Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/28n9c-IYstDaOuxfRFAkqs6aYWE.roa
File: 28n9c-IYstDaOuxfRFAkqs6aYWE.roa (raw, json)
Hash identifier: nW8Ytwohyud4lpDuPNVueejDGm8LTRD0RWGdyG40re0=
Subject key identifier: DB:C9:FD:73:E2:18:B2:D0:DA:3A:EC:5F:44:50:24:AA:CE:9A:61:61
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194459C9CFCBF12B7A2FA3389D83856BC7E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/28n9c-IYstDaOuxfRFAkqs6aYWE.roa
Signing time: Wed 08 Jan 2025 11:11:19 +0000
ROA not before: Wed 08 Jan 2025 11:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:9c:9c:fc:bf:12:b7:a2:fa:33:89:d8:38:56:bc:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 8 11:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbc9fd73e218b2d0da3aec5f445024aace9a6161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d5:77:98:13:27:8d:42:b6:8b:ca:7d:4c:89:
df:81:6d:4b:fa:12:3f:87:d2:5a:a7:a8:ad:27:8f:
3c:db:ed:8c:3b:4f:1c:61:46:59:57:8d:65:1d:36:
01:94:84:a5:80:63:ec:de:d3:e6:77:b2:ab:a3:8e:
2f:3a:30:f5:9f:82:45:c8:e0:52:e7:97:7c:a2:d6:
9d:8e:3a:77:90:2a:33:0d:c8:1c:66:a6:bd:8a:8b:
24:25:47:02:0e:64:eb:c0:80:a3:2b:ff:b8:3c:e6:
4e:83:4c:0a:cd:35:99:b7:e6:ce:ea:58:6a:e2:45:
30:98:d2:eb:6c:d3:06:ad:51:2a:c0:f5:09:b2:34:
52:7d:a0:13:52:ca:29:62:fd:ef:ae:e2:04:c1:ef:
20:76:87:a7:0a:5f:45:5a:29:94:5c:a6:26:a5:85:
b8:c3:22:bc:ba:11:14:23:ff:37:da:a4:86:51:60:
a6:6c:9b:bf:cd:7d:d3:a6:1a:87:66:a5:00:23:79:
f1:df:0d:a5:18:b6:40:e5:7e:4a:4d:c1:dc:75:52:
38:51:f6:f8:38:3d:1f:5e:58:4c:d5:15:18:4b:87:
2e:af:f2:c0:52:a8:b6:20:49:84:bf:ba:b0:16:d7:
ac:98:03:a4:6e:d2:c7:a3:73:54:b3:ad:b3:92:78:
fa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C9:FD:73:E2:18:B2:D0:DA:3A:EC:5F:44:50:24:AA:CE:9A:61:61
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/28n9c-IYstDaOuxfRFAkqs6aYWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
36:70:e4:07:2a:a4:c5:b5:8f:82:3f:61:24:05:93:28:ee:c5:
bb:8e:9d:a8:71:d7:07:62:26:fa:63:f5:a5:15:59:8a:26:ad:
35:1e:c9:96:b2:e5:46:39:e0:d7:92:81:51:1b:b9:2d:fc:27:
04:19:c7:e1:6d:10:67:97:4b:1b:e1:a6:10:40:10:7b:fe:75:
4d:55:88:06:b0:82:e9:87:6f:9c:4e:8d:b9:9d:c5:1a:ef:21:
69:7a:f5:73:af:23:5c:38:c9:09:72:f0:bd:f5:ad:e0:25:20:
43:01:2a:b6:fe:89:61:fe:76:39:f7:36:6a:6d:f0:9a:99:3a:
cf:53:4a:4a:dc:59:c4:bc:44:a1:92:e9:82:e3:cf:fc:28:4f:
8c:f5:d7:87:71:d7:3f:a3:d6:f3:13:78:d5:a4:ef:a1:0c:7c:
67:89:30:e0:59:5e:17:20:37:a0:d6:f0:f6:da:fe:ba:0d:aa:
82:fe:e7:fd:07:98:68:2b:16:fa:df:95:e5:90:5e:73:89:a6:
54:b0:c1:0b:ed:ef:89:95:dc:30:29:b6:34:83:4f:86:88:9b:
86:6e:d7:6b:83:03:52:35:22:f9:6d:7a:2a:59:2f:b1:14:0c:
3d:83:86:cd:2f:a5:11:bc:0f:15:88:ee:d2:63:68:c2:93:e0:
83:cc:f9:92
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRFnJz8vxK3ovozidg4Vrx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA4MTExMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM5ZmQ3M2UyMThiMmQwZGEzYWVjNWY0NDUwMjRhYWNlOWE2MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9V3mBMnjUK2i8p9TInfgW1L+hI/
h9Jap6itJ4882+2MO08cYUZZV41lHTYBlISlgGPs3tPmd7Kro44vOjD1n4JFyOBS
55d8otadjjp3kCozDcgcZqa9ioskJUcCDmTrwICjK/+4POZOg0wKzTWZt+bO6lhq
4kUwmNLrbNMGrVEqwPUJsjRSfaATUsopYv3vruIEwe8gdoenCl9FWimUXKYmpYW4
wyK8uhEUI/832qSGUWCmbJu/zX3TphqHZqUAI3nx3w2lGLZA5X5KTcHcdVI4Ufb4
OD0fXlhM1RUYS4cur/LAUqi2IEmEv7qwFtesmAOkbtLHo3NUs62zknj6OwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNvJ/XPiGLLQ2jrsX0RQJKrOmmFhMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMjhuOWMtSVlzdERhT3V4ZlJGQWtxczZhWVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEANnDkByqkxbWPgj9hJAWTKO7F
u46dqHHXB2Im+mP1pRVZiiatNR7JlrLlRjng15KBURu5LfwnBBnH4W0QZ5dLG+Gm
EEAQe/51TVWIBrCC6YdvnE6NuZ3FGu8haXr1c68jXDjJCXLwvfWt4CUgQwEqtv6J
Yf52Ofc2am3wmpk6z1NKStxZxLxEoZLpguPP/ChPjPXXh3HXP6PW8xN41aTvoQx8
Z4kw4FleFyA3oNbw9tr+ug2qgv7n/QeYaCsW+t+V5ZBec4mmVLDBC+3viZXcMCm2
NINPhoibhm7Xa4MDUjUi+W16KlkvsRQMPYOGzS+lEbwPFYju0mNowpPgg8z5kg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:12:03 2025 by rpki-client