Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/34-N9RVT3eVsQQhHTz6WBe91R3k.roa
File: 34-N9RVT3eVsQQhHTz6WBe91R3k.roa (raw, json)
Hash identifier: Ki+Qzaq5AmDmiAcCUf70wRAnCflfK+qGR20FTbUM7Is=
Subject key identifier: DF:8F:8D:F5:15:53:DD:E5:6C:41:08:47:4F:3E:96:05:EF:75:47:79
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194302771CD9B92926F8F975C18A22B7C4B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/34-N9RVT3eVsQQhHTz6WBe91R3k.roa
Signing time: Sat 04 Jan 2025 07:11:18 +0000
ROA not before: Sat 04 Jan 2025 07:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:30:27:71:cd:9b:92:92:6f:8f:97:5c:18:a2:2b:7c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 4 07:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df8f8df51553dde56c4108474f3e9605ef754779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cb:0b:c5:5b:2d:ce:78:9b:22:08:81:71:15:
aa:8a:b9:f4:72:5e:05:ed:ff:37:27:51:24:fe:10:
e0:43:c3:85:53:d8:3d:61:05:47:67:7c:11:0c:f1:
fc:61:77:ee:3e:1b:af:a6:3f:2a:ac:27:a5:ae:aa:
78:a6:e7:32:9d:eb:3b:f2:ba:7c:e3:de:a9:51:82:
aa:57:bf:5f:08:2a:be:20:6b:e0:dc:b3:1a:fb:73:
df:c7:a3:a0:1c:0a:ce:7b:49:b8:e3:64:77:ae:09:
9f:97:e2:96:b8:96:4a:92:28:e3:b9:d3:e8:47:b3:
91:cd:bd:b8:d9:3f:31:51:61:54:5f:11:4a:12:78:
ee:f2:e6:c3:80:dd:f7:72:97:03:ab:13:67:32:bd:
a7:a6:c4:8a:e9:3e:bf:de:13:28:df:54:93:e9:c8:
29:b2:e7:bb:7c:f2:65:4a:12:67:0a:71:0b:46:78:
0e:1d:ab:6c:3e:8d:25:47:f7:71:b2:1b:2d:db:db:
59:10:aa:de:5e:60:a9:d2:ba:8b:62:a8:b0:3b:1a:
6a:ae:2f:c3:b4:7c:58:fc:56:23:24:a2:23:03:15:
7c:b8:04:94:03:c0:ab:3d:d2:8f:aa:d5:91:22:9f:
bf:94:4f:e2:91:c2:ba:b1:d1:c9:fb:12:f6:91:7c:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8F:8D:F5:15:53:DD:E5:6C:41:08:47:4F:3E:96:05:EF:75:47:79
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/34-N9RVT3eVsQQhHTz6WBe91R3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
8d:f3:a1:ad:17:8e:0f:e6:d4:49:47:9f:ab:8e:a0:68:60:13:
7c:40:5b:50:d2:02:79:38:e8:c3:92:29:d7:68:43:ff:d7:d8:
4d:ae:e3:07:a5:92:89:c9:0a:c0:0b:d1:7f:e0:9a:e2:ce:8c:
67:c4:2e:09:ac:90:10:60:cf:1e:10:0d:c4:b8:bc:52:ee:d2:
9a:c7:2f:af:2e:83:39:10:2a:96:84:58:ae:c6:a6:64:37:f4:
c2:83:1d:f8:3b:46:95:d0:4a:d5:f2:06:ba:12:97:48:2b:89:
f3:0c:2a:31:0b:4d:b3:7a:8c:58:0e:8a:6a:c0:8e:07:77:27:
19:4f:66:81:6f:cb:b8:f9:87:24:4b:2e:29:31:b3:3a:f5:9a:
7b:f4:5b:a2:df:06:f3:45:80:8c:c4:6f:ce:f1:dc:91:8f:d4:
95:e1:cb:00:a0:f4:79:ab:b4:4f:a9:12:7e:36:63:43:b3:14:
c8:5c:3d:22:a0:9d:18:e4:b0:3a:ce:65:23:15:39:c0:a2:60:
87:c5:e1:11:f5:53:74:dd:b6:75:5c:fe:33:82:14:e0:38:42:
04:42:ba:f8:04:d3:d2:08:23:3e:0f:4a:e5:3c:a0:c8:b9:0d:
44:d6:fc:a2:41:f5:2f:62:60:32:c4:fa:fe:60:fa:a5:a9:4e:
41:0d:d2:85
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQwJ3HNm5KSb4+XXBiiK3xLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA0MDcxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhmOGRmNTE1NTNkZGU1NmM0MTA4NDc0ZjNlOTYwNWVmNzU0Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzssLxVstznibIgiBcRWqirn0cl4F
7f83J1Ek/hDgQ8OFU9g9YQVHZ3wRDPH8YXfuPhuvpj8qrCelrqp4pucynes78rp8
496pUYKqV79fCCq+IGvg3LMa+3Pfx6OgHArOe0m442R3rgmfl+KWuJZKkijjudPo
R7ORzb242T8xUWFUXxFKEnju8ubDgN33cpcDqxNnMr2npsSK6T6/3hMo31ST6cgp
sue7fPJlShJnCnELRngOHatsPo0lR/dxshst29tZEKreXmCp0rqLYqiwOxpqri/D
tHxY/FYjJKIjAxV8uASUA8CrPdKPqtWRIp+/lE/ikcK6sdHJ+xL2kXwVpwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN+PjfUVU93lbEEIR08+lgXvdUd5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMzQtTjlSVlQzZVZzUVFoSFR6NldCZTkxUjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAjfOhrReOD+bUSUefq46gaGAT
fEBbUNICeTjow5Ip12hD/9fYTa7jB6WSickKwAvRf+Ca4s6MZ8QuCayQEGDPHhAN
xLi8Uu7Smscvry6DORAqloRYrsamZDf0woMd+DtGldBK1fIGuhKXSCuJ8wwqMQtN
s3qMWA6KasCOB3cnGU9mgW/LuPmHJEsuKTGzOvWae/Rbot8G80WAjMRvzvHckY/U
leHLAKD0eau0T6kSfjZjQ7MUyFw9IqCdGOSwOs5lIxU5wKJgh8XhEfVTdN22dVz+
M4IU4DhCBEK6+ATT0ggjPg9K5TygyLkNRNb8okH1L2JgMsT6/mD6palOQQ3ShQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:38 2025 by rpki-client