Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FtQXZXsixItY_FcUQYh0rNyJmxk.roa
File: FtQXZXsixItY_FcUQYh0rNyJmxk.roa (raw, json)
Hash identifier: IVZ+Z7xUl4sdvAHEAuROxv5QaD7hLGnYN2EYCTrs418=
Subject key identifier: 16:D4:17:65:7B:22:C4:8B:58:FC:57:14:41:88:74:AC:DC:89:9B:19
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195986D399DA2DBFBE5A6204B1ABF72C67D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FtQXZXsixItY_FcUQYh0rNyJmxk.roa
Signing time: Sat 15 Mar 2025 06:10:49 +0000
ROA not before: Sat 15 Mar 2025 06:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:98:6d:39:9d:a2:db:fb:e5:a6:20:4b:1a:bf:72:c6:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 06:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16d417657b22c48b58fc5714418874acdc899b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4a:f1:2a:45:70:49:75:f3:59:04:47:79:fa:
11:a1:07:79:e0:ff:15:92:12:0e:50:9a:46:66:1d:
43:17:fe:5e:d2:39:bb:bb:1f:87:e1:59:ae:23:1f:
e7:c5:a0:94:8d:20:e4:55:9e:6c:ff:a0:c3:b5:b8:
4a:dd:51:c7:bd:63:29:e8:56:f0:34:99:e8:0b:0e:
8b:aa:66:97:65:b7:20:ee:e7:6f:ea:eb:40:9b:fc:
a3:45:67:2a:f3:d7:e3:06:1b:2b:93:03:20:9a:20:
be:82:f4:70:98:07:0e:37:3f:19:b4:cf:de:bf:00:
83:e7:da:01:f0:f2:cb:5f:e6:e9:cc:1c:85:64:24:
f5:93:c1:cb:92:8d:b8:78:55:43:2c:85:51:b0:d5:
cd:fb:5d:9e:d3:7b:4a:6b:b0:7c:60:3a:8a:35:58:
8e:f0:1d:21:22:fd:33:9d:d0:41:04:a4:d5:4c:ee:
54:af:89:a4:97:3e:dc:71:73:29:65:b9:42:73:62:
5f:a7:c2:31:98:1e:22:98:51:cf:32:c4:5b:fd:1e:
f0:28:42:52:6f:99:d8:24:87:72:ea:c5:e3:f9:4f:
f0:77:be:5c:a5:92:55:e2:5b:48:85:b8:e7:69:50:
18:e3:42:72:86:5f:eb:77:8c:40:fe:99:39:33:69:
92:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D4:17:65:7B:22:C4:8B:58:FC:57:14:41:88:74:AC:DC:89:9B:19
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FtQXZXsixItY_FcUQYh0rNyJmxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
16:08:0e:c1:9e:ac:11:54:96:be:d5:ac:26:35:6f:94:58:f6:
36:f1:fd:58:97:c4:c8:25:d3:3e:95:91:c7:a9:0c:4e:54:c7:
ce:8f:ae:d0:b1:8d:bf:93:64:10:04:32:e9:67:e6:ea:7a:da:
9a:32:65:bf:51:e2:28:75:ee:71:38:22:57:4a:86:a4:ca:9c:
9e:75:32:6e:88:98:98:0d:e3:e8:10:10:dd:d3:8b:89:5a:7e:
df:c9:75:8d:73:b8:5a:87:f3:0a:11:8e:d2:64:0f:64:c2:87:
3a:60:59:5e:2a:6f:43:18:4e:08:e8:1a:c9:b2:ec:a6:e5:ec:
5c:d9:88:2a:03:3d:d0:04:bb:54:20:94:9f:cb:e8:0b:2a:af:
2b:d7:a7:47:f2:0e:c1:83:e1:7e:fc:39:86:cc:1e:39:b6:7a:
c3:88:14:85:d9:72:0b:5d:98:6e:7d:6e:03:a2:96:7e:d2:2a:
8c:08:8c:72:51:6f:55:f6:55:32:ae:8c:71:87:25:d9:fd:48:
cb:8d:ec:f9:d2:c7:dc:11:4b:38:b8:d1:6f:5a:e7:2e:79:3a:
3b:48:5b:aa:d2:66:93:c8:7d:c4:a2:d0:ab:20:fa:e1:2b:8d:
56:7c:75:30:50:1c:70:5b:da:00:09:8e:d7:a2:15:7c:c9:35:
c6:72:97:56
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWYbTmdotv75aYgSxq/csZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MDYxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ0MTc2NTdiMjJjNDhiNThmYzU3MTQ0MTg4NzRhY2RjODk5YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUrxKkVwSXXzWQRHefoRoQd54P8V
khIOUJpGZh1DF/5e0jm7ux+H4VmuIx/nxaCUjSDkVZ5s/6DDtbhK3VHHvWMp6Fbw
NJnoCw6LqmaXZbcg7udv6utAm/yjRWcq89fjBhsrkwMgmiC+gvRwmAcONz8ZtM/e
vwCD59oB8PLLX+bpzByFZCT1k8HLko24eFVDLIVRsNXN+12e03tKa7B8YDqKNViO
8B0hIv0zndBBBKTVTO5Ur4mklz7ccXMpZblCc2Jfp8IxmB4imFHPMsRb/R7wKEJS
b5nYJIdy6sXj+U/wd75cpZJV4ltIhbjnaVAY40Jyhl/rd4xA/pk5M2mS3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBbUF2V7IsSLWPxXFEGIdKzciZsZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRnRRWFpYc2l4SXRZX0ZjVVFZaDByTnlKbXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAFggOwZ6sEVSWvtWsJjVvlFj2
NvH9WJfEyCXTPpWRx6kMTlTHzo+u0LGNv5NkEAQy6Wfm6nramjJlv1HiKHXucTgi
V0qGpMqcnnUyboiYmA3j6BAQ3dOLiVp+38l1jXO4WofzChGO0mQPZMKHOmBZXipv
QxhOCOgaybLspuXsXNmIKgM90AS7VCCUn8voCyqvK9enR/IOwYPhfvw5hsweObZ6
w4gUhdlyC12Ybn1uA6KWftIqjAiMclFvVfZVMq6McYcl2f1Iy43s+dLH3BFLOLjR
b1rnLnk6O0hbqtJmk8h9xKLQqyD64SuNVnx1MFAccFvaAAmO16IVfMk1xnKXVg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:13:58 2025 by rpki-client