Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-acj7XldeOz6qDCPsc8bQrrszE.roa
File: 4-acj7XldeOz6qDCPsc8bQrrszE.roa (raw, json)
Hash identifier: dwMG3a+iqMZS8S80rUZxwtBZXmcSGfppLHySHE44KmI=
Subject key identifier: E3:E6:9C:8F:B5:E5:75:E3:B3:EA:A0:C2:3E:C7:3C:6D:0A:EB:B3:31
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943DAC235F47C21DD3B08DA24C662DB229
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-acj7XldeOz6qDCPsc8bQrrszE.roa
Signing time: Mon 06 Jan 2025 22:11:18 +0000
ROA not before: Mon 06 Jan 2025 22:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:ac:23:5f:47:c2:1d:d3:b0:8d:a2:4c:66:2d:b2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 6 22:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e69c8fb5e575e3b3eaa0c23ec73c6d0aebb331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f8:cf:8d:33:76:b6:fe:1d:1b:6d:fb:8a:2c:
5e:51:08:14:cd:2f:8e:52:4b:e3:54:56:0b:b9:ff:
4b:49:aa:06:71:da:1e:1e:0e:6b:f9:b5:f6:c3:62:
95:21:9a:d9:d6:ce:19:0c:02:ac:84:5b:97:e2:0e:
a9:5c:e1:0a:bc:26:29:ac:5a:c3:b6:0d:b0:50:7c:
01:ae:78:54:6b:4c:2e:82:03:a4:1d:26:66:de:86:
f3:43:ab:f4:3c:36:4b:73:80:e6:20:d9:9a:53:fe:
4e:3f:2a:3c:a2:cd:b2:57:76:61:5a:50:e5:c8:2b:
52:08:93:39:b1:66:d4:3d:ac:dc:6a:e7:57:3d:dd:
6a:ba:84:90:14:3b:bf:65:d0:ed:e8:1c:65:6a:75:
45:47:9e:1f:a4:50:9a:ed:0d:79:f1:d5:0f:5d:1b:
1a:4f:6e:e1:bd:de:66:f4:51:48:36:03:2b:da:73:
ad:ad:49:c1:64:cf:f0:17:af:fe:3a:3b:a1:69:2c:
66:2d:44:76:0f:38:be:87:4e:91:b8:b2:b4:ff:2d:
b9:eb:ad:6a:9c:ea:d3:e7:e0:63:68:7f:a6:29:f3:
ed:f0:e6:69:2a:04:3d:fa:49:1e:ef:30:49:69:fb:
b7:49:3c:98:e9:83:39:5d:f3:d0:0a:6e:2c:9e:5c:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E6:9C:8F:B5:E5:75:E3:B3:EA:A0:C2:3E:C7:3C:6D:0A:EB:B3:31
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-acj7XldeOz6qDCPsc8bQrrszE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
98:0b:82:d8:15:09:2f:56:48:12:17:e0:d8:49:7b:50:7e:3c:
dc:e1:e7:0d:33:d1:34:2f:07:ab:1a:39:a8:9d:c6:56:a6:0c:
dc:7c:66:93:bc:a2:fa:b5:70:fe:09:e4:b6:bd:cd:0f:98:97:
9f:e3:83:e1:e6:88:4b:96:08:d1:61:de:dd:0b:02:3d:ad:78:
00:af:89:7f:a9:b2:2d:65:a7:61:cd:51:d9:9e:11:8d:c3:70:
9f:ee:ef:e8:fe:60:ca:18:9a:6d:f2:4b:40:4e:43:12:02:a8:
32:ed:c5:8b:73:19:9f:9b:3a:e9:3a:52:1d:59:22:c2:c8:d7:
0c:ae:e8:b7:d9:ef:ef:7a:f0:4e:4c:4f:c3:fb:d9:7d:41:48:
c6:a5:b9:86:c9:0d:12:93:20:1b:af:02:61:21:4c:1f:d7:8b:
e1:0e:51:7d:2d:c5:ed:97:03:4f:9e:28:1b:a8:22:14:7f:bf:
9a:46:70:61:df:0a:d6:c3:79:b0:6d:54:44:86:47:04:97:01:
48:0c:b0:90:3b:9e:72:d1:f0:e9:45:7f:a7:d3:ce:9d:1a:7c:
43:06:09:75:a0:fc:1f:da:8e:b3:99:28:cd:10:1e:02:53:6d:
bb:22:a8:22:e3:54:60:3c:69:36:83:51:10:3e:bf:d9:be:17:
a6:d7:43:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ9rCNfR8Id07CNokxmLbIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA2MjIxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U2OWM4ZmI1ZTU3NWUzYjNlYWEwYzIzZWM3M2M2ZDBhZWJiMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPjPjTN2tv4dG237iixeUQgUzS+O
UkvjVFYLuf9LSaoGcdoeHg5r+bX2w2KVIZrZ1s4ZDAKshFuX4g6pXOEKvCYprFrD
tg2wUHwBrnhUa0wuggOkHSZm3obzQ6v0PDZLc4DmINmaU/5OPyo8os2yV3ZhWlDl
yCtSCJM5sWbUPazcaudXPd1quoSQFDu/ZdDt6BxlanVFR54fpFCa7Q158dUPXRsa
T27hvd5m9FFINgMr2nOtrUnBZM/wF6/+OjuhaSxmLUR2Dzi+h06RuLK0/y25661q
nOrT5+BjaH+mKfPt8OZpKgQ9+kke7zBJafu3STyY6YM5XfPQCm4snlzsDwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOPmnI+15XXjs+qgwj7HPG0K67MxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNC1hY2o3WGxkZU96NnFEQ1BzYzhiUXJyc3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAmAuC2BUJL1ZIEhfg2El7UH48
3OHnDTPRNC8Hqxo5qJ3GVqYM3Hxmk7yi+rVw/gnktr3ND5iXn+OD4eaIS5YI0WHe
3QsCPa14AK+Jf6myLWWnYc1R2Z4RjcNwn+7v6P5gyhiabfJLQE5DEgKoMu3Fi3MZ
n5s66TpSHVkiwsjXDK7ot9nv73rwTkxPw/vZfUFIxqW5hskNEpMgG68CYSFMH9eL
4Q5RfS3F7ZcDT54oG6giFH+/mkZwYd8K1sN5sG1URIZHBJcBSAywkDuectHw6UV/
p9POnRp8QwYJdaD8H9qOs5kozRAeAlNtuyKoIuNUYDxpNoNRED6/2b4XptdDkQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:02:40 2025 by rpki-client