Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IzPkWed6wfBO8YCIh3yjZcMe2jA.roa
File: IzPkWed6wfBO8YCIh3yjZcMe2jA.roa (raw, json)
Hash identifier: tr8CKKVKlySy2oui6Mu4AG05+cXoyZch7g5jwa0IpiQ=
Subject key identifier: 23:33:E4:59:E7:7A:C1:F0:4E:F1:80:88:87:7C:A3:65:C3:1E:DA:30
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194877E4336441DF965EE4C45782FE460FF
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IzPkWed6wfBO8YCIh3yjZcMe2jA.roa
Signing time: Tue 21 Jan 2025 06:13:06 +0000
ROA not before: Tue 21 Jan 2025 06:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:87:7e:43:36:44:1d:f9:65:ee:4c:45:78:2f:e4:60:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 21 06:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2333e459e77ac1f04ef18088877ca365c31eda30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7b:43:73:2c:a7:e2:7d:f3:6b:5b:3b:d9:9a:
1a:38:b2:1c:e4:dd:af:bb:c0:d0:a7:f0:5f:47:0d:
55:66:af:be:13:33:db:a9:4d:f3:28:b1:a9:cd:75:
21:9e:96:fa:5b:93:39:00:21:23:83:8d:30:c4:75:
90:b5:53:8b:29:12:57:02:21:05:27:11:02:96:f9:
1f:d4:2f:88:af:3d:ea:f8:2a:22:7b:99:f1:e5:6c:
42:a0:2a:e7:d8:bc:a7:c0:e2:ca:11:34:3d:76:3b:
ab:3c:43:72:7e:99:a4:1f:52:92:d9:f4:a2:2d:5f:
7a:00:10:c9:05:d7:6e:b1:99:0b:57:95:17:25:31:
d2:75:f4:be:8a:3b:c4:40:3c:6e:71:f6:75:c0:f4:
7f:b8:98:08:b6:7d:7a:d0:05:3f:15:7c:35:2a:7c:
4c:ba:e1:39:d7:61:02:a0:a3:d4:2b:b7:62:6b:e0:
52:99:ba:79:fb:af:72:21:ad:a2:69:8b:e6:3a:f6:
a6:0b:e6:62:1c:b7:4f:61:95:fc:35:82:e6:86:c3:
6f:88:4f:2a:fd:bc:9c:ef:cf:36:94:65:6a:22:c8:
b0:d1:59:3f:1c:48:2d:45:67:93:df:f0:ce:84:b5:
44:33:b2:8f:d3:1d:2a:97:d2:64:d5:0d:3b:27:75:
2f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:33:E4:59:E7:7A:C1:F0:4E:F1:80:88:87:7C:A3:65:C3:1E:DA:30
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IzPkWed6wfBO8YCIh3yjZcMe2jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
3f:ba:ee:2a:47:d0:3e:98:81:60:f2:92:0e:c2:f0:9e:44:e8:
39:f3:e6:cd:7f:da:03:66:89:30:ed:6f:cd:fb:bc:43:00:57:
37:09:af:ef:09:cf:5b:3b:50:f7:51:44:01:33:c8:ea:ff:75:
d5:6f:0f:e7:b1:33:d9:24:cb:7e:3e:74:a2:86:83:ec:6c:a3:
5a:89:ef:2e:ab:13:36:5a:f7:03:11:de:1d:cd:64:92:a7:41:
d9:5c:f2:65:f1:a5:06:62:4e:76:76:50:cf:f5:9d:db:7e:c4:
84:bc:ea:11:7d:64:75:5c:84:95:8d:09:71:d9:3e:5d:5a:2b:
dc:4d:cc:0b:66:7f:5d:4e:1c:2b:0d:42:05:fb:30:84:b8:b3:
ff:ee:41:9c:9c:d5:b1:de:79:5a:d3:1b:47:0b:25:99:2f:3a:
3a:48:ea:f7:70:28:c5:87:c6:be:bf:4b:60:7f:ff:16:72:85:
11:d1:36:a6:20:a5:7c:f5:bc:9c:db:9c:83:f3:b4:5e:80:3b:
06:58:8b:74:ea:2a:5f:7d:90:76:e1:ce:f7:85:97:6e:81:60:
48:35:fc:c0:25:ed:e1:2e:b7:a0:71:7d:36:46:6b:c6:69:45:
14:45:e2:de:3d:e0:d1:60:8e:fb:86:59:65:ed:b8:57:72:9a:
30:5c:53:cf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSHfkM2RB35Ze5MRXgv5GD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTIxMDYxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMzZTQ1OWU3N2FjMWYwNGVmMTgwODg4NzdjYTM2NWMzMWVkYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHtDcyyn4n3za1s72ZoaOLIc5N2v
u8DQp/BfRw1VZq++EzPbqU3zKLGpzXUhnpb6W5M5ACEjg40wxHWQtVOLKRJXAiEF
JxEClvkf1C+Irz3q+Coie5nx5WxCoCrn2LynwOLKETQ9djurPENyfpmkH1KS2fSi
LV96ABDJBddusZkLV5UXJTHSdfS+ijvEQDxucfZ1wPR/uJgItn160AU/FXw1KnxM
uuE512ECoKPUK7dia+BSmbp5+69yIa2iaYvmOvamC+ZiHLdPYZX8NYLmhsNviE8q
/byc7882lGVqIsiw0Vk/HEgtRWeT3/DOhLVEM7KP0x0ql9Jk1Q07J3UvCQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCMz5FnnesHwTvGAiId8o2XDHtowMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSXpQa1dlZDZ3ZkJPOFlDSWgzeWpaY01lMmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAP7ruKkfQPpiBYPKSDsLwnkTo
OfPmzX/aA2aJMO1vzfu8QwBXNwmv7wnPWztQ91FEATPI6v911W8P57Ez2STLfj50
ooaD7GyjWonvLqsTNlr3AxHeHc1kkqdB2VzyZfGlBmJOdnZQz/Wd237EhLzqEX1k
dVyElY0Jcdk+XVor3E3MC2Z/XU4cKw1CBfswhLiz/+5BnJzVsd55WtMbRwslmS86
Okjq93AoxYfGvr9LYH//FnKFEdE2piClfPW8nNucg/O0XoA7BliLdOoqX32QduHO
94WXboFgSDX8wCXt4S63oHF9NkZrxmlFFEXi3j3g0WCO+4ZZZe24V3KaMFxTzw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:32:39 2025 by rpki-client