Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KC6yIU5qQVJIMsLhVEmD0A3M3VQ.roa
File: KC6yIU5qQVJIMsLhVEmD0A3M3VQ.roa (raw, json)
Hash identifier: 3TYkZyb9KzvG/e+VXYwIvgBCCuvHGBzYEYmy1+PbXQo=
Subject key identifier: 28:2E:B2:21:4E:6A:41:52:48:32:C2:E1:54:49:83:D0:0D:CC:DD:54
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943F2D9375010DC6F2A7D3FB17A3EDA54D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KC6yIU5qQVJIMsLhVEmD0A3M3VQ.roa
Signing time: Tue 07 Jan 2025 05:12:18 +0000
ROA not before: Tue 07 Jan 2025 05:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:2d:93:75:01:0d:c6:f2:a7:d3:fb:17:a3:ed:a5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 05:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=282eb2214e6a41524832c2e1544983d00dccdd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:12:82:66:be:35:49:8f:56:80:3d:b5:c3:61:
a2:3e:21:e9:f3:50:75:ad:31:41:d6:cb:0f:ad:3e:
bc:9e:36:3d:d8:f6:41:3d:ac:51:e7:fb:b0:f1:bc:
40:30:25:75:be:0e:c2:5f:bb:e5:c1:9f:86:85:13:
10:d7:f0:50:d6:77:a4:20:19:c2:ed:a5:fc:df:00:
c5:e1:2d:71:f9:e3:11:21:93:76:cf:00:d7:05:e6:
06:57:ae:1d:f3:0c:48:81:40:3d:72:07:97:98:6a:
e5:8e:93:50:85:b3:65:fc:da:3f:ce:1b:e3:f3:b4:
14:02:0c:35:62:88:6a:bd:e1:c6:35:16:4d:2e:af:
8a:99:82:37:f6:90:e3:98:4e:d5:56:2a:24:ad:9d:
ee:fc:b6:4c:68:af:88:2b:5b:fa:c7:23:ae:63:83:
e4:18:2c:3a:cd:1f:69:9a:f2:01:da:4f:df:b0:4e:
0e:df:8a:62:ca:2f:b0:62:87:d2:97:b1:b1:e4:46:
fc:06:89:f2:08:b3:ca:89:14:e6:36:a1:88:63:70:
1f:de:c8:ee:05:69:5f:c8:c5:19:22:9c:48:0c:e7:
55:e2:00:e2:2c:ed:98:8b:ba:fd:48:6c:08:4a:c0:
9e:f4:06:48:58:a6:47:7e:9f:33:05:73:2b:1a:0c:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2E:B2:21:4E:6A:41:52:48:32:C2:E1:54:49:83:D0:0D:CC:DD:54
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KC6yIU5qQVJIMsLhVEmD0A3M3VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
15:78:b6:17:2a:ae:97:fd:f4:7f:1a:ec:7e:3d:72:07:77:07:
78:14:37:eb:73:54:e2:76:a1:0d:f8:de:8e:f8:20:e1:6c:69:
ff:2f:98:f4:55:70:a2:59:59:fd:ff:6a:83:2e:34:1e:86:bc:
dc:17:d8:15:99:99:26:a3:43:fb:c5:cf:62:44:36:7d:e5:01:
d4:3f:13:5d:9d:21:c7:36:db:63:93:9c:5a:cb:69:87:ce:e8:
18:42:d2:f1:26:e1:84:47:a8:d5:58:42:4b:d1:fd:93:f2:81:
25:1c:c0:96:0c:36:0e:ab:df:00:b4:2e:0c:8b:11:ff:87:f4:
20:a4:1d:e0:71:6b:14:e8:bc:43:dd:37:26:02:4d:bd:ab:4a:
4b:d3:6f:64:de:0b:16:27:e5:c3:f2:bc:59:8d:1a:f1:c3:ea:
a7:2a:a6:03:82:b9:03:94:ac:14:fe:d3:16:77:94:4c:5d:64:
05:79:92:ba:21:e6:03:8e:0e:64:e6:41:71:59:ae:56:60:4e:
c7:08:a9:dc:4a:e0:60:e9:24:3d:92:52:9c:80:35:13:00:a5:
6b:1c:8e:6b:77:4b:2a:32:e8:c8:ab:8c:59:78:d8:1c:77:df:
9d:5d:78:a7:61:84:d8:8f:fc:5b:8d:43:c5:b7:97:2e:4b:6f:
ea:a3:e2:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ/LZN1AQ3G8qfT+xej7aVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MDUxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJlYjIyMTRlNmE0MTUyNDgzMmMyZTE1NDQ5ODNkMDBkY2NkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRKCZr41SY9WgD21w2GiPiHp81B1
rTFB1ssPrT68njY92PZBPaxR5/uw8bxAMCV1vg7CX7vlwZ+GhRMQ1/BQ1nekIBnC
7aX83wDF4S1x+eMRIZN2zwDXBeYGV64d8wxIgUA9cgeXmGrljpNQhbNl/No/zhvj
87QUAgw1YohqveHGNRZNLq+KmYI39pDjmE7VViokrZ3u/LZMaK+IK1v6xyOuY4Pk
GCw6zR9pmvIB2k/fsE4O34piyi+wYofSl7Gx5Eb8BonyCLPKiRTmNqGIY3Af3sju
BWlfyMUZIpxIDOdV4gDiLO2Yi7r9SGwISsCe9AZIWKZHfp8zBXMrGgxS3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCgusiFOakFSSDLC4VRJg9ANzN1UMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS0M2eUlVNXFRVkpJTXNMaFZFbUQwQTNNM1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAFXi2Fyqul/30fxrsfj1yB3cH
eBQ363NU4nahDfjejvgg4Wxp/y+Y9FVwollZ/f9qgy40Hoa83BfYFZmZJqND+8XP
YkQ2feUB1D8TXZ0hxzbbY5OcWstph87oGELS8SbhhEeo1VhCS9H9k/KBJRzAlgw2
DqvfALQuDIsR/4f0IKQd4HFrFOi8Q903JgJNvatKS9NvZN4LFiflw/K8WY0a8cPq
pyqmA4K5A5SsFP7TFneUTF1kBXmSuiHmA44OZOZBcVmuVmBOxwip3ErgYOkkPZJS
nIA1EwClaxyOa3dLKjLoyKuMWXjYHHffnV14p2GE2I/8W41DxbeXLktv6qPikQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:03 2025 by rpki-client