Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LNjQp_iM6BCcQ2o-E23dZRvvbaw.roa
File: LNjQp_iM6BCcQ2o-E23dZRvvbaw.roa (raw, json)
Hash identifier: tJHFcPWIaig+1XRFnaH3ytuVswmGHhI8zQlY13Z4auo=
Subject key identifier: 2C:D8:D0:A7:F8:8C:E8:10:9C:43:6A:3E:13:6D:DD:65:1B:EF:6D:AC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194E7614A27B6259565DD68409E54373F66
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LNjQp_iM6BCcQ2o-E23dZRvvbaw.roa
Signing time: Sat 08 Feb 2025 21:05:00 +0000
ROA not before: Sat 08 Feb 2025 21:05:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:e760:d2cd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e7:61:4a:27:b6:25:95:65:dd:68:40:9e:54:37:3f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 8 21:05:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cd8d0a7f88ce8109c436a3e136ddd651bef6dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:bf:c9:46:21:50:0e:c1:a8:4d:eb:60:73:
fc:04:f5:c0:be:2d:fc:b8:d3:38:a9:bb:54:a2:2d:
09:e0:af:ec:c4:81:57:36:05:59:d1:16:f3:02:99:
d0:ca:f0:ab:2a:c8:58:73:cd:5d:40:8b:10:6c:60:
74:ee:78:ca:bf:0f:a3:23:fc:c4:b6:f1:71:e8:4d:
fa:dd:9e:3d:8a:b4:96:e4:d9:ff:f3:2e:b1:3d:39:
0a:ac:ba:a1:5c:d7:66:4c:d8:49:72:c5:2d:c5:9e:
0d:5e:43:41:dc:cc:9d:24:2d:23:fc:81:f6:1c:28:
69:83:e1:3b:e2:32:43:c3:6f:56:87:0c:86:d5:5d:
3e:2f:ce:3e:07:40:37:5b:5b:92:66:ee:df:30:84:
40:be:dc:21:b4:e3:12:d7:7a:59:cc:d7:43:7a:0e:
b9:f6:48:72:28:33:e7:c3:7f:07:4d:2b:1b:d1:93:
94:3b:83:77:fe:ff:36:8a:39:19:c9:f8:44:ca:3c:
05:7a:f3:0a:18:f5:25:34:a5:0f:9d:68:d3:33:d3:
11:ff:44:74:e8:ec:4d:4e:41:a2:b7:41:61:15:82:
0d:99:b5:71:c6:d5:05:b9:95:37:9a:75:51:f8:c2:
e8:b5:f6:62:15:78:40:69:92:69:94:ec:f7:32:c5:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D8:D0:A7:F8:8C:E8:10:9C:43:6A:3E:13:6D:DD:65:1B:EF:6D:AC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LNjQp_iM6BCcQ2o-E23dZRvvbaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:e760:d2cd/128
Signature Algorithm: sha256WithRSAEncryption
6d:4a:b7:95:76:c8:cf:a9:68:e4:e8:f4:f4:9a:7f:97:d3:0b:
52:07:6d:29:af:0b:7d:20:23:a7:bf:5c:84:36:ce:a6:06:be:
aa:73:2c:53:f1:1b:78:e6:22:16:8b:b5:76:df:98:fe:db:ef:
f1:f7:cc:09:51:15:16:64:41:84:be:8e:50:51:14:b3:a0:ac:
3c:57:fb:4c:df:0c:b0:31:3a:54:13:4f:82:4a:50:62:6b:22:
9c:a3:a7:52:f8:0b:b8:00:b0:cf:a9:02:19:c2:dc:ca:73:fe:
4b:f7:1e:56:2a:b0:92:7d:bf:9c:d5:a9:be:ae:7e:f6:cd:38:
1e:af:17:97:e5:0a:b2:de:97:b3:7b:ff:4a:ec:c7:79:dc:a0:
91:77:b0:c8:67:67:4d:1e:21:a1:cc:48:6f:7b:f1:53:d4:69:
e1:b9:63:b9:b5:71:03:c6:fa:21:19:46:33:1d:1c:f2:75:2b:
d8:08:9b:5e:e8:62:a0:f9:34:61:6f:f4:56:a7:41:be:ae:8f:
dc:e0:7d:3a:f5:f0:78:3a:3d:69:da:ed:7c:d0:16:49:d9:50:
4c:2e:b8:29:01:41:81:be:9c:dc:fa:85:ad:9b:0b:cb:b3:90:
f9:c3:3d:7e:0b:e2:a6:9b:b7:d6:0d:3f:86:69:cb:bb:ea:8b:
11:88:ea:eb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZTnYUontiWVZd1oQJ5UNz9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjA4MjEwNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q4ZDBhN2Y4OGNlODEwOWM0MzZhM2UxMzZkZGQ2NTFiZWY2ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO2/yUYhUA7BqE3rYHP8BPXAvi38
uNM4qbtUoi0J4K/sxIFXNgVZ0RbzApnQyvCrKshYc81dQIsQbGB07njKvw+jI/zE
tvFx6E363Z49irSW5Nn/8y6xPTkKrLqhXNdmTNhJcsUtxZ4NXkNB3MydJC0j/IH2
HChpg+E74jJDw29WhwyG1V0+L84+B0A3W1uSZu7fMIRAvtwhtOMS13pZzNdDeg65
9khyKDPnw38HTSsb0ZOUO4N3/v82ijkZyfhEyjwFevMKGPUlNKUPnWjTM9MR/0R0
6OxNTkGit0FhFYINmbVxxtUFuZU3mnVR+MLotfZiFXhAaZJplOz3MsUU6wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCzY0Kf4jOgQnENqPhNt3WUb722sMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTE5qUXBfaU02QkNjUTJvLUUyM2RaUnZ2YmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGU52DSzTANBgkqhkiG9w0BAQsFAAOCAQEAbUq3lXbIz6lo5Oj09Jp/l9ML
UgdtKa8LfSAjp79chDbOpga+qnMsU/EbeOYiFou1dt+Y/tvv8ffMCVEVFmRBhL6O
UFEUs6CsPFf7TN8MsDE6VBNPgkpQYmsinKOnUvgLuACwz6kCGcLcynP+S/ceViqw
kn2/nNWpvq5+9s04Hq8Xl+UKst6Xs3v/SuzHedygkXewyGdnTR4hocxIb3vxU9Rp
4bljubVxA8b6IRlGMx0c8nUr2AibXuhioPk0YW/0VqdBvq6P3OB9OvXweDo9adrt
fNAWSdlQTC64KQFBgb6c3PqFrZsLy7OQ+cM9fgvippu31g0/hmnLu+qLEYjq6w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:24:10 2025 by rpki-client