Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT0zll0DvQqw7qXwjhxzRk9tZXM.roa
File: KT0zll0DvQqw7qXwjhxzRk9tZXM.roa (raw, json)
Hash identifier: 2daLpfxoVoerb0APYAq3qTFD91WDmgYEMaoXWI00QyM=
Subject key identifier: 29:3D:33:96:5D:03:BD:0A:B0:EE:A5:F0:8E:1C:73:46:4F:6D:65:73
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943DE3FC4FCE9738108553B51AB9F2E77D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT0zll0DvQqw7qXwjhxzRk9tZXM.roa
Signing time: Mon 06 Jan 2025 23:12:18 +0000
ROA not before: Mon 06 Jan 2025 23:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:e3:fc:4f:ce:97:38:10:85:53:b5:1a:b9:f2:e7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 6 23:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=293d33965d03bd0ab0eea5f08e1c73464f6d6573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:65:d7:55:92:d5:25:a7:c8:09:8a:bb:21:bf:
b3:0e:e1:06:3d:64:d5:dc:a5:72:2a:f7:82:d1:37:
98:6a:8f:1d:02:43:2d:64:17:a8:01:04:6e:8a:a6:
c5:e7:d5:49:c7:a3:b7:47:56:9c:42:65:90:ed:e8:
ce:a1:04:d1:6d:2d:b8:ed:b0:65:50:3a:5e:09:10:
16:cf:d7:b2:fb:5a:85:d1:dc:8c:c0:d6:53:14:f4:
43:33:7f:57:75:77:6d:30:e8:f4:01:37:29:95:f3:
49:ba:1d:2d:ad:7a:0f:b0:6e:71:47:07:7c:ff:09:
02:75:ee:94:2b:6a:66:84:42:15:5f:f6:62:65:0e:
46:94:a6:be:4b:4a:4f:ea:68:c6:92:22:37:d1:6d:
b4:3f:f9:7c:db:84:29:62:e6:4e:53:87:74:ea:1f:
0d:fa:ca:1e:07:f3:48:4e:62:62:b7:69:ef:de:10:
41:06:c7:1d:2a:a0:99:ba:65:9f:c0:4a:30:c7:4d:
a3:34:95:1b:95:d7:1c:58:3e:24:5f:4b:c0:fd:9c:
e8:01:f2:2f:2c:36:d0:ed:ab:06:82:61:c7:b9:53:
de:55:0e:e7:1c:c4:d3:92:37:c8:f1:94:b5:98:15:
e7:d0:d0:cd:f2:f7:2b:b9:91:cb:89:24:0b:5c:4f:
1a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3D:33:96:5D:03:BD:0A:B0:EE:A5:F0:8E:1C:73:46:4F:6D:65:73
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KT0zll0DvQqw7qXwjhxzRk9tZXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
49:27:7b:19:f0:c9:e4:05:a1:3b:7c:70:29:f3:86:e1:45:1c:
8b:0d:6c:d5:dd:68:34:7a:89:25:70:f3:75:ac:80:16:1c:72:
6c:2b:2e:b2:9d:88:eb:c2:bb:4c:e0:92:b9:3c:d4:8b:c0:79:
7b:66:15:21:90:2f:6c:2a:f0:ee:0f:06:24:a3:53:ad:fa:26:
2e:93:73:be:9c:8c:ed:3a:ad:92:ae:6c:c3:61:73:b6:8e:08:
4d:a8:1e:3f:ea:17:07:98:57:88:b5:9f:87:2c:3b:75:18:9a:
5a:48:e6:80:ca:3b:0e:41:c4:31:96:7f:a3:0a:40:5f:2f:cc:
23:c4:75:3c:4b:3f:a3:a9:57:ad:be:ce:d9:73:94:67:3e:4e:
fd:04:7b:22:d0:12:06:5c:e4:61:cd:5a:3d:df:b4:d0:85:2d:
04:9d:52:bc:87:55:bb:d3:39:a4:ec:df:bb:8a:e7:ab:c6:85:
72:6c:43:19:14:9b:23:6d:9f:54:d8:0a:23:3c:90:6f:00:83:
25:6b:ec:f0:96:d4:fe:ee:cb:c7:c3:bc:e2:d1:16:02:47:c4:
72:7b:f1:8b:e1:cf:c9:b0:f2:5c:1d:12:72:95:33:2f:cf:2c:
0e:f1:b7:3c:fc:4f:cf:46:07:64:89:cf:81:8b:9d:e1:9f:37:
7d:5c:ff:95
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ94/xPzpc4EIVTtRq58ud9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA2MjMxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNkMzM5NjVkMDNiZDBhYjBlZWE1ZjA4ZTFjNzM0NjRmNmQ2NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWXXVZLVJafICYq7Ib+zDuEGPWTV
3KVyKveC0TeYao8dAkMtZBeoAQRuiqbF59VJx6O3R1acQmWQ7ejOoQTRbS247bBl
UDpeCRAWz9ey+1qF0dyMwNZTFPRDM39XdXdtMOj0ATcplfNJuh0trXoPsG5xRwd8
/wkCde6UK2pmhEIVX/ZiZQ5GlKa+S0pP6mjGkiI30W20P/l824QpYuZOU4d06h8N
+soeB/NITmJit2nv3hBBBscdKqCZumWfwEowx02jNJUbldccWD4kX0vA/ZzoAfIv
LDbQ7asGgmHHuVPeVQ7nHMTTkjfI8ZS1mBXn0NDN8vcruZHLiSQLXE8aPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCk9M5ZdA70KsO6l8I4cc0ZPbWVzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS1QwemxsMER2UXF3N3FYd2poeHpSazl0WlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEASSd7GfDJ5AWhO3xwKfOG4UUc
iw1s1d1oNHqJJXDzdayAFhxybCsusp2I68K7TOCSuTzUi8B5e2YVIZAvbCrw7g8G
JKNTrfomLpNzvpyM7Tqtkq5sw2Fzto4ITageP+oXB5hXiLWfhyw7dRiaWkjmgMo7
DkHEMZZ/owpAXy/MI8R1PEs/o6lXrb7O2XOUZz5O/QR7ItASBlzkYc1aPd+00IUt
BJ1SvIdVu9M5pOzfu4rnq8aFcmxDGRSbI22fVNgKIzyQbwCDJWvs8JbU/u7Lx8O8
4tEWAkfEcnvxi+HPybDyXB0ScpUzL88sDvG3PPxPz0YHZInPgYud4Z83fVz/lQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:14:12 2025 by rpki-client