Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2N2A9QuuAUjuaQb06oP3BfK95LI.roa
File: 2N2A9QuuAUjuaQb06oP3BfK95LI.roa (raw, json)
Hash identifier: sc5Yxn/gBkgFwfIEOW2XtEvZB5fHrJk/cgISVAgGOmk=
Subject key identifier: D8:DD:80:F5:0B:AE:01:48:EE:69:06:F4:EA:83:F7:05:F2:BD:E4:B2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959FB36881E8117EE0773C2283811D5678
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2N2A9QuuAUjuaQb06oP3BfK95LI.roa
Signing time: Sun 16 Mar 2025 16:04:49 +0000
ROA not before: Sun 16 Mar 2025 16:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
2001:67c:64:ffff:0:195:9fb3:178a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:b3:68:81:e8:11:7e:e0:77:3c:22:83:81:1d:56:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 16:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8dd80f50bae0148ee6906f4ea83f705f2bde4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:67:4b:7e:a5:84:71:4a:11:fc:61:21:2c:c0:
29:be:3a:36:37:dc:ae:3d:a9:cd:a8:25:63:5f:6a:
7d:30:a9:d0:22:86:f9:51:d5:a4:cb:0c:af:cd:ff:
f1:4d:65:d7:c6:9e:b7:34:41:7d:bf:cb:fb:3c:30:
74:0c:97:9c:52:85:b7:c1:d6:f9:bb:4c:f7:9a:10:
52:ab:63:de:4e:79:5c:97:06:db:3c:80:5f:fc:d9:
a2:a9:88:65:e6:fa:c6:a9:d2:be:d9:7b:c8:37:89:
35:b2:6e:4c:1e:e2:f5:70:2e:24:45:74:02:1f:05:
40:91:12:ab:4c:0c:7e:8f:e1:93:f0:fd:5e:50:a4:
4e:ec:23:85:e7:17:28:62:21:75:63:c3:34:77:10:
96:ca:9c:5e:62:62:ae:c6:19:a2:2c:06:f8:59:42:
3b:47:9f:2c:28:93:5b:b7:19:18:58:27:2e:d9:49:
93:4d:c1:ef:1c:2a:89:0a:57:2d:63:12:ea:c8:2c:
0f:f4:2f:95:fd:de:d2:27:ca:30:3f:8b:36:69:a1:
40:5a:f6:d8:c4:93:1f:b8:4e:e0:1f:2c:b0:b8:5d:
1e:61:fe:fd:16:5b:92:6d:9e:29:b0:81:14:a3:52:
ce:c6:06:d9:e8:22:4e:fb:c7:43:b7:18:4f:53:b8:
84:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DD:80:F5:0B:AE:01:48:EE:69:06:F4:EA:83:F7:05:F2:BD:E4:B2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2N2A9QuuAUjuaQb06oP3BfK95LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
2001:67c:64:ffff:0:195:9fb3:178a/128
Signature Algorithm: sha256WithRSAEncryption
2b:29:97:36:99:80:4b:7d:4d:05:bd:85:b3:ec:e2:af:fc:51:
b0:b8:3e:f6:59:e4:19:32:3f:07:ef:ec:cb:24:0c:a5:ae:46:
8f:34:17:d3:86:fd:d7:45:7e:25:ed:d1:32:8a:fe:7c:ca:ae:
17:8b:72:a5:1f:1d:aa:fc:c5:a2:cb:9f:da:ee:11:3e:90:0a:
c0:45:8a:b1:c0:6e:e7:36:fd:8d:63:79:04:ae:5f:26:3d:ab:
6a:35:d5:9e:aa:cc:59:03:16:68:63:dc:53:97:ae:3b:6d:f6:
57:2b:ff:a6:fb:d5:86:21:df:3e:69:c2:29:60:f5:46:d5:b7:
f1:af:33:78:20:8b:19:64:4f:ca:48:1f:5e:a2:25:b9:0b:cc:
96:db:1e:4a:08:f5:65:02:9a:41:fd:28:74:67:7c:e4:b4:26:
ae:10:36:05:dd:29:2d:05:cb:19:59:b5:41:00:e0:63:f7:34:
41:74:80:a2:42:19:06:f8:44:8b:6e:fd:7a:05:eb:a7:6f:2d:
a8:f9:27:b1:86:c4:cf:91:07:da:bd:9a:89:81:ef:1d:be:9b:
18:bb:d0:28:98:2d:e1:ce:dc:89:56:ad:9f:b2:d9:d4:fa:6c:
88:c1:bb:95:c8:da:6f:10:50:d6:48:b0:2c:7d:da:4c:56:b2:
ad:ed:2f:d8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWfs2iB6BF+4Hc8IoOBHVZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTYwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRkODBmNTBiYWUwMTQ4ZWU2OTA2ZjRlYTgzZjcwNWYyYmRlNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2dLfqWEcUoR/GEhLMApvjo2N9yu
PanNqCVjX2p9MKnQIob5UdWkywyvzf/xTWXXxp63NEF9v8v7PDB0DJecUoW3wdb5
u0z3mhBSq2PeTnlclwbbPIBf/NmiqYhl5vrGqdK+2XvIN4k1sm5MHuL1cC4kRXQC
HwVAkRKrTAx+j+GT8P1eUKRO7COF5xcoYiF1Y8M0dxCWypxeYmKuxhmiLAb4WUI7
R58sKJNbtxkYWCcu2UmTTcHvHCqJClctYxLqyCwP9C+V/d7SJ8owP4s2aaFAWvbY
xJMfuE7gHyywuF0eYf79FluSbZ4psIEUo1LOxgbZ6CJO+8dDtxhPU7iEuQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNjdgPULrgFI7mkG9OqD9wXyveSyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMk4yQTlRdXVBVWp1YVFiMDZvUDNCZks5NUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGVhs9jDAMRACABBnwAZP//AAABlZ+zF4owDQYJKoZIhvcNAQELBQADggEB
ACsplzaZgEt9TQW9hbPs4q/8UbC4PvZZ5BkyPwfv7MskDKWuRo80F9OG/ddFfiXt
0TKK/nzKrheLcqUfHar8xaLLn9ruET6QCsBFirHAbuc2/Y1jeQSuXyY9q2o11Z6q
zFkDFmhj3FOXrjtt9lcr/6b71YYh3z5pwilg9UbVt/GvM3ggixlkT8pIH16iJbkL
zJbbHkoI9WUCmkH9KHRnfOS0Jq4QNgXdKS0FyxlZtUEA4GP3NEF0gKJCGQb4RItu
/XoF66dvLaj5J7GGxM+RB9q9momB7x2+mxi70CiYLeHO3IlWrZ+y2dT6bIjBu5XI
2m8QUNZIsCx92kxWsq3tL9g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:39 2025 by rpki-client