eb:88:3b:55:
79:b2:d2:b8:31:d2:ca:77:6b:83:2c:cd:d7:30:de:
2e:68:4c:7e:ed:fd:19:74:65:e3:b6:64:fb:58:13:
dd:a1:a8:bc:c3:00:cb:ca:0f:66:7f:17:56:fb:50:
24:49:dc:aa:ef:41:3f:7b:05:a7:23:5e:55:f0:ea:
2f:0c:03:b3:2d:d9:b0:e1:95:05:88:c5:37:20:11:
de:d9:6c:0e:be:e8:4c:6a:70:6b:0e:af:27:82:eb:
78:d5:f2:b3:73:57:ba:e0:07:33:ca:ea:ad:7d:56:
15:be:db:70:7e:3b:af:3c:be:5d:a9:90:8c:f2:69:
88:3d:bb:63:36:19:20:0a:ed:61:9d:5b:ff:5e:93:
c7:4d:ba:d8:b9:7f:79:93:16:c9:97:eb:c4:c4:31:
d7:55:b2:83:85:af:2d:d8:d5:09:c0:a0:cd:7d:b4:
0a:5e:c3:8b:fe:29:d4:40:4f:97:10:94:40:df:b2:
10:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:52:46:3C:02:0B:94:17:D8:10:2F:92:B3:CB:3F:02:A8:93:23:89
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z1JGPAILlBfYEC-Ss8s_AqiTI4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
37:f7:b9:15:7e:5b:4d:d9:29:90:88:67:78:ab:b8:eb:d9:ff:
53:e1:73:d2:20:81:ec:a2:b2:19:82:17:4b:48:a9:3d:a9:56:
1f:55:e5:68:0d:c0:b8:6a:05:ee:34:71:c9:53:18:c6:d4:ff:
a2:9b:e1:4f:02:bc:5b:b7:54:e9:3b:09:4a:74:2f:4b:eb:a3:
86:57:b1:26:01:f9:cc:61:21:44:c9:85:39:e7:38:84:c3:36:
67:68:57:64:58:46:0a:79:0d:21:c6:05:f8:a2:20:66:1e:6c:
9e:e6:59:3e:48:bb:9a:be:16:9d:7c:bf:ea:f9:16:b9:14:5d:
7c:c3:17:4a:f0:09:24:a6:72:02:f2:97:b8:c8:89:2e:22:43:
20:e1:d5:38:33:e2:73:29:34:25:5c:2b:f6:fd:25:bd:99:05:
90:f3:03:22:67:bb:d8:02:28:c8:18:ba:7a:be:1f:a6:c5:3a:
f7:44:af:90:26:ac:f7:63:ac:1e:22:ea:98:74:a8:1f:4a:bc:
6a:77:c1:01:be:da:2c:26:52:4e:0b:9d:82:6c:a2:a0:4b:73:
54:38:79:fc:7e:3e:95:e1:0f:0d:2e:46:29:e7:d3:4b:d2:11:
ea:a5:59:e4:51:7c:31:26:9e:47:f2:47:48:94:24:06:f3:09:
6e:14:86:fd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEUuI1nL6mwOAGc1tklg82eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMjAxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUyNDYzYzAyMGI5NDE3ZDgxMDJmOTJiM2NiM2YwMmE4OTMyMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+XjkaiXQ5tFTexHfkSTFq4HRWM5
ROodQXUPLKo5mrPelZCgaCr8aFWP110ZWgQhqojUckbT/aLbg5keOPNzSfXw38jN
bOuIO1V5stK4MdLKd2uDLM3XMN4uaEx+7f0ZdGXjtmT7WBPdoai8wwDLyg9mfxdW
+1AkSdyq70E/ewWnI15V8OovDAOzLdmw4ZUFiMU3IBHe2WwOvuhManBrDq8ngut4
1fKzc1e64AczyuqtfVYVvttwfjuvPL5dqZCM8mmIPbtjNhkgCu1hnVv/XpPHTbrY
uX95kxbJl+vExDHXVbKDha8t2NUJwKDNfbQKXsOL/inUQE+XEJRA37IQFQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM9SRjwCC5QX2BAvkrPLPwKokyOJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvejFKR1BBSUxsQmZZRUMtU3M4c19BcWlUSTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAN/e5FX5bTdkpkIhneKu469n/
U+Fz0iCB7KKyGYIXS0ipPalWH1XlaA3AuGoF7jRxyVMYxtT/opvhTwK8W7dU6TsJ
SnQvS+ujhlexJgH5zGEhRMmFOec4hMM2Z2hXZFhGCnkNIcYF+KIgZh5snuZZPki7
mr4WnXy/6vkWuRRdfMMXSvAJJKZyAvKXuMiJLiJDIOHVODPicyk0JVwr9v0lvZkF
kPMDIme72AIoyBi6er4fpsU690SvkCas92OsHiLqmHSoH0q8anfBAb7aLCZSTgud
gmyioEtzVDh5/H4+leEPDS5GKefTS9IR6qVZ5FF8MSaeR/JHSJQkBvMJbhSG/Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:03 2025 by rpki-client