Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-CqsBzaL41o0ZJvQXJwennTIylM.roa
File: 1-CqsBzaL41o0ZJvQXJwennTIylM.roa (raw, json)
Hash identifier: aXANZKOLYw1hw3huj7XXRj23tiZk7XhDQWSKRPN0tZE=
Subject key identifier: F8:2A:AC:07:36:8B:E3:5A:34:64:9B:D0:5C:9C:1E:9E:74:C8:CA:53
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959A5E5B6D927BC1FBE5EB4F428807406F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-CqsBzaL41o0ZJvQXJwennTIylM.roa
Signing time: Sat 15 Mar 2025 15:13:49 +0000
ROA not before: Sat 15 Mar 2025 15:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:5e:5b:6d:92:7b:c1:fb:e5:eb:4f:42:88:07:40:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 15:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f82aac07368be35a34649bd05c9c1e9e74c8ca53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:35:f8:1a:c2:66:ef:90:5e:af:10:cc:4b:
7e:22:1b:c7:85:56:b4:25:c9:60:e9:8e:9e:dc:02:
ec:b5:13:36:40:da:d9:1f:35:fe:34:06:35:ff:78:
54:ce:b0:8c:3c:c5:1b:dc:4f:29:d6:3e:71:14:cf:
fb:0f:7c:03:0e:5a:39:64:fc:59:e7:a0:9b:be:ec:
68:72:63:f3:a0:00:21:a6:43:d0:99:62:46:42:83:
2f:d0:5d:60:01:29:1c:be:f8:d8:1f:37:3e:88:1a:
31:eb:3f:79:16:f7:3b:31:51:4e:2f:1b:ee:ea:1f:
d8:50:96:63:c9:4e:2a:4f:7a:dd:e0:99:59:1d:78:
f0:f2:0d:46:bb:4a:99:21:45:ad:06:ce:1b:32:1e:
34:74:ac:42:e3:34:7a:d4:5b:93:5e:91:60:a4:e1:
8f:78:f3:95:ac:6c:a5:07:40:5a:98:b8:93:28:a9:
79:fa:77:c2:19:75:14:a8:3c:e1:51:57:c1:b2:ab:
97:5d:2f:b8:f7:b7:b3:84:ca:f9:45:81:e0:a1:c2:
e1:18:6f:ab:c6:f4:7b:2c:95:47:e0:12:53:c0:12:
11:3f:09:4a:ea:9f:96:ce:51:50:5d:d6:94:db:b6:
06:38:06:7f:53:cd:69:9f:a9:23:a8:e3:5f:ac:a1:
d3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2A:AC:07:36:8B:E3:5A:34:64:9B:D0:5C:9C:1E:9E:74:C8:CA:53
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-CqsBzaL41o0ZJvQXJwennTIylM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
56:5a:c8:3a:24:87:fe:2e:69:c2:fb:4e:19:dc:6c:a7:d2:42:
9e:17:48:81:1d:96:db:96:89:d1:be:73:2c:2f:cc:54:e0:8b:
c4:d8:39:b3:80:ba:9c:3f:3e:2b:e4:41:66:53:14:76:7b:ef:
76:b1:58:b4:04:b4:b5:fa:b9:61:8d:fd:56:c1:de:d1:45:18:
39:3f:32:bb:97:b7:42:dd:29:57:d8:e7:8d:e3:b8:bd:90:ad:
e2:25:0c:d9:95:f7:2c:56:37:cb:6b:cb:ac:3c:04:53:4b:c7:
70:89:a5:ab:48:ac:4d:15:7d:a6:b8:ca:db:b3:5a:42:cd:eb:
94:f0:c2:cf:69:b8:53:d1:4a:64:bb:2c:07:0b:d2:d7:06:05:
8b:dc:35:4b:df:38:88:e1:d3:02:83:c8:1a:96:28:3d:31:fa:
a3:7a:63:39:88:b0:0e:f0:a8:9e:36:a0:9f:36:c5:fa:d8:cd:
77:be:b5:cb:04:5c:2f:44:84:54:29:1d:ab:10:c7:d3:60:1d:
b5:20:35:17:b1:a0:aa:9e:7d:95:ab:54:d4:f5:f0:69:20:0f:
96:49:13:42:e1:fa:ff:a2:b9:29:7e:3a:38:5c:99:18:62:ea:
ac:8c:fc:de:33:72:53:f4:05:38:a6:16:ac:d9:a3:27:84:83:
57:d7:35:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWaXlttknvB++XrT0KIB0BvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MTUxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJhYWMwNzM2OGJlMzVhMzQ2NDliZDA1YzljMWU5ZTc0YzhjYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33A1+BrCZu+QXq8QzEt+IhvHhVa0
Jclg6Y6e3ALstRM2QNrZHzX+NAY1/3hUzrCMPMUb3E8p1j5xFM/7D3wDDlo5ZPxZ
56CbvuxocmPzoAAhpkPQmWJGQoMv0F1gASkcvvjYHzc+iBox6z95Fvc7MVFOLxvu
6h/YUJZjyU4qT3rd4JlZHXjw8g1Gu0qZIUWtBs4bMh40dKxC4zR61FuTXpFgpOGP
ePOVrGylB0BamLiTKKl5+nfCGXUUqDzhUVfBsquXXS+497ezhMr5RYHgocLhGG+r
xvR7LJVH4BJTwBIRPwlK6p+WzlFQXdaU27YGOAZ/U81pn6kjqONfrKHTuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPgqrAc2i+NaNGSb0FycHp50yMpTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1DcXNCemFMNDFvMFpKdlFYSndlbm5USXlsTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABlYbPYwwwDQYJKoZIhvcNAQELBQADggEBAFZayDokh/4uacL7ThncbKfS
Qp4XSIEdltuWidG+cywvzFTgi8TYObOAupw/PivkQWZTFHZ773axWLQEtLX6uWGN
/VbB3tFFGDk/MruXt0LdKVfY543juL2QreIlDNmV9yxWN8try6w8BFNLx3CJpatI
rE0Vfaa4ytuzWkLN65Twws9puFPRSmS7LAcL0tcGBYvcNUvfOIjh0wKDyBqWKD0x
+qN6YzmIsA7wqJ42oJ82xfrYzXe+tcsEXC9EhFQpHasQx9NgHbUgNRexoKqefZWr
VNT18GkgD5ZJE0Lh+v+iuSl+OjhcmRhi6qyM/N4zclP0BTimFqzZoyeEg1fXNW8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:20 2025 by rpki-client