Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zmwZt_r3rC2e08omBedzn55sYEo.roa
File: zmwZt_r3rC2e08omBedzn55sYEo.roa (raw, json)
Hash identifier: E1mLYRxYeAR1eFI7Dq0F/BK07jlMjt0WgoNE7ewscnc=
Subject key identifier: CE:6C:19:B7:FA:F7:AC:2D:9E:D3:CA:26:05:E7:73:9F:9E:6C:60:4A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191E731D6D17964830125F9197485A55B1D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zmwZt_r3rC2e08omBedzn55sYEo.roa
Signing time: Thu 12 Sep 2024 17:04:48 +0000
ROA not before: Thu 12 Sep 2024 17:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:191:e731:417a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e7:31:d6:d1:79:64:83:01:25:f9:19:74:85:a5:5b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 12 17:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce6c19b7faf7ac2d9ed3ca2605e7739f9e6c604a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7d:61:bc:b1:df:00:b8:84:1c:a6:89:9c:3a:
eb:7d:50:50:e5:84:22:0e:ec:9d:b7:f5:5c:64:d1:
b3:94:0a:ed:87:4c:fa:f1:6d:79:4f:ac:3f:17:30:
09:02:4b:87:c0:ef:97:62:c1:45:ca:63:48:23:e8:
cf:55:6b:9f:9b:46:68:59:2a:e1:07:ee:85:a0:e5:
6e:b7:c7:e2:c9:77:96:33:c6:ca:ea:37:ca:70:0c:
4e:1b:78:26:e6:7b:68:8a:a5:0e:d0:a3:d3:da:44:
b8:04:40:da:2f:6d:f9:ff:e1:0e:10:8b:d7:b1:90:
bf:c3:8d:94:01:0e:4c:31:09:bf:9d:92:88:8d:6c:
bd:5d:21:e4:80:42:9d:43:95:84:0d:7e:c3:d2:8a:
0a:76:a0:3e:b9:a3:42:41:ee:e0:99:17:5f:f0:1c:
58:b5:5e:16:04:8c:c3:c5:b2:57:d4:4c:8f:ab:d3:
04:31:1e:76:ea:89:d1:5e:01:bc:5d:40:53:51:38:
de:45:30:a2:ae:87:f4:88:60:70:5e:5a:87:96:92:
61:9f:c3:a5:db:08:17:bc:b2:1f:f2:14:ae:22:28:
c7:ee:19:de:6f:7d:9d:29:24:7f:ca:02:2d:22:20:
40:3f:11:96:4f:ab:71:92:a6:6c:4d:79:3e:a7:63:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6C:19:B7:FA:F7:AC:2D:9E:D3:CA:26:05:E7:73:9F:9E:6C:60:4A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zmwZt_r3rC2e08omBedzn55sYEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:191:e731:417a/128
Signature Algorithm: sha256WithRSAEncryption
37:d2:7a:84:c0:4b:d7:14:54:86:e5:f2:2d:03:6e:d5:26:5b:
50:81:7d:79:da:cc:dd:0c:a0:a4:8c:33:52:cd:78:c8:44:eb:
89:67:e9:e9:36:ec:45:c5:1f:65:45:6a:ed:13:b5:03:35:1a:
b4:9f:18:da:5b:d3:6e:06:a0:2b:db:6a:6d:9b:d6:cb:02:4c:
55:1a:4f:ee:3f:87:a1:06:a2:12:67:0d:e0:be:ea:02:b7:5b:
b6:7d:d7:31:4a:94:33:c0:ec:08:ea:0a:59:7d:a3:ed:d7:e7:
65:38:4e:69:69:3a:fe:f7:08:eb:f9:8d:bc:e5:a0:92:e1:21:
16:2c:de:1d:d6:52:b2:76:2f:1e:52:62:af:39:2c:09:e2:bb:
a4:78:8b:4d:05:56:23:3c:72:fc:cf:38:1c:e6:d1:10:cc:ff:
a9:37:7f:37:2b:c9:a3:bf:1b:72:7a:1a:d0:f9:c8:5a:34:0d:
bd:09:e6:e6:9c:61:60:53:fa:4c:96:f5:63:73:56:bd:bb:25:
d3:d9:e2:e4:f8:9d:a1:0f:6c:0c:37:09:14:cb:c7:37:9a:4b:
39:d6:81:db:54:f9:ad:3c:55:40:e9:33:6e:9b:d9:3e:b8:d4:
d7:5c:87:79:14:25:d4:84:1b:85:be:dc:01:4f:fe:17:84:9b:
da:5d:aa:09
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHnMdbReWSDASX5GXSFpVsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTEyMTcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZjMTliN2ZhZjdhYzJkOWVkM2NhMjYwNWU3NzM5ZjllNmM2MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz31hvLHfALiEHKaJnDrrfVBQ5YQi
Duydt/VcZNGzlArth0z68W15T6w/FzAJAkuHwO+XYsFFymNII+jPVWufm0ZoWSrh
B+6FoOVut8fiyXeWM8bK6jfKcAxOG3gm5ntoiqUO0KPT2kS4BEDaL235/+EOEIvX
sZC/w42UAQ5MMQm/nZKIjWy9XSHkgEKdQ5WEDX7D0ooKdqA+uaNCQe7gmRdf8BxY
tV4WBIzDxbJX1EyPq9MEMR526onRXgG8XUBTUTjeRTCirof0iGBwXlqHlpJhn8Ol
2wgXvLIf8hSuIijH7hneb32dKSR/ygItIiBAPxGWT6txkqZsTXk+p2OyKQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM5sGbf696wtntPKJgXnc5+ebGBKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvem13WnRfcjNyQzJlMDhvbUJlZHpuNTVzWUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGR5zFBejANBgkqhkiG9w0BAQsFAAOCAQEAN9J6hMBL1xRUhuXyLQNu1SZb
UIF9edrM3QygpIwzUs14yETriWfp6TbsRcUfZUVq7RO1AzUatJ8Y2lvTbgagK9tq
bZvWywJMVRpP7j+HoQaiEmcN4L7qArdbtn3XMUqUM8DsCOoKWX2j7dfnZThOaWk6
/vcI6/mNvOWgkuEhFizeHdZSsnYvHlJirzksCeK7pHiLTQVWIzxy/M84HObREMz/
qTd/NyvJo78bcnoa0PnIWjQNvQnm5pxhYFP6TJb1Y3NWvbsl09ni5PidoQ9sDDcJ
FMvHN5pLOdaB21T5rTxVQOkzbpvZPrjU11yHeRQl1IQbhb7cAU/+F4Sb2l2qCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:07:23 2025 by rpki-client