Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3xi-QcIHXs_RqVmkCMJUa8OtR9k.roa
File: 3xi-QcIHXs_RqVmkCMJUa8OtR9k.roa (raw, json)
Hash identifier: KBtN2odZnUvvoHkyyfG6wMvdq54w8VZGjM9mqAgYKdM=
Subject key identifier: DF:18:BE:41:C2:07:5E:CF:D1:A9:59:A4:08:C2:54:6B:C3:AD:47:D9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B26FD5CDA7F342144108F86404B3B9D6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3xi-QcIHXs_RqVmkCMJUa8OtR9k.roa
Signing time: Mon 02 Sep 2024 11:12:39 +0000
ROA not before: Mon 02 Sep 2024 11:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:6f:d5:cd:a7:f3:42:14:41:08:f8:64:04:b3:b9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 11:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df18be41c2075ecfd1a959a408c2546bc3ad47d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:b1:b2:f7:c8:11:39:6d:8e:f8:f2:85:78:
d7:6f:ad:5f:dc:70:4f:24:cb:ba:1b:c8:17:9e:75:
89:a9:65:c3:0d:37:47:7e:86:64:10:41:43:c3:5f:
da:5c:af:39:ce:a3:52:61:68:18:b4:1f:87:59:57:
de:e2:1f:3b:b4:00:30:e4:ba:ae:70:48:13:be:00:
5d:5a:e2:38:05:57:e8:3e:44:70:af:e7:90:8b:91:
c3:4d:59:79:44:03:ee:3b:03:ca:26:7f:43:72:ee:
bf:53:ff:a5:b2:a8:5e:67:70:17:27:ea:71:a6:6f:
32:b2:38:c5:e4:a8:51:b0:9c:e4:90:87:4a:c4:aa:
a1:e4:79:c2:98:89:79:41:32:50:5b:40:b5:b6:92:
a8:49:7e:57:9c:52:fe:95:0b:2a:94:c8:90:e3:50:
0a:7e:2b:ba:30:64:3a:e1:8d:97:28:d3:e2:4a:6a:
fc:00:0d:8c:3c:82:dc:85:4d:04:c7:d5:0d:3a:0d:
31:d0:0e:c6:57:52:a4:8d:8a:b5:5b:f9:9d:fb:62:
68:3f:ed:90:8a:8c:f9:93:33:da:8c:db:df:29:4d:
dd:3f:0f:5e:34:fc:07:1a:6b:c4:7d:55:2d:d1:2d:
1b:c6:4e:9c:74:3b:43:89:a5:bf:9a:d3:f7:2d:2f:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:18:BE:41:C2:07:5E:CF:D1:A9:59:A4:08:C2:54:6B:C3:AD:47:D9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3xi-QcIHXs_RqVmkCMJUa8OtR9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
12:3c:a4:16:5b:dc:a5:eb:4e:9c:8d:f3:b9:08:6c:1f:cf:19:
00:11:9d:e5:58:7e:22:05:a8:13:72:98:6e:af:16:6e:a3:be:
0c:ce:72:af:08:4c:52:5a:22:5e:13:3c:23:2b:bb:79:64:7a:
cb:a4:c9:d8:e0:99:fe:76:3b:1b:c2:5e:2a:bc:4b:5b:a8:f7:
64:10:b0:0a:52:96:5b:4d:f2:bb:57:db:9a:a6:d2:a6:00:5f:
61:10:34:ce:d2:51:c7:89:9e:87:0f:26:52:b4:b9:cf:87:0d:
6c:fe:f0:2d:03:c1:78:24:3c:d9:18:59:b3:60:70:34:a3:06:
6f:04:08:fa:12:d9:37:c9:54:0c:fc:c1:7e:90:96:1c:68:5b:
87:8a:8c:91:74:6e:f6:50:1d:15:ac:22:a1:a6:5f:58:17:f3:
9d:4f:f2:f8:55:b6:6c:2e:ba:17:0f:e3:0c:58:b6:01:a7:9f:
06:d0:a8:e8:a6:2f:be:19:a0:1b:bd:ff:77:cd:57:c0:40:36:
73:77:f4:0f:1e:dd:43:f0:13:1d:39:a5:ac:80:26:a8:11:cb:
68:18:c2:fb:9a:2e:e3:a6:36:9e:82:af:f4:71:47:a4:ac:fc:
05:7f:4c:32:e8:2f:73:32:d1:ca:dd:36:89:b7:c5:ee:0f:17:
3e:ec:7f:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGyb9XNp/NCFEEI+GQEs7nWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMTExMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE4YmU0MWMyMDc1ZWNmZDFhOTU5YTQwOGMyNTQ2YmMzYWQ0N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFCxsvfIETltjvjyhXjXb61f3HBP
JMu6G8gXnnWJqWXDDTdHfoZkEEFDw1/aXK85zqNSYWgYtB+HWVfe4h87tAAw5Lqu
cEgTvgBdWuI4BVfoPkRwr+eQi5HDTVl5RAPuOwPKJn9Dcu6/U/+lsqheZ3AXJ+px
pm8ysjjF5KhRsJzkkIdKxKqh5HnCmIl5QTJQW0C1tpKoSX5XnFL+lQsqlMiQ41AK
fiu6MGQ64Y2XKNPiSmr8AA2MPILchU0Ex9UNOg0x0A7GV1KkjYq1W/md+2JoP+2Q
ioz5kzPajNvfKU3dPw9eNPwHGmvEfVUt0S0bxk6cdDtDiaW/mtP3LS8QGwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN8YvkHCB17P0alZpAjCVGvDrUfZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM3hpLVFjSUhYc19ScVZta0NNSlVhOE90UjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAEjykFlvcpetOnI3zuQhsH88Z
ABGd5Vh+IgWoE3KYbq8WbqO+DM5yrwhMUloiXhM8Iyu7eWR6y6TJ2OCZ/nY7G8Je
KrxLW6j3ZBCwClKWW03yu1fbmqbSpgBfYRA0ztJRx4mehw8mUrS5z4cNbP7wLQPB
eCQ82RhZs2BwNKMGbwQI+hLZN8lUDPzBfpCWHGhbh4qMkXRu9lAdFawioaZfWBfz
nU/y+FW2bC66Fw/jDFi2AaefBtCo6KYvvhmgG73/d81XwEA2c3f0Dx7dQ/ATHTml
rIAmqBHLaBjC+5ou46Y2noKv9HFHpKz8BX9MMugvczLRyt02ibfF7g8XPux/IA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:25:12 2025 by rpki-client