Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/44J085CeO2AYwZXVXIo6XC1MDYQ.roa
File: 44J085CeO2AYwZXVXIo6XC1MDYQ.roa (raw, json)
Hash identifier: eQBrAHR0pCen/9C3C9NVC5/MdG8B0v3ytmjTqAj0eww=
Subject key identifier: E3:82:74:F3:90:9E:3B:60:18:C1:95:D5:5C:8A:3A:5C:2D:4C:0D:84
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01947A9D7366B5FF6FFF0FEFB38841AAC484
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/44J085CeO2AYwZXVXIo6XC1MDYQ.roa
Signing time: Sat 18 Jan 2025 18:12:06 +0000
ROA not before: Sat 18 Jan 2025 18:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7a:9d:73:66:b5:ff:6f:ff:0f:ef:b3:88:41:aa:c4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 18 18:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e38274f3909e3b6018c195d55c8a3a5c2d4c0d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:b5:e4:46:45:38:7d:00:b3:8b:a2:dc:78:
8f:fd:29:bd:ce:c2:ea:81:5f:c6:67:0a:ec:e6:96:
e0:98:7b:06:66:76:a2:d1:37:94:ef:58:41:f8:1b:
d7:9a:a7:ed:77:3b:85:71:e0:a3:1d:c6:a4:48:d1:
9f:ac:c3:ed:ba:b7:3e:32:8d:83:fb:d1:6d:50:d6:
de:cf:97:c5:85:e3:57:77:be:13:e0:2a:cf:ef:02:
bb:3b:fe:20:fd:b8:1f:af:fb:98:33:cd:ec:d8:2b:
f5:5d:e3:93:f7:b5:da:c5:a1:2d:d2:cc:0f:69:53:
e2:d2:cb:45:88:cc:ec:21:3a:93:e1:c0:33:85:ad:
33:98:eb:e9:bd:43:d5:a8:5f:c2:c0:b6:ff:09:71:
71:96:5a:a8:f9:ce:7e:7e:74:64:bd:f1:c5:1e:41:
5b:59:ee:2f:e3:d3:ae:21:0d:54:4b:33:fa:1f:70:
9d:65:5c:68:17:30:78:d1:ed:e8:cc:20:5c:3b:5c:
47:a2:74:4c:a4:67:c6:93:a1:80:cd:69:6d:51:70:
37:bc:b5:d7:eb:cf:e5:91:9c:5a:88:1f:bb:d4:23:
ee:13:08:10:d3:57:c0:c9:d3:4c:3c:fb:a8:7c:47:
c4:34:64:9f:2d:f1:fb:43:c9:97:91:e1:fa:d2:0c:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:82:74:F3:90:9E:3B:60:18:C1:95:D5:5C:8A:3A:5C:2D:4C:0D:84
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/44J085CeO2AYwZXVXIo6XC1MDYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
59:9f:81:2a:8c:27:25:22:ad:ff:28:d3:53:cf:9b:28:67:73:
a0:5d:dc:bd:f4:0f:10:21:98:ec:3d:1a:00:33:e4:e4:a5:44:
1a:d3:ba:c5:9b:0c:b6:03:15:94:c5:df:b8:d7:b3:f9:51:a8:
a4:64:81:c8:08:d5:a8:8e:b5:ff:5c:20:ab:5f:62:2a:6c:dc:
c8:dd:20:59:54:5e:19:cb:cb:c3:52:0d:94:37:bf:c6:c5:4b:
37:36:e4:24:6e:5f:d2:5b:63:68:11:c4:f7:c8:8b:43:89:c1:
3a:f7:c3:7e:a4:d3:94:af:16:14:18:79:60:5b:b7:b9:c5:f5:
a9:f3:2f:50:c6:4d:f7:9a:98:41:e4:e1:44:7d:c6:de:0d:ae:
eb:e2:c9:f4:b4:d3:15:35:32:1b:e9:37:84:69:9a:38:36:f2:
87:7b:bc:8d:25:d2:20:ac:40:6d:6a:2e:9b:ff:7e:d8:47:7f:
cf:f2:ab:94:ee:72:6d:da:e0:aa:7a:82:f1:1f:2b:34:1d:b0:
90:0b:2f:7d:90:f2:c8:f5:ac:b4:31:b5:1d:2f:99:e1:1c:6b:
46:b7:8d:71:9d:1e:1d:32:16:2b:ab:2c:6e:b4:43:00:01:9f:
61:85:af:c7:5a:ca:1c:a9:ec:2d:65:e5:7d:ba:ba:e1:ef:1f:
33:2c:89:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZR6nXNmtf9v/w/vs4hBqsSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE4MTgxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgyNzRmMzkwOWUzYjYwMThjMTk1ZDU1YzhhM2E1YzJkNGMwZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S+15EZFOH0As4ui3HiP/Sm9zsLq
gV/GZwrs5pbgmHsGZnai0TeU71hB+BvXmqftdzuFceCjHcakSNGfrMPturc+Mo2D
+9FtUNbez5fFheNXd74T4CrP7wK7O/4g/bgfr/uYM83s2Cv1XeOT97XaxaEt0swP
aVPi0stFiMzsITqT4cAzha0zmOvpvUPVqF/CwLb/CXFxllqo+c5+fnRkvfHFHkFb
We4v49OuIQ1USzP6H3CdZVxoFzB40e3ozCBcO1xHonRMpGfGk6GAzWltUXA3vLXX
68/lkZxaiB+71CPuEwgQ01fAydNMPPuofEfENGSfLfH7Q8mXkeH60gzF4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOOCdPOQnjtgGMGV1VyKOlwtTA2EMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNDRKMDg1Q2VPMkFZd1pYVlhJbzZYQzFNRFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAWZ+BKownJSKt/yjTU8+bKGdz
oF3cvfQPECGY7D0aADPk5KVEGtO6xZsMtgMVlMXfuNez+VGopGSByAjVqI61/1wg
q19iKmzcyN0gWVReGcvLw1INlDe/xsVLNzbkJG5f0ltjaBHE98iLQ4nBOvfDfqTT
lK8WFBh5YFu3ucX1qfMvUMZN95qYQeThRH3G3g2u6+LJ9LTTFTUyG+k3hGmaODby
h3u8jSXSIKxAbWoum/9+2Ed/z/KrlO5ybdrgqnqC8R8rNB2wkAsvfZDyyPWstDG1
HS+Z4RxrRreNcZ0eHTIWK6ssbrRDAAGfYYWvx1rKHKnsLWXlfbq64e8fMyyJQg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:57:48 2025 by rpki-client