Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0NPj_kxgYF-Jv0WzmfU43vLvBA8.roa
File: 0NPj_kxgYF-Jv0WzmfU43vLvBA8.roa (raw, json)
Hash identifier: Q3kZ4RTpm5pajWyTY30K0aCJYoDoL49LIUTnhe2QYW8=
Subject key identifier: D0:D3:E3:FE:4C:60:60:5F:89:BF:45:B3:99:F5:38:DE:F2:EF:04:0F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194508D17B054DC0F06DD959A20762DA611
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0NPj_kxgYF-Jv0WzmfU43vLvBA8.roa
Signing time: Fri 10 Jan 2025 14:10:11 +0000
ROA not before: Fri 10 Jan 2025 14:10:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:8d:17:b0:54:dc:0f:06:dd:95:9a:20:76:2d:a6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 10 14:10:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0d3e3fe4c60605f89bf45b399f538def2ef040f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:94:34:a5:e5:ba:e8:49:fd:6a:82:18:18:f6:
82:a3:13:eb:0d:ad:05:37:07:d4:ee:f6:2c:86:93:
99:a9:e3:43:78:03:13:a1:83:30:90:d9:44:84:f0:
03:1d:50:3c:53:72:eb:dc:2a:1f:2f:33:01:d3:71:
82:5f:5d:b1:a8:8b:99:dc:08:41:1d:32:8d:33:cb:
ed:e3:83:96:99:07:ed:84:bb:e1:55:69:1a:59:44:
ee:ba:b0:de:75:e8:5f:73:80:c8:fe:51:be:23:d9:
61:1e:df:ed:04:dc:31:f1:7a:1d:4c:50:3b:68:a4:
19:df:2a:6f:a5:26:22:d5:84:88:31:0f:3c:7d:1d:
67:50:2a:7d:9c:6a:6e:13:58:2b:aa:bb:e8:51:ec:
ae:f1:02:10:2b:e0:ed:42:f1:09:d7:0a:fa:c4:8c:
a5:82:fc:f0:73:26:ce:17:ba:d1:06:90:f5:39:ed:
a8:2c:fb:f2:a3:7d:04:a6:f4:22:c1:c1:1a:5f:2e:
5f:d7:fd:a4:8b:6e:ca:a0:c6:69:5c:22:75:f8:43:
55:f5:b5:82:a4:1c:13:d3:73:5c:a9:7c:6e:ba:78:
ee:41:1f:df:52:79:d9:13:d6:1f:ec:df:d4:16:51:
75:30:0b:e1:af:13:bf:44:b9:5a:41:43:c2:8d:22:
c2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D3:E3:FE:4C:60:60:5F:89:BF:45:B3:99:F5:38:DE:F2:EF:04:0F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0NPj_kxgYF-Jv0WzmfU43vLvBA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
11:ee:36:72:f8:f7:0f:e6:26:c8:cc:9b:3c:a5:53:4f:a8:d9:
a6:39:9c:20:d5:88:c0:ed:47:47:ef:ef:80:8a:25:3b:5b:98:
7c:f1:69:10:0d:08:b5:c5:bc:69:1a:20:0f:d2:2e:71:7e:1e:
e8:da:5f:8c:01:bc:89:00:e5:2c:ee:a3:23:d1:21:8c:07:97:
44:bb:ef:11:a1:a6:d0:ba:90:9a:ae:d6:c8:2f:db:fa:42:25:
1a:85:79:66:72:a8:51:5f:ef:aa:97:18:3d:cb:8a:24:6b:01:
63:89:78:7d:d7:ef:a2:e6:2d:41:14:4c:8b:fa:7a:9e:ef:1f:
51:b6:62:dc:87:46:b6:dd:a2:86:a8:a3:05:bf:89:ac:f7:72:
9d:d1:82:10:fd:8c:96:2d:4e:1a:98:0c:fc:e5:64:16:7d:aa:
b2:a8:ba:46:9c:d0:12:47:2b:db:d7:21:32:13:bf:4c:73:e6:
a7:dc:40:06:cf:a0:4e:2e:54:43:3e:af:33:9a:ee:0d:2d:4d:
0d:15:54:47:19:eb:09:a9:78:a0:3a:a2:df:b6:7b:b1:ea:8c:
21:20:cb:cd:66:c3:b6:f2:2e:ea:c0:88:74:8c:3b:f1:0b:bd:
b7:d9:ae:9e:f2:3c:a6:f2:51:88:25:94:53:11:2b:6d:a6:26:
eb:6f:c4:e3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRQjRewVNwPBt2VmiB2LaYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTEwMTQxMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQzZTNmZTRjNjA2MDVmODliZjQ1YjM5OWY1MzhkZWYyZWYwNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZQ0peW66En9aoIYGPaCoxPrDa0F
NwfU7vYshpOZqeNDeAMToYMwkNlEhPADHVA8U3Lr3CofLzMB03GCX12xqIuZ3AhB
HTKNM8vt44OWmQfthLvhVWkaWUTuurDedehfc4DI/lG+I9lhHt/tBNwx8XodTFA7
aKQZ3ypvpSYi1YSIMQ88fR1nUCp9nGpuE1grqrvoUeyu8QIQK+DtQvEJ1wr6xIyl
gvzwcybOF7rRBpD1Oe2oLPvyo30EpvQiwcEaXy5f1/2ki27KoMZpXCJ1+ENV9bWC
pBwT03NcqXxuunjuQR/fUnnZE9Yf7N/UFlF1MAvhrxO/RLlaQUPCjSLCqwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNDT4/5MYGBfib9Fs5n1ON7y7wQPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvME5Qal9reGdZRi1KdjBXem1mVTQzdkx2QkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAEe42cvj3D+YmyMybPKVTT6jZ
pjmcINWIwO1HR+/vgIolO1uYfPFpEA0ItcW8aRogD9IucX4e6NpfjAG8iQDlLO6j
I9EhjAeXRLvvEaGm0LqQmq7WyC/b+kIlGoV5ZnKoUV/vqpcYPcuKJGsBY4l4fdfv
ouYtQRRMi/p6nu8fUbZi3IdGtt2ihqijBb+JrPdyndGCEP2Mli1OGpgM/OVkFn2q
sqi6RpzQEkcr29chMhO/THPmp9xABs+gTi5UQz6vM5ruDS1NDRVURxnrCal4oDqi
37Z7seqMISDLzWbDtvIu6sCIdIw78Qu9t9munvI8pvJRiCWUUxErbaYm62/E4w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:03:56 2025 by rpki-client