Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UvZhqD-tvNZOAMnnPdKI-kdpGbY.roa
File: UvZhqD-tvNZOAMnnPdKI-kdpGbY.roa (raw, json)
Hash identifier: 7IULN1Kwiiq9GBVTjAyzFBZl9E1770nZY4x6OtiPGlE=
Subject key identifier: 52:F6:61:A8:3F:AD:BC:D6:4E:00:C9:E7:3D:D2:88:FA:47:69:19:B6
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 01942748480637A07A6A160A0EA5A156440F
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UvZhqD-tvNZOAMnnPdKI-kdpGbY.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:dfc3::/32 maxlen: 32
2a0e:dfc4::/32 maxlen: 32
2a0e:dfc5::/32 maxlen: 32
2a0e:dfc6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:48:06:37:a0:7a:6a:16:0a:0e:a5:a1:56:44:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52f661a83fadbcd64e00c9e73dd288fa476919b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:dc:fb:e7:b1:6c:69:66:2c:67:fe:c7:63:
dc:bc:00:b1:c7:2b:8c:24:9d:23:1d:b8:5b:e3:22:
09:ac:8e:54:6c:dc:e6:e7:52:cc:b7:ca:cb:a8:e1:
28:c0:f5:66:7d:fd:80:1d:14:db:6b:81:7e:90:0c:
ad:b8:e1:4c:80:ac:ae:7f:37:23:30:48:27:c4:9c:
c5:93:cd:06:31:f5:c9:d3:72:69:a1:10:78:07:a9:
84:23:3b:ea:04:d7:25:bc:39:db:c4:31:7a:27:50:
67:d4:ca:64:1c:85:a9:15:6c:03:88:0b:a5:67:76:
8a:18:df:18:c5:3d:3a:76:2d:24:ac:d1:05:cf:ee:
a0:05:6e:17:fc:a6:08:64:ab:42:30:36:0d:38:fb:
ef:1f:65:1f:1a:b2:ee:32:7e:7d:73:be:1c:21:40:
98:67:9d:bd:86:a0:1b:94:21:fa:fe:8c:2b:9e:7d:
8f:46:bf:66:51:50:1c:ff:0b:0b:a5:ab:9e:ea:65:
d9:21:54:52:fb:6c:af:17:13:12:a1:f9:53:31:5d:
ca:96:60:9c:54:d7:58:00:27:e9:b1:30:e3:98:9a:
ba:cd:2b:c0:c1:6a:d4:47:d5:ad:90:af:f6:44:30:
38:d7:e0:50:d6:65:c3:e8:88:e5:4b:9b:70:bc:10:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F6:61:A8:3F:AD:BC:D6:4E:00:C9:E7:3D:D2:88:FA:47:69:19:B6
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/UvZhqD-tvNZOAMnnPdKI-kdpGbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc3::-2a0e:dfc6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:af:0f:f3:e7:e5:e2:e7:e6:24:24:45:5d:07:68:4e:86:d6:
11:66:a8:e8:97:7e:8d:6b:4b:af:b9:46:00:c9:3a:1b:32:98:
8d:2a:0b:eb:da:6d:18:53:39:ed:91:20:c7:07:bf:4a:71:b2:
12:18:44:95:c3:a3:15:0c:82:c0:9c:d3:74:c6:01:6f:d6:45:
dd:fc:e6:47:1f:fa:4e:9f:6e:16:e1:bc:08:a3:25:c7:6d:bb:
14:e8:70:d5:4d:18:7c:eb:a8:fb:3a:d1:7b:7b:fd:1f:15:8c:
f5:9b:14:b1:6f:b5:8b:6e:79:47:1d:0c:05:6e:4d:03:6e:ea:
16:3f:3f:9a:d2:6f:5d:0f:94:b6:78:9a:06:c3:88:46:f4:87:
a7:50:27:c2:ac:6e:4f:cd:20:9f:29:0e:43:29:cb:70:96:7c:
44:6e:58:0d:f1:4b:12:8d:8e:5e:5a:bd:20:84:f0:5a:4e:a5:
ef:bf:37:8c:dd:5a:0e:c2:3f:c7:ad:79:ad:11:17:bf:5f:a3:
0c:f7:50:3b:c3:36:a6:ce:be:9b:88:e8:fe:48:be:26:1e:93:
f9:61:b9:39:b9:dd:f9:60:2c:ee:c1:ab:a9:5e:32:55:ca:cb:
6a:47:e4:f5:b5:f4:1e:03:24:15:d8:7c:76:05:1c:14:52:ab:
bf:f2:8e:ca
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQnSEgGN6B6ahYKDqWhVkQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY2NjFhODNmYWRiY2Q2NGUwMGM5ZTczZGQyODhmYTQ3NjkxOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT/c++exbGlmLGf+x2PcvACxxyuM
JJ0jHbhb4yIJrI5UbNzm51LMt8rLqOEowPVmff2AHRTba4F+kAytuOFMgKyufzcj
MEgnxJzFk80GMfXJ03JpoRB4B6mEIzvqBNclvDnbxDF6J1Bn1MpkHIWpFWwDiAul
Z3aKGN8YxT06di0krNEFz+6gBW4X/KYIZKtCMDYNOPvvH2UfGrLuMn59c74cIUCY
Z529hqAblCH6/owrnn2PRr9mUVAc/wsLpaue6mXZIVRS+2yvFxMSoflTMV3KlmCc
VNdYACfpsTDjmJq6zSvAwWrUR9WtkK/2RDA41+BQ1mXD6IjlS5twvBD6RQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFFL2Yag/rbzWTgDJ5z3SiPpHaRm2MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvVXZaaHFELXR2TlpPQU1ublBkS0kta2RwR2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDt/D
AwUAKg7fxjANBgkqhkiG9w0BAQsFAAOCAQEAla8P8+fl4ufmJCRFXQdoTobWEWao
6Jd+jWtLr7lGAMk6GzKYjSoL69ptGFM57ZEgxwe/SnGyEhhElcOjFQyCwJzTdMYB
b9ZF3fzmRx/6Tp9uFuG8CKMlx227FOhw1U0YfOuo+zrRe3v9HxWM9ZsUsW+1i255
Rx0MBW5NA27qFj8/mtJvXQ+UtniaBsOIRvSHp1AnwqxuT80gnykOQynLcJZ8RG5Y
DfFLEo2OXlq9IITwWk6l7783jN1aDsI/x615rREXv1+jDPdQO8M2ps6+m4jo/ki+
Jh6T+WG5Obnd+WAs7sGrqV4yVcrLakfk9bX0HgMkFdh8dgUcFFKrv/KOyg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:26 2025 by rpki-client