Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UfHcq4y17IrNkuqrlDbvIONDnQ.roa
File: 2UfHcq4y17IrNkuqrlDbvIONDnQ.roa (raw, json)
Hash identifier: Z17jSa0PUkUu4v/jwtllju6N9GUU7cfeyxqvOwyQOCY=
Subject key identifier: D9:47:C7:72:AE:32:D7:B2:2B:36:4B:AA:AE:50:DB:BC:83:8D:0E:74
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194656035824250659C794FB3CC1614CF09
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UfHcq4y17IrNkuqrlDbvIONDnQ.roa
Signing time: Tue 14 Jan 2025 15:13:11 +0000
ROA not before: Tue 14 Jan 2025 15:13:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:60:35:82:42:50:65:9c:79:4f:b3:cc:16:14:cf:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 14 15:13:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d947c772ae32d7b22b364baaae50dbbc838d0e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4c:02:44:c3:71:fe:90:fe:36:55:6f:66:6f:
fc:c2:2a:cf:91:bb:ff:34:09:b9:a5:e4:4e:ea:3a:
bd:32:7d:b8:59:e5:1d:2c:d9:11:f0:da:a4:80:01:
59:79:54:40:23:be:5e:8a:a0:92:7a:ca:94:c9:f3:
6a:0a:3e:79:54:9d:58:7e:6d:df:f5:3d:98:62:34:
5a:4a:56:d5:b7:8c:76:c5:8a:f1:32:3e:48:1d:40:
70:9c:be:65:de:88:22:c0:54:f6:f1:30:17:b8:1a:
3b:c3:4a:b1:6b:40:dc:bd:e2:01:d2:19:7d:17:6b:
4e:67:f7:bc:bc:b0:45:c3:ad:df:8d:07:9b:94:c0:
fe:50:7d:7e:ee:61:ac:7a:6d:5c:12:bb:69:f8:de:
6b:a8:0e:c2:b9:d0:cb:28:89:78:97:a4:9b:e2:c6:
b9:61:69:15:04:75:0a:22:43:a3:39:1a:18:b4:2d:
06:84:a7:d8:32:66:da:7f:cb:d8:62:7f:74:59:dd:
ce:4a:bb:36:98:c0:f1:4f:af:3c:a8:43:b0:7d:43:
a8:5e:df:6f:10:b0:42:e3:57:ec:f3:2d:b3:09:58:
68:30:44:61:2c:57:c8:70:39:86:5e:48:ce:07:4f:
97:7d:e7:6b:d8:23:aa:d0:73:bb:70:e9:35:b0:7a:
88:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:47:C7:72:AE:32:D7:B2:2B:36:4B:AA:AE:50:DB:BC:83:8D:0E:74
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2UfHcq4y17IrNkuqrlDbvIONDnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
13:46:be:8b:91:11:3e:6f:ef:85:bf:7e:07:08:f1:c0:94:e8:
2c:1d:55:34:c7:94:d9:63:7f:76:98:92:c8:4c:0f:15:e7:9a:
fb:ef:2f:b9:5f:7e:61:32:4f:82:e9:fe:86:11:b0:c4:d3:3c:
c5:fc:32:03:ea:26:8a:2b:36:96:97:a3:93:57:82:de:9f:26:
c1:ee:5f:bc:2e:93:77:a9:b8:2e:98:c3:07:e0:83:d4:93:c8:
14:64:0d:d8:33:89:2c:e6:df:d7:de:02:28:e1:82:03:8c:a1:
9c:15:0b:14:c9:c5:4f:ae:5e:17:4f:a7:64:3a:7a:38:7c:4c:
09:40:f5:ac:96:d4:6a:c2:bb:13:a5:1c:2a:29:31:54:82:ec:
4c:c7:47:d1:6e:b4:25:3c:68:73:88:36:a8:2e:97:00:fa:a7:
06:cd:83:6e:01:d3:44:45:9b:78:c4:db:e8:2b:e5:01:4a:f1:
28:2d:51:98:51:6f:50:48:d0:61:68:5a:75:ed:d0:da:a7:52:
4a:1e:85:d4:23:1f:22:67:04:94:7a:50:8b:c4:a9:4e:61:5a:
4f:4b:fd:6e:e1:37:e0:96:98:5d:51:e2:39:16:dd:d6:86:a9:
14:e5:c3:71:29:ae:50:de:78:cf:a3:91:9e:1b:d5:29:a2:93:
df:9b:ac:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRlYDWCQlBlnHlPs8wWFM8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE0MTUxMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ3Yzc3MmFlMzJkN2IyMmIzNjRiYWFhZTUwZGJiYzgzOGQwZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUwCRMNx/pD+NlVvZm/8wirPkbv/
NAm5peRO6jq9Mn24WeUdLNkR8NqkgAFZeVRAI75eiqCSesqUyfNqCj55VJ1Yfm3f
9T2YYjRaSlbVt4x2xYrxMj5IHUBwnL5l3ogiwFT28TAXuBo7w0qxa0DcveIB0hl9
F2tOZ/e8vLBFw63fjQeblMD+UH1+7mGsem1cErtp+N5rqA7CudDLKIl4l6Sb4sa5
YWkVBHUKIkOjORoYtC0GhKfYMmbaf8vYYn90Wd3OSrs2mMDxT688qEOwfUOoXt9v
ELBC41fs8y2zCVhoMERhLFfIcDmGXkjOB0+Xfedr2COq0HO7cOk1sHqImwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNlHx3KuMteyKzZLqq5Q27yDjQ50MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMlVmSGNxNHkxN0lyTmt1cXJsRGJ2SU9ORG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAE0a+i5ERPm/vhb9+BwjxwJTo
LB1VNMeU2WN/dpiSyEwPFeea++8vuV9+YTJPgun+hhGwxNM8xfwyA+omiis2lpej
k1eC3p8mwe5fvC6Td6m4LpjDB+CD1JPIFGQN2DOJLObf194CKOGCA4yhnBULFMnF
T65eF0+nZDp6OHxMCUD1rJbUasK7E6UcKikxVILsTMdH0W60JTxoc4g2qC6XAPqn
Bs2DbgHTREWbeMTb6CvlAUrxKC1RmFFvUEjQYWhade3Q2qdSSh6F1CMfImcElHpQ
i8SpTmFaT0v9buE34JaYXVHiORbd1oapFOXDcSmuUN54z6ORnhvVKaKT35usWw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:21:15 2025 by rpki-client