Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DtzKqV0qY-O9KkDqLSq_P6O1tB0.roa
File: DtzKqV0qY-O9KkDqLSq_P6O1tB0.roa (raw, json)
Hash identifier: 53C9OE5y3fqH7nGz1BUDX+jAGkixymXHK7BjEzD3x/w=
Subject key identifier: 0E:DC:CA:A9:5D:2A:63:E3:BD:2A:40:EA:2D:2A:BF:3F:A3:B5:B4:1D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194B4BD852BE01CDB5A03DF91053EFEB2B1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DtzKqV0qY-O9KkDqLSq_P6O1tB0.roa
Signing time: Thu 30 Jan 2025 01:05:06 +0000
ROA not before: Thu 30 Jan 2025 01:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:b4bd:7fa/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b4:bd:85:2b:e0:1c:db:5a:03:df:91:05:3e:fe:b2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 30 01:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0edccaa95d2a63e3bd2a40ea2d2abf3fa3b5b41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8e:35:51:d8:65:b9:f5:4e:32:33:a1:82:5e:
4e:1c:06:bf:f3:a3:1c:a7:50:5c:77:1c:2f:cc:34:
79:16:da:9b:bd:c2:de:b0:8d:a1:f4:7f:c0:21:f0:
a1:b0:37:56:12:bf:e7:68:d0:6b:c3:89:07:b8:fd:
3f:06:0c:e2:58:be:5a:10:68:ce:ce:0a:25:30:b2:
5e:88:a0:d3:93:47:a4:02:16:19:81:89:ff:e7:fa:
25:9d:7a:3f:c9:36:09:35:f4:5b:da:c2:7e:f6:5a:
af:92:6b:f3:f4:2b:a2:63:10:be:3e:a2:c6:a5:ed:
4f:27:28:fb:1f:8a:c5:d5:75:64:7d:0b:83:0f:1a:
75:c8:0c:8a:cd:38:f6:8e:03:d8:6c:8c:da:7c:6b:
f9:9e:c7:b3:e8:89:35:64:86:99:ec:1c:c8:6d:85:
15:2c:1e:dd:c6:63:65:51:78:1c:7e:cc:4b:db:66:
98:56:ad:b2:17:76:80:8f:90:d6:5d:a4:27:6d:f4:
ef:0f:38:89:d5:f6:39:c8:25:30:0a:d9:f2:08:2a:
64:31:22:f6:8f:a1:b2:51:3b:97:e1:ad:66:c9:e8:
c4:d7:77:ef:09:d9:ed:53:b6:34:1f:6d:b4:4e:b2:
ec:6a:b1:1b:b8:2e:85:94:14:e5:32:9b:e6:40:d0:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DC:CA:A9:5D:2A:63:E3:BD:2A:40:EA:2D:2A:BF:3F:A3:B5:B4:1D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DtzKqV0qY-O9KkDqLSq_P6O1tB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:b4bd:7fa/128
Signature Algorithm: sha256WithRSAEncryption
94:92:7f:61:3e:70:76:28:ac:7f:9e:4f:6c:7c:d2:da:2c:88:
96:09:80:e4:61:fb:05:2b:e9:a8:bc:9d:eb:4d:54:b7:de:8c:
65:fa:db:c4:a7:d5:0b:2d:f3:0b:39:b4:89:89:e3:d4:f6:45:
12:f2:b7:8e:ef:c2:e0:c3:80:6a:4c:dd:58:8e:9a:da:d1:ee:
a8:19:b2:7d:64:a8:2e:62:64:57:95:de:3c:b1:56:ee:74:7e:
52:44:0a:47:71:e8:fb:0c:4f:5f:ac:b7:0e:3d:71:da:db:6e:
f0:87:fc:b2:c6:14:20:72:e2:2b:aa:19:98:5d:4e:73:29:63:
c9:d5:fa:f3:e6:58:6b:63:6e:50:9e:a5:dd:bd:54:30:ba:d9:
ee:9b:0e:84:8b:1c:b9:2f:35:55:55:0c:47:54:84:30:14:b7:
c1:76:36:51:c4:7f:a2:7b:2e:25:6b:db:1f:e2:25:24:18:47:
65:89:a8:95:05:a4:42:bc:d2:ef:00:71:7a:78:42:93:4f:de:
88:84:48:e8:5c:53:93:60:0f:21:74:61:f1:1f:82:6c:0c:1f:
76:2b:37:01:bd:96:d1:93:97:b3:c6:09:6a:39:8b:f4:86:e0:
a4:79:68:cb:82:22:8f:d0:ce:33:d2:0c:d9:52:e4:79:7f:d9:
34:e3:e9:32
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZS0vYUr4BzbWgPfkQU+/rKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTMwMDEwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRjY2FhOTVkMmE2M2UzYmQyYTQwZWEyZDJhYmYzZmEzYjViNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw441UdhlufVOMjOhgl5OHAa/86Mc
p1BcdxwvzDR5FtqbvcLesI2h9H/AIfChsDdWEr/naNBrw4kHuP0/BgziWL5aEGjO
zgolMLJeiKDTk0ekAhYZgYn/5/olnXo/yTYJNfRb2sJ+9lqvkmvz9CuiYxC+PqLG
pe1PJyj7H4rF1XVkfQuDDxp1yAyKzTj2jgPYbIzafGv5nsez6Ik1ZIaZ7BzIbYUV
LB7dxmNlUXgcfsxL22aYVq2yF3aAj5DWXaQnbfTvDziJ1fY5yCUwCtnyCCpkMSL2
j6GyUTuX4a1myejE13fvCdntU7Y0H220TrLsarEbuC6FlBTlMpvmQNDJXwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA7cyqldKmPjvSpA6i0qvz+jtbQdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRHR6S3FWMHFZLU85S2tEcUxTcV9QNk8xdEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUtL0H+jANBgkqhkiG9w0BAQsFAAOCAQEAlJJ/YT5wdiisf55PbHzS2iyI
lgmA5GH7BSvpqLyd601Ut96MZfrbxKfVCy3zCzm0iYnj1PZFEvK3ju/C4MOAakzd
WI6a2tHuqBmyfWSoLmJkV5XePLFW7nR+UkQKR3Ho+wxPX6y3Dj1x2ttu8If8ssYU
IHLiK6oZmF1OcyljydX68+ZYa2NuUJ6l3b1UMLrZ7psOhIscuS81VVUMR1SEMBS3
wXY2UcR/onsuJWvbH+IlJBhHZYmolQWkQrzS7wBxenhCk0/eiIRI6FxTk2APIXRh
8R+CbAwfdis3Ab2W0ZOXs8YJajmL9IbgpHloy4Iij9DOM9IM2VLkeX/ZNOPpMg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:50:48 2025 by rpki-client