Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2G_hhQ_eToe8QNUXzU54aUaD8ys.roa
File: 2G_hhQ_eToe8QNUXzU54aUaD8ys.roa (raw, json)
Hash identifier: XYxMQwV6hRoI9Rcg2m40WbWAOgoktiFeKpBUMZdB6p8=
Subject key identifier: D8:6F:E1:85:0F:DE:4E:87:BC:40:D5:17:CD:4E:78:69:46:83:F3:2B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019131AE7D4C7111B5BB63C8E2B575D60D5A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2G_hhQ_eToe8QNUXzU54aUaD8ys.roa
Signing time: Thu 08 Aug 2024 11:10:04 +0000
ROA not before: Thu 08 Aug 2024 11:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:ae:7d:4c:71:11:b5:bb:63:c8:e2:b5:75:d6:0d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 8 11:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86fe1850fde4e87bc40d517cd4e78694683f32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:92:dc:45:72:dc:ff:4a:cc:3b:82:bf:b2:09:
18:a4:82:df:c0:9e:e0:61:e2:19:2e:6b:0e:49:89:
eb:ca:af:03:85:e6:8c:22:df:a5:7e:39:0f:0f:3a:
3d:3b:79:84:2f:7c:82:ab:74:30:73:b9:6f:95:55:
c0:bc:91:d6:38:da:a1:b8:65:e1:f4:59:5c:81:be:
d4:a2:10:3a:de:c9:26:c2:55:68:63:de:dd:2e:63:
bf:f0:35:da:b6:78:ff:31:6e:52:eb:f8:ec:5e:ba:
18:ce:e2:7e:b2:c1:13:c9:d6:6f:7e:22:2c:65:60:
bc:4b:eb:ee:17:77:91:c8:6c:2a:4c:f2:7b:7f:6d:
38:c3:d4:c9:44:68:a5:3e:e8:f1:8c:b0:fa:33:08:
34:b6:97:c7:85:81:36:16:9b:21:a0:95:bf:d2:4c:
49:e6:e7:c9:95:7c:1d:2f:08:0b:1c:04:2f:de:dc:
4a:93:b0:ba:9f:89:fb:42:a3:4a:61:2b:52:fe:a8:
f6:d4:ff:f7:c1:80:13:d8:e4:b1:74:0c:72:8e:d7:
ca:df:65:1c:a4:d7:bc:fa:1a:5a:20:90:3f:89:7e:
4c:70:ff:92:74:a1:2c:57:8b:62:0c:8e:a6:8d:a0:
fb:77:f9:71:21:85:5d:02:3d:5f:81:2c:47:ff:5d:
ef:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:E1:85:0F:DE:4E:87:BC:40:D5:17:CD:4E:78:69:46:83:F3:2B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2G_hhQ_eToe8QNUXzU54aUaD8ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
73:f6:c1:10:35:bd:c5:48:2d:fb:dd:cc:55:c7:08:96:35:17:
ce:7f:92:da:19:56:b8:3f:ea:6c:c5:c9:c9:9c:17:74:7f:fe:
c9:63:49:b4:fa:57:21:0f:71:fe:2d:ab:e3:ac:d2:9f:b5:88:
6f:76:98:bf:11:ee:0b:15:42:f0:ce:bf:36:26:fd:e5:72:73:
9f:88:3f:48:d9:5c:05:92:f8:b8:1d:83:a3:4c:ea:be:00:cb:
dd:61:95:be:41:c1:fd:34:18:2e:2a:8a:ce:a0:84:5f:a9:c9:
1b:b7:4d:7f:7f:48:5e:c0:5b:cc:d1:fd:c6:32:b8:06:dc:ed:
d0:7b:a5:10:05:d9:ea:03:12:23:54:bb:5b:4c:0f:49:70:b0:
a4:84:1f:51:eb:ad:0e:d4:0a:02:a5:07:b8:e1:81:fe:d1:66:
3b:db:9e:47:04:dd:bc:06:5c:2a:4a:15:cb:ad:19:e6:57:7e:
87:1e:e9:be:1f:1d:7d:ee:0d:51:ac:da:f9:6e:86:ef:47:a9:
7e:a5:e7:a7:c0:05:f7:e0:0a:32:1e:c3:af:c7:9f:36:a2:82:
a4:3b:1d:8a:ce:ea:85:28:be:d5:a0:75:25:2b:b5:e6:c4:a7:
fb:9a:63:29:49:a0:97:7e:3c:74:02:3c:b4:94:0e:60:e3:3d:
bb:94:dd:95
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZExrn1McRG1u2PI4rV11g1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODA4MTExMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZmZTE4NTBmZGU0ZTg3YmM0MGQ1MTdjZDRlNzg2OTQ2ODNmMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpLcRXLc/0rMO4K/sgkYpILfwJ7g
YeIZLmsOSYnryq8DheaMIt+lfjkPDzo9O3mEL3yCq3Qwc7lvlVXAvJHWONqhuGXh
9Flcgb7UohA63skmwlVoY97dLmO/8DXatnj/MW5S6/jsXroYzuJ+ssETydZvfiIs
ZWC8S+vuF3eRyGwqTPJ7f204w9TJRGilPujxjLD6Mwg0tpfHhYE2FpshoJW/0kxJ
5ufJlXwdLwgLHAQv3txKk7C6n4n7QqNKYStS/qj21P/3wYAT2OSxdAxyjtfK32Uc
pNe8+hpaIJA/iX5McP+SdKEsV4tiDI6mjaD7d/lxIYVdAj1fgSxH/13vjQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNhv4YUP3k6HvEDVF81OeGlGg/MrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMkdfaGhRX2VUb2U4UU5VWHpVNTRhVWFEOHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAc/bBEDW9xUgt+93MVccIljUX
zn+S2hlWuD/qbMXJyZwXdH/+yWNJtPpXIQ9x/i2r46zSn7WIb3aYvxHuCxVC8M6/
Nib95XJzn4g/SNlcBZL4uB2Do0zqvgDL3WGVvkHB/TQYLiqKzqCEX6nJG7dNf39I
XsBbzNH9xjK4Btzt0HulEAXZ6gMSI1S7W0wPSXCwpIQfUeutDtQKAqUHuOGB/tFm
O9ueRwTdvAZcKkoVy60Z5ld+hx7pvh8dfe4NUaza+W6G70epfqXnp8AF9+AKMh7D
r8efNqKCpDsdis7qhSi+1aB1JSu15sSn+5pjKUmgl348dAI8tJQOYOM9u5TdlQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:06:33 2025 by rpki-client