Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-wS-tYoceuCeQ6TnJkIgY76pAM.roa
File: 4-wS-tYoceuCeQ6TnJkIgY76pAM.roa (raw, json)
Hash identifier: t97RM8zm+kLY+UFkOxE4LxyDAUz1CZokU6CrNWJjTMo=
Subject key identifier: E3:EC:12:FA:D6:28:71:EB:82:79:0E:93:9C:99:08:81:8E:FA:A4:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019517051050020D54AE4EBF9A0AF877B8E0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-wS-tYoceuCeQ6TnJkIgY76pAM.roa
Signing time: Tue 18 Feb 2025 03:06:02 +0000
ROA not before: Tue 18 Feb 2025 03:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:1704:4e04/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:05:10:50:02:0d:54:ae:4e:bf:9a:0a:f8:77:b8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 18 03:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3ec12fad62871eb82790e939c9908818efaa403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d3:89:11:08:d2:00:e9:76:03:50:9a:62:c4:
bc:dd:08:2d:2c:4e:e4:31:da:da:70:fc:79:e8:99:
ba:76:e2:24:3c:68:71:19:e9:6b:34:62:99:fe:a0:
f0:7f:c4:0c:22:f6:46:07:82:d3:1c:70:a7:61:c7:
a6:2e:f7:2c:7d:e3:34:c5:c0:ac:d7:ac:9c:7b:38:
df:60:41:93:1b:1f:1d:83:52:d5:37:93:bf:d5:38:
c7:fb:ff:de:6e:23:87:2a:88:fd:eb:26:42:5b:73:
76:d3:3a:04:be:01:ea:e2:76:a9:d1:95:20:96:bb:
fd:d6:9e:1b:00:4b:95:0c:1b:df:ee:fa:1a:7b:ad:
25:ed:fd:f2:63:1b:15:9d:f7:56:27:cb:7f:a8:70:
97:70:a0:72:e5:0e:43:5d:1d:d2:94:7b:59:da:3d:
5a:a0:fa:be:cf:ce:ef:91:83:e6:40:0a:9a:07:2e:
e8:b0:5f:26:fe:3b:97:89:36:4c:02:91:be:da:ec:
eb:2b:20:90:3e:d4:da:19:8a:27:fc:b9:3d:c9:66:
f9:f2:2b:f4:32:51:29:61:62:6b:6e:ff:85:fa:25:
72:58:7c:98:f5:51:eb:2a:8e:cc:fe:cd:13:96:ad:
7d:68:b1:68:d1:71:0d:f9:9f:7d:7c:9e:f3:67:6b:
a0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EC:12:FA:D6:28:71:EB:82:79:0E:93:9C:99:08:81:8E:FA:A4:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4-wS-tYoceuCeQ6TnJkIgY76pAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:1704:4e04/128
Signature Algorithm: sha256WithRSAEncryption
6a:86:ab:fb:97:48:01:d9:6a:70:54:92:99:0b:73:dd:70:90:
d8:2f:ec:88:c6:7c:1c:d6:82:c3:06:da:8b:20:9b:93:24:50:
f5:32:4c:eb:bd:29:fd:63:29:4f:e6:24:ba:a3:d5:ed:70:bc:
b7:53:15:b4:f3:3e:e1:9a:f8:0a:47:68:5b:0f:40:33:b1:09:
ad:24:b1:a9:0b:91:87:dd:54:a5:38:a5:d9:f7:93:48:53:33:
71:ca:96:d6:7c:2e:27:0e:68:a6:75:ea:f9:3d:b0:ec:d4:64:
46:4f:a7:b1:04:5d:3e:07:4c:b5:3d:ea:ab:15:c6:a0:16:91:
e2:d9:69:3a:0b:b1:84:94:d3:ce:9e:52:a6:41:93:88:59:90:
70:36:c5:68:e1:f5:48:00:0e:5c:c4:b4:81:dc:00:04:21:ec:
70:15:ac:6e:67:63:99:93:60:b7:df:ef:d5:92:f8:0e:76:bb:
a5:df:b2:21:06:b8:66:6e:21:36:a0:c7:25:f4:89:76:7c:be:
57:54:bd:c2:12:18:ad:78:96:42:04:90:41:5c:54:2a:f8:4c:
45:91:b9:c1:aa:e0:92:69:54:8e:cc:29:c3:13:89:11:96:58:
d0:8c:fe:ba:3f:49:9b:80:ac:df:d7:e6:8d:4e:c3:3f:d3:a2:
d3:36:31:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUXBRBQAg1Urk6/mgr4d7jgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE4MDMwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2VjMTJmYWQ2Mjg3MWViODI3OTBlOTM5Yzk5MDg4MThlZmFhNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotOJEQjSAOl2A1CaYsS83QgtLE7k
MdracPx56Jm6duIkPGhxGelrNGKZ/qDwf8QMIvZGB4LTHHCnYcemLvcsfeM0xcCs
16ycezjfYEGTGx8dg1LVN5O/1TjH+//ebiOHKoj96yZCW3N20zoEvgHq4nap0ZUg
lrv91p4bAEuVDBvf7voae60l7f3yYxsVnfdWJ8t/qHCXcKBy5Q5DXR3SlHtZ2j1a
oPq+z87vkYPmQAqaBy7osF8m/juXiTZMApG+2uzrKyCQPtTaGYon/Lk9yWb58iv0
MlEpYWJrbv+F+iVyWHyY9VHrKo7M/s0Tlq19aLFo0XEN+Z99fJ7zZ2ugZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOPsEvrWKHHrgnkOk5yZCIGO+qQDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNC13Uy10WW9jZXVDZVE2VG5Ka0lnWTc2cEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVFwROBDANBgkqhkiG9w0BAQsFAAOCAQEAaoar+5dIAdlqcFSSmQtz3XCQ
2C/siMZ8HNaCwwbaiyCbkyRQ9TJM670p/WMpT+YkuqPV7XC8t1MVtPM+4Zr4Ckdo
Ww9AM7EJrSSxqQuRh91UpTil2feTSFMzccqW1nwuJw5opnXq+T2w7NRkRk+nsQRd
PgdMtT3qqxXGoBaR4tlpOguxhJTTzp5SpkGTiFmQcDbFaOH1SAAOXMS0gdwABCHs
cBWsbmdjmZNgt9/v1ZL4Dna7pd+yIQa4Zm4hNqDHJfSJdny+V1S9whIYrXiWQgSQ
QVxUKvhMRZG5wargkmlUjswpwxOJEZZY0Iz+uj9Jm4Cs39fmjU7DP9Oi0zYxKQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:46 2025 by rpki-client