Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DgSPSjv04PRIsQ3DPeu3yV7-jUk.roa
File: DgSPSjv04PRIsQ3DPeu3yV7-jUk.roa (raw, json)
Hash identifier: 6NUIKjXCtIxxfNHuW+1tfkMCtgtFkOFWeyQmCOGEato=
Subject key identifier: 0E:04:8F:4A:3B:F4:E0:F4:48:B1:0D:C3:3D:EB:B7:C9:5E:FE:8D:49
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019193F76AF4D2DB097AC2C2F87652D087B5
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DgSPSjv04PRIsQ3DPeu3yV7-jUk.roa
Signing time: Tue 27 Aug 2024 13:12:31 +0000
ROA not before: Tue 27 Aug 2024 13:12:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:f7:6a:f4:d2:db:09:7a:c2:c2:f8:76:52:d0:87:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 27 13:12:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e048f4a3bf4e0f448b10dc33debb7c95efe8d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:66:5f:9a:a9:4f:a7:2c:4d:be:3a:fe:98:
fb:12:47:cf:91:7c:fe:a2:df:21:83:22:88:b4:d9:
63:16:b0:df:f9:b2:6d:73:53:f2:c5:06:70:2c:c4:
15:f7:0b:58:36:d4:23:27:66:5c:01:a0:ca:fa:a0:
d6:d7:de:68:de:ef:b0:43:b1:48:46:9f:9a:97:1d:
b7:c8:ac:90:f6:39:b1:35:32:2c:e7:ed:0e:cb:fb:
3e:17:da:f7:b5:81:0a:ac:c4:da:12:47:8f:ed:b6:
05:d6:0e:65:8e:88:1b:8c:e5:ed:66:3e:e9:9c:be:
ad:91:d0:3c:3c:0f:27:74:24:db:8d:69:bf:cb:4b:
89:95:7b:f4:48:d5:13:2a:7d:a4:a7:10:fd:d6:f5:
a6:dd:55:a9:cc:8a:fa:da:06:fa:81:a2:14:31:87:
7a:0c:81:aa:e4:e1:b9:5a:dc:24:8d:0a:9c:06:fa:
93:f3:eb:3a:71:f9:90:3c:d0:79:bd:1d:23:8c:1c:
ac:a8:64:ad:c7:0b:02:ad:1c:f4:fe:85:47:95:73:
20:bd:c1:b2:c0:15:f5:e0:a4:1e:38:11:7c:0c:04:
29:37:b9:76:a0:57:49:95:46:d8:b3:67:68:9b:bb:
9c:59:26:d1:ce:63:58:38:75:90:78:83:50:97:e4:
98:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:04:8F:4A:3B:F4:E0:F4:48:B1:0D:C3:3D:EB:B7:C9:5E:FE:8D:49
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DgSPSjv04PRIsQ3DPeu3yV7-jUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
78:a9:33:f6:1b:40:6b:f2:29:62:5b:f4:47:4f:1b:ed:d5:5f:
cf:fb:8b:b1:dd:e6:ea:ca:c9:eb:16:00:57:60:e1:4b:8d:33:
33:d6:6e:3c:05:80:c9:5f:f0:87:46:a3:ef:07:37:e1:40:62:
2b:ad:fa:17:21:8f:40:a3:ce:db:65:01:32:eb:f8:8d:a0:3e:
1a:c4:5d:30:58:1b:4a:af:83:2b:0f:2d:d9:60:49:f9:56:47:
d5:34:1e:34:ac:a5:40:ec:6d:fa:90:52:db:79:bd:49:56:7c:
9f:cf:f9:84:92:5e:96:81:06:41:54:64:dc:69:35:8f:6d:e2:
f5:f8:fc:bf:de:e2:3a:1c:3a:90:6e:6e:bd:25:1f:b6:9e:36:
37:d7:4e:70:76:e1:a3:30:b3:bd:9b:8b:d0:f1:de:a8:d3:3d:
51:2c:93:b5:82:31:94:76:f5:d1:fd:6c:95:59:f5:2e:06:94:
ff:aa:f2:77:6e:46:9d:ac:5f:37:e0:b1:2f:92:0b:dc:9f:66:
41:0c:59:f9:f7:42:ed:c0:ec:dd:08:51:90:4b:60:c9:65:5f:
ec:b1:50:04:46:97:19:79:4c:93:cd:27:4a:c6:37:55:78:0c:
fa:19:37:fb:ba:6b:6a:a5:a0:2e:88:c0:a8:cd:1e:ef:52:64:
f8:0d:ee:70
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGT92r00tsJesLC+HZS0Ie1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODI3MTMxMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA0OGY0YTNiZjRlMGY0NDhiMTBkYzMzZGViYjdjOTVlZmU4ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzxmX5qpT6csTb46/pj7EkfPkXz+
ot8hgyKItNljFrDf+bJtc1PyxQZwLMQV9wtYNtQjJ2ZcAaDK+qDW195o3u+wQ7FI
Rp+alx23yKyQ9jmxNTIs5+0Oy/s+F9r3tYEKrMTaEkeP7bYF1g5ljogbjOXtZj7p
nL6tkdA8PA8ndCTbjWm/y0uJlXv0SNUTKn2kpxD91vWm3VWpzIr62gb6gaIUMYd6
DIGq5OG5WtwkjQqcBvqT8+s6cfmQPNB5vR0jjBysqGStxwsCrRz0/oVHlXMgvcGy
wBX14KQeOBF8DAQpN7l2oFdJlUbYs2dom7ucWSbRzmNYOHWQeINQl+SY1QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA4Ej0o79OD0SLENwz3rt8le/o1JMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRGdTUFNqdjA0UFJJc1EzRFBldTN5VjctalVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAeKkz9htAa/IpYlv0R08b7dVf
z/uLsd3m6srJ6xYAV2DhS40zM9ZuPAWAyV/wh0aj7wc34UBiK636FyGPQKPO22UB
Muv4jaA+GsRdMFgbSq+DKw8t2WBJ+VZH1TQeNKylQOxt+pBS23m9SVZ8n8/5hJJe
loEGQVRk3Gk1j23i9fj8v97iOhw6kG5uvSUftp42N9dOcHbhozCzvZuL0PHeqNM9
USyTtYIxlHb10f1slVn1LgaU/6ryd25GnaxfN+CxL5IL3J9mQQxZ+fdC7cDs3QhR
kEtgyWVf7LFQBEaXGXlMk80nSsY3VXgM+hk3+7praqWgLojAqM0e71Jk+A3ucA==
-----END CERTIFICATE-----
Generated at Wed Aug 28 09:33:53 2024 by rpki-client on console.sobornost.net