Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-xfHqfqUBjPUmfy-8tnYasWSKZI.roa
File: 1-xfHqfqUBjPUmfy-8tnYasWSKZI.roa (raw, json)
Hash identifier: Lnhr0LOTqTMxJWqmSNoeNZxuHN8sFabQIqO4buI9obQ=
Subject key identifier: FB:17:C7:A9:FA:94:06:33:D4:99:FC:BE:F2:D9:D8:6A:C5:92:29:92
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01944866B887B125AE76C30293057C2C15D0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-xfHqfqUBjPUmfy-8tnYasWSKZI.roa
Signing time: Thu 09 Jan 2025 00:11:19 +0000
ROA not before: Thu 09 Jan 2025 00:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:48:66:b8:87:b1:25:ae:76:c3:02:93:05:7c:2c:15:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 9 00:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb17c7a9fa940633d499fcbef2d9d86ac5922992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:62:b4:a4:b1:de:e0:8d:00:b9:91:7c:8b:
65:bd:21:5c:92:31:e6:fa:eb:1c:de:83:f3:2f:09:
e7:66:53:1a:8b:c1:08:74:19:bf:48:c0:7c:6e:d6:
37:14:46:fd:2b:b1:9f:85:2c:90:be:7a:31:b9:da:
79:85:5f:b4:97:65:f0:fd:e6:08:7a:59:28:0d:7e:
6c:55:5a:88:c1:2b:7a:38:47:42:53:52:5e:70:d0:
bf:d2:24:a1:df:3b:4d:58:7f:68:50:d7:ba:5b:05:
26:28:78:6c:08:1e:94:0b:88:5b:0c:aa:ac:6a:f4:
36:6f:ac:82:2d:2b:e4:70:ba:e0:e0:b3:43:69:b4:
c0:0a:3e:a0:6d:ee:a9:f4:09:ca:df:c4:7b:d2:1b:
b3:d1:86:f9:53:b6:8e:67:bb:36:86:af:8d:46:eb:
2b:5d:69:34:24:86:31:6b:24:23:03:c9:94:72:78:
49:0f:50:40:0d:49:0a:4a:0c:03:31:75:69:80:fa:
b3:07:fe:4a:ff:4c:02:8d:0d:cb:87:31:4c:ac:f3:
d8:98:60:41:c0:85:4d:ed:2b:69:d8:55:23:62:61:
69:d9:bb:10:56:d0:47:71:c8:9c:c0:4d:30:cf:98:
9c:22:01:14:fa:ec:c4:10:f5:f5:08:6a:bc:70:6e:
1c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:17:C7:A9:FA:94:06:33:D4:99:FC:BE:F2:D9:D8:6A:C5:92:29:92
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-xfHqfqUBjPUmfy-8tnYasWSKZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
0b:7c:13:97:6f:e3:af:f4:f2:3d:8c:42:8a:8e:8f:22:68:67:
d3:8d:7d:f9:e1:0f:b8:57:b2:be:37:61:f4:0e:60:46:a2:a4:
84:11:98:2b:f3:fd:8f:86:b7:0d:20:bf:06:85:14:91:b0:93:
48:73:08:b6:e9:77:df:6e:fa:14:61:bc:de:d5:78:45:24:fe:
00:15:ad:b2:5e:c3:44:a7:c4:2c:9d:2d:8e:a3:b6:12:10:cc:
cb:3f:4d:73:a6:70:c0:4b:5a:2d:73:a0:d6:52:96:6c:0c:93:
98:a7:36:c3:48:e1:28:36:0a:bd:60:a6:8a:39:fb:77:65:d2:
8d:99:45:54:bd:2e:52:6d:51:e4:78:c7:67:74:59:40:77:2e:
02:fa:b3:11:4c:07:30:e6:d1:ca:67:14:76:a2:3f:51:3d:a0:
a2:d8:7e:b8:e9:0a:0f:cb:8a:5f:c2:05:10:16:80:35:ec:9a:
a7:98:da:ce:ed:be:41:3d:d9:b6:23:49:3e:87:9d:41:8b:3c:
ea:9b:79:77:a8:c3:26:14:3a:b8:83:3d:e9:81:c5:98:c4:21:
26:89:cf:74:ff:cd:84:33:25:06:23:f4:91:f1:b1:06:b5:5c:
2d:bb:d1:0a:fe:2c:54:ac:1d:73:32:c1:d2:d0:b6:1a:5e:5e:
3f:8c:5d:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRIZriHsSWudsMCkwV8LBXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA5MDAxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjE3YzdhOWZhOTQwNjMzZDQ5OWZjYmVmMmQ5ZDg2YWM1OTIyOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyVitKSx3uCNALmRfItlvSFckjHm
+usc3oPzLwnnZlMai8EIdBm/SMB8btY3FEb9K7GfhSyQvnoxudp5hV+0l2Xw/eYI
elkoDX5sVVqIwSt6OEdCU1JecNC/0iSh3ztNWH9oUNe6WwUmKHhsCB6UC4hbDKqs
avQ2b6yCLSvkcLrg4LNDabTACj6gbe6p9AnK38R70huz0Yb5U7aOZ7s2hq+NRusr
XWk0JIYxayQjA8mUcnhJD1BADUkKSgwDMXVpgPqzB/5K/0wCjQ3LhzFMrPPYmGBB
wIVN7Stp2FUjYmFp2bsQVtBHccicwE0wz5icIgEU+uzEEPX1CGq8cG4cqwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPsXx6n6lAYz1Jn8vvLZ2GrFkimSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS14ZkhxZnFVQmpQVW1meS04dG5ZYXNXU0taSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABlCwNZoAwDQYJKoZIhvcNAQELBQADggEBAAt8E5dv46/08j2MQoqOjyJo
Z9ONffnhD7hXsr43YfQOYEaipIQRmCvz/Y+Gtw0gvwaFFJGwk0hzCLbpd99u+hRh
vN7VeEUk/gAVrbJew0SnxCydLY6jthIQzMs/TXOmcMBLWi1zoNZSlmwMk5inNsNI
4Sg2Cr1gpoo5+3dl0o2ZRVS9LlJtUeR4x2d0WUB3LgL6sxFMBzDm0cpnFHaiP1E9
oKLYfrjpCg/Lil/CBRAWgDXsmqeY2s7tvkE92bYjST6HnUGLPOqbeXeowyYUOriD
PemBxZjEISaJz3T/zYQzJQYj9JHxsQa1XC270Qr+LFSsHXMywdLQthpeXj+MXUA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:24:40 2025 by rpki-client