Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4GT2UX6h7i9OZ2Pl_NzbY9hHIOw.roa
File: 4GT2UX6h7i9OZ2Pl_NzbY9hHIOw.roa (raw, json)
Hash identifier: cyFl/9n7JKdcDYkW3af0yHH4ikXpfXWU+7sTW0SSvnY=
Subject key identifier: E0:64:F6:51:7E:A1:EE:2F:4E:67:63:E5:FC:DC:DB:63:D8:47:20:EC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019431DEE5DBEA7BAC4568CC39AB39C89EB1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4GT2UX6h7i9OZ2Pl_NzbY9hHIOw.roa
Signing time: Sat 04 Jan 2025 15:11:18 +0000
ROA not before: Sat 04 Jan 2025 15:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:31:de:e5:db:ea:7b:ac:45:68:cc:39:ab:39:c8:9e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 4 15:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e064f6517ea1ee2f4e6763e5fcdcdb63d84720ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:6b:80:42:d2:fb:20:dd:13:59:b6:71:87:
0a:2a:c7:b8:40:5d:77:3d:4b:af:d5:25:10:6b:e3:
43:6d:22:53:bf:3a:5e:94:3e:0a:be:a3:b8:7b:24:
71:02:65:f3:84:d2:98:70:a5:45:ee:7a:85:94:ed:
4f:6a:81:f6:d2:a5:6b:d9:ed:bb:ef:37:51:59:5f:
0f:1c:09:8c:5f:2d:60:76:87:e7:09:19:47:6d:a5:
c3:f8:7c:c1:8d:ec:0e:b3:12:3b:e5:1c:e3:e6:27:
57:a2:79:ed:69:16:26:07:30:89:4f:e9:3b:ed:28:
e3:dd:10:de:62:b6:78:55:e0:09:e7:a9:0e:ce:43:
25:7c:98:0f:14:ed:bb:75:70:c3:6f:79:a1:49:a4:
f3:45:06:d1:d9:19:6e:1b:13:5d:61:09:1e:21:3d:
05:f0:b0:bf:ca:32:6c:c6:92:2a:52:f3:4c:39:7a:
11:73:e8:5a:27:b5:4f:fb:28:a0:92:ec:e2:44:1d:
97:41:7e:a8:a7:96:d1:fe:1a:ab:d5:94:8e:5e:67:
99:ff:70:74:60:c3:a8:a2:44:a4:f7:7d:8b:4a:ea:
a7:e4:86:e5:b5:51:31:62:6d:11:e2:31:c8:ba:d3:
6b:16:3a:6e:fb:07:fe:cb:44:bc:f8:1c:85:68:9b:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:64:F6:51:7E:A1:EE:2F:4E:67:63:E5:FC:DC:DB:63:D8:47:20:EC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4GT2UX6h7i9OZ2Pl_NzbY9hHIOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
3e:ed:13:d6:3d:3f:2b:86:97:cd:85:c1:7f:06:2c:54:55:57:
ef:bf:5b:70:34:00:4a:80:08:6b:35:9c:c2:a6:6d:d8:aa:86:
e2:49:87:22:51:48:ee:69:44:28:5b:fd:7e:f2:c2:03:9d:ff:
12:32:04:f8:d4:18:e6:a5:44:a4:40:a8:e5:3e:e1:74:49:40:
6a:92:ea:6c:45:b5:da:99:43:5b:e3:97:cb:9e:fb:d0:0b:fa:
4a:3c:dc:72:59:c5:73:89:d9:73:ab:85:3b:7e:e0:0b:02:f4:
28:07:36:26:6a:cf:14:e8:c9:62:3d:37:e1:2d:3c:5f:a5:72:
cf:1b:05:c1:97:fd:d4:a8:57:03:86:22:99:16:30:69:fa:bf:
7e:a6:a3:4e:2e:1a:14:01:b9:8c:01:c3:d8:3d:41:60:47:a9:
f4:a6:bc:fd:35:e5:88:d7:87:00:d8:3d:9a:17:5b:08:13:8f:
63:c9:88:51:55:fb:30:c3:b9:38:03:ca:d7:bc:2d:cb:e6:ba:
31:1d:47:05:57:54:71:6d:d7:f0:05:74:53:00:1a:ab:3f:18:
1b:b1:17:2d:03:55:6f:ab:ad:45:57:ce:d9:d5:bf:01:ff:d8:
90:cf:76:53:3b:7f:2b:18:f9:fe:55:e7:10:fc:c5:a5:cd:78:
72:20:d0:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQx3uXb6nusRWjMOas5yJ6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA0MTUxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY0ZjY1MTdlYTFlZTJmNGU2NzYzZTVmY2RjZGI2M2Q4NDcyMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrJrgELS+yDdE1m2cYcKKse4QF13
PUuv1SUQa+NDbSJTvzpelD4KvqO4eyRxAmXzhNKYcKVF7nqFlO1PaoH20qVr2e27
7zdRWV8PHAmMXy1gdofnCRlHbaXD+HzBjewOsxI75Rzj5idXonntaRYmBzCJT+k7
7Sjj3RDeYrZ4VeAJ56kOzkMlfJgPFO27dXDDb3mhSaTzRQbR2RluGxNdYQkeIT0F
8LC/yjJsxpIqUvNMOXoRc+haJ7VP+yigkuziRB2XQX6op5bR/hqr1ZSOXmeZ/3B0
YMOookSk932LSuqn5IbltVExYm0R4jHIutNrFjpu+wf+y0S8+ByFaJv5jwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOBk9lF+oe4vTmdj5fzc22PYRyDsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNEdUMlVYNmg3aTlPWjJQbF9OemJZOWhISU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAPu0T1j0/K4aXzYXBfwYsVFVX
779bcDQASoAIazWcwqZt2KqG4kmHIlFI7mlEKFv9fvLCA53/EjIE+NQY5qVEpECo
5T7hdElAapLqbEW12plDW+OXy5770Av6SjzcclnFc4nZc6uFO37gCwL0KAc2JmrP
FOjJYj034S08X6VyzxsFwZf91KhXA4YimRYwafq/fqajTi4aFAG5jAHD2D1BYEep
9Ka8/TXliNeHANg9mhdbCBOPY8mIUVX7MMO5OAPK17wty+a6MR1HBVdUcW3X8AV0
UwAaqz8YG7EXLQNVb6utRVfO2dW/Af/YkM92Uzt/Kxj5/lXnEPzFpc14ciDQ0A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:14:55 2025 by rpki-client