Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FTcWneLBuojuFzZMOzedVGLIOjM.roa
File: FTcWneLBuojuFzZMOzedVGLIOjM.roa (raw, json)
Hash identifier: ro2HMwdaniIpnYCJxIBUXcCoSxvty51lUZpwwE2Th7M=
Subject key identifier: 15:37:16:9D:E2:C1:BA:88:EE:17:36:4C:3B:37:9D:54:62:C8:3A:33
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019596EE8921949EE561D49F2158562E91D1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FTcWneLBuojuFzZMOzedVGLIOjM.roa
Signing time: Fri 14 Mar 2025 23:12:49 +0000
ROA not before: Fri 14 Mar 2025 23:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:96:ee:89:21:94:9e:e5:61:d4:9f:21:58:56:2e:91:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 23:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1537169de2c1ba88ee17364c3b379d5462c83a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:73:00:98:f1:70:3e:cf:b1:8f:e2:95:ac:
b3:e3:ea:2f:32:49:8c:0c:ac:ad:95:7b:8f:87:06:
5c:04:da:9b:fb:1d:20:35:19:38:1e:f8:55:2c:69:
94:7b:f6:61:69:be:66:de:6a:60:2f:53:ca:9f:63:
89:21:3e:67:4b:15:19:58:cd:2d:a2:1e:61:13:aa:
5b:73:c3:83:cd:31:d7:2b:d7:8a:d1:4f:22:d9:e8:
41:a9:55:36:6b:ed:cb:6b:ed:24:b6:7d:d2:22:16:
45:b6:70:6f:0f:03:18:fe:56:f2:4a:74:fb:88:57:
03:c7:3d:8f:f0:67:64:de:5e:d8:4d:d7:a4:02:cf:
fe:6b:b4:38:65:c2:16:18:9c:37:3d:97:84:a7:14:
0f:65:74:45:50:2f:14:ff:5d:e5:00:e4:65:23:dd:
a5:87:59:0b:1d:78:6d:22:5d:3d:78:34:71:02:55:
81:79:eb:e9:30:a8:48:ea:b3:d8:d5:f5:7b:10:23:
ad:67:67:6e:0f:61:af:21:04:74:cb:34:48:e7:3b:
33:d0:8f:a0:75:7b:5d:44:a7:fd:ba:69:68:19:b1:
17:d8:35:3b:f5:05:72:8d:11:3d:4c:20:64:86:14:
90:0d:ef:fe:e8:53:d5:54:bb:1c:9a:9c:35:dd:e8:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:37:16:9D:E2:C1:BA:88:EE:17:36:4C:3B:37:9D:54:62:C8:3A:33
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FTcWneLBuojuFzZMOzedVGLIOjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
37:fd:f8:41:2c:94:77:7a:b4:41:0a:6c:b9:95:bf:5f:91:87:
23:b0:13:da:57:16:16:ea:a1:4b:2b:d5:a1:20:40:4b:00:b3:
8f:46:28:1f:c3:49:eb:32:42:a1:32:ef:a3:c8:00:22:4e:77:
c1:a5:b8:96:b7:cc:50:8b:4a:e9:77:a0:25:88:d0:35:f2:d5:
f7:9c:17:dc:5f:17:e8:cf:79:8c:a4:cc:b4:08:ef:43:77:17:
0c:0d:dd:41:e2:4b:09:c8:bf:50:fa:62:cb:4b:79:f2:47:cd:
72:45:3a:64:f4:48:5f:52:89:e4:b3:28:0b:ea:0a:19:f4:22:
8a:d7:16:f1:55:e5:5d:59:95:c8:88:0a:50:62:0d:10:13:d5:
22:5d:87:aa:24:81:dc:d9:81:5a:88:4e:0c:ba:9f:70:d5:2f:
d5:b4:48:d7:0b:48:d3:08:8b:12:5f:74:2c:97:b7:7d:4b:af:
09:57:4e:7f:2a:74:f6:83:97:cd:32:ba:50:41:99:40:92:75:
d7:4b:a6:c5:e4:17:93:6e:db:34:9b:e3:eb:74:f5:54:3c:6e:
5a:d4:1b:da:fb:68:39:c2:6d:6d:04:d1:93:5a:bd:e9:a3:b6:
c5:b5:fb:8c:0a:fa:43:ba:e6:59:b9:c7:57:4d:23:e4:98:02:
08:4d:83:3d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWW7okhlJ7lYdSfIVhWLpHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MjMxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTM3MTY5ZGUyYzFiYTg4ZWUxNzM2NGMzYjM3OWQ1NDYyYzgzYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriBzAJjxcD7PsY/ilayz4+ovMkmM
DKytlXuPhwZcBNqb+x0gNRk4HvhVLGmUe/Zhab5m3mpgL1PKn2OJIT5nSxUZWM0t
oh5hE6pbc8ODzTHXK9eK0U8i2ehBqVU2a+3La+0ktn3SIhZFtnBvDwMY/lbySnT7
iFcDxz2P8Gdk3l7YTdekAs/+a7Q4ZcIWGJw3PZeEpxQPZXRFUC8U/13lAORlI92l
h1kLHXhtIl09eDRxAlWBeevpMKhI6rPY1fV7ECOtZ2duD2GvIQR0yzRI5zsz0I+g
dXtdRKf9umloGbEX2DU79QVyjRE9TCBkhhSQDe/+6FPVVLscmpw13egwcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBU3Fp3iwbqI7hc2TDs3nVRiyDozMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRlRjV25lTEJ1b2p1RnpaTU96ZWRWR0xJT2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAN/34QSyUd3q0QQpsuZW/X5GH
I7AT2lcWFuqhSyvVoSBASwCzj0YoH8NJ6zJCoTLvo8gAIk53waW4lrfMUItK6Xeg
JYjQNfLV95wX3F8X6M95jKTMtAjvQ3cXDA3dQeJLCci/UPpiy0t58kfNckU6ZPRI
X1KJ5LMoC+oKGfQiitcW8VXlXVmVyIgKUGINEBPVIl2HqiSB3NmBWohODLqfcNUv
1bRI1wtI0wiLEl90LJe3fUuvCVdOfyp09oOXzTK6UEGZQJJ110umxeQXk27bNJvj
63T1VDxuWtQb2vtoOcJtbQTRk1q96aO2xbX7jAr6Q7rmWbnHV00j5JgCCE2DPQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:11 2025 by rpki-client