Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d0j2C5vkoJkrnCaNz9qhYK45ljQ.roa
File: d0j2C5vkoJkrnCaNz9qhYK45ljQ.roa (raw, json)
Hash identifier: 7LNATR0/5wKyltBV+l4+ADTJz4WPA7PMCDMpIadCMCg=
Subject key identifier: 77:48:F6:0B:9B:E4:A0:99:2B:9C:26:8D:CF:DA:A1:60:AE:39:96:34
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194847E235C52A3F300CE889788670B6601
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d0j2C5vkoJkrnCaNz9qhYK45ljQ.roa
Signing time: Mon 20 Jan 2025 16:14:06 +0000
ROA not before: Mon 20 Jan 2025 16:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:7e:23:5c:52:a3:f3:00:ce:88:97:88:67:0b:66:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 20 16:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7748f60b9be4a0992b9c268dcfdaa160ae399634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:3b:a8:10:23:3e:be:3b:09:df:60:85:b5:08:
e9:d5:7b:e9:77:3c:1d:1a:8b:88:9f:93:8d:6b:36:
f1:50:5e:c0:b1:9d:a5:3e:6b:aa:94:a0:0f:c7:20:
b0:fc:8b:94:ec:7f:e5:af:ac:fa:77:ef:81:ff:e8:
bd:2e:d7:c3:02:14:20:72:d3:0c:a0:01:b3:e2:20:
e5:d3:e4:30:1b:b2:51:78:25:53:c9:ba:2d:b0:4e:
3a:9d:ef:39:d3:1a:af:aa:b4:d9:38:bc:32:fa:fb:
ba:49:dd:c9:6b:8d:f2:6b:1f:e9:c7:30:d0:e6:4a:
d2:cd:82:72:df:30:43:4b:5e:6e:14:f6:46:59:80:
55:2b:45:8d:b1:89:f3:b7:b0:48:1c:b2:62:16:3e:
ec:ea:93:4a:03:71:cc:e0:a7:ed:c3:b9:37:06:24:
e9:f3:d1:1a:2f:fb:77:21:0d:52:f8:b5:12:22:53:
b5:6b:7f:85:76:85:c6:5b:d3:ed:57:55:85:33:48:
6b:dd:78:84:81:4d:34:a1:3f:d6:97:56:df:d3:a8:
16:72:31:ba:cb:e5:ef:b9:93:79:8c:74:a5:f4:13:
38:25:eb:b1:9c:95:8a:7e:33:33:d9:28:9e:dc:3a:
dc:67:83:20:45:d7:cb:1c:0f:c2:7a:cc:de:15:eb:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:48:F6:0B:9B:E4:A0:99:2B:9C:26:8D:CF:DA:A1:60:AE:39:96:34
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/d0j2C5vkoJkrnCaNz9qhYK45ljQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
1b:ee:48:a9:b5:07:88:2e:31:84:d8:d1:c0:a4:b2:dc:6f:6d:
e3:68:34:07:12:37:6f:87:5f:52:ee:f0:a7:38:05:4c:50:b9:
d1:1c:9b:0a:b2:01:11:df:50:8a:85:50:42:0a:81:02:6e:35:
e5:f4:64:99:49:0e:da:17:e2:92:78:dc:50:75:54:d4:02:4c:
e8:ec:4b:6f:fd:4b:c6:e5:a3:cc:58:93:59:23:0f:12:eb:cb:
49:24:f1:34:fc:df:e8:25:d8:9e:30:8f:aa:b7:6c:6e:ac:6c:
02:43:c6:fe:1c:4b:dd:25:1d:f4:69:d6:9a:75:d5:31:0c:15:
29:c9:0a:4e:f8:ef:ba:ca:49:62:61:57:02:bd:fe:ac:03:ce:
13:3e:84:d4:ce:6b:89:f4:e5:ac:ce:e0:4d:67:8b:ac:47:6a:
7d:7f:be:f0:7a:31:0a:59:57:50:68:eb:a2:c4:23:01:68:30:
10:16:66:be:1a:1f:14:a0:59:2e:25:bf:38:b5:c3:96:c8:d6:
38:35:47:59:8b:5e:0a:20:48:30:2b:ba:17:71:f6:7e:ef:26:
cd:b5:cd:a2:9b:31:1c:71:b0:a1:90:71:d8:fb:a9:6c:2c:d2:
4e:c0:6a:f4:f4:61:90:d4:4d:77:d6:0f:92:89:b0:a8:ec:a0:
96:e7:7a:53
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSEfiNcUqPzAM6Il4hnC2YBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTIwMTYxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ4ZjYwYjliZTRhMDk5MmI5YzI2OGRjZmRhYTE2MGFlMzk5NjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zuoECM+vjsJ32CFtQjp1Xvpdzwd
GouIn5ONazbxUF7AsZ2lPmuqlKAPxyCw/IuU7H/lr6z6d++B/+i9LtfDAhQgctMM
oAGz4iDl0+QwG7JReCVTybotsE46ne850xqvqrTZOLwy+vu6Sd3Ja43yax/pxzDQ
5krSzYJy3zBDS15uFPZGWYBVK0WNsYnzt7BIHLJiFj7s6pNKA3HM4Kftw7k3BiTp
89EaL/t3IQ1S+LUSIlO1a3+FdoXGW9PtV1WFM0hr3XiEgU00oT/Wl1bf06gWcjG6
y+XvuZN5jHSl9BM4JeuxnJWKfjMz2Sie3DrcZ4MgRdfLHA/CeszeFet6tQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHdI9gub5KCZK5wmjc/aoWCuOZY0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZDBqMkM1dmtvSmtybkNhTno5cWhZSzQ1bGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAG+5IqbUHiC4xhNjRwKSy3G9t
42g0BxI3b4dfUu7wpzgFTFC50RybCrIBEd9QioVQQgqBAm415fRkmUkO2hfiknjc
UHVU1AJM6OxLb/1LxuWjzFiTWSMPEuvLSSTxNPzf6CXYnjCPqrdsbqxsAkPG/hxL
3SUd9GnWmnXVMQwVKckKTvjvuspJYmFXAr3+rAPOEz6E1M5rifTlrM7gTWeLrEdq
fX++8HoxCllXUGjrosQjAWgwEBZmvhofFKBZLiW/OLXDlsjWODVHWYteCiBIMCu6
F3H2fu8mzbXNopsxHHGwoZBx2PupbCzSTsBq9PRhkNRNd9YPkomwqOyglud6Uw==
-----END CERTIFICATE-----
Generated at Tue Jan 21 17:34:41 2025 by rpki-client on console.sobornost.net