Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LQxD2cilyRjyRHIWy6K1leZlNgM.roa
File: LQxD2cilyRjyRHIWy6K1leZlNgM.roa (raw, json)
Hash identifier: DMpT6UdHD1ODuGHNT6BfQpwoyDKvLrc3QgTkr8QnKlM=
Subject key identifier: 2D:0C:43:D9:C8:A5:C9:18:F2:44:72:16:CB:A2:B5:95:E6:65:36:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019497C5BF847CD10E49B70B3EE7EF60003A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LQxD2cilyRjyRHIWy6K1leZlNgM.roa
Signing time: Fri 24 Jan 2025 10:05:06 +0000
ROA not before: Fri 24 Jan 2025 10:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:97c5:2db/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:c5:bf:84:7c:d1:0e:49:b7:0b:3e:e7:ef:60:00:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 24 10:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d0c43d9c8a5c918f2447216cba2b595e6653603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:27:4b:fc:04:de:e6:65:af:48:2f:61:72:96:
66:c2:04:bc:41:d1:d6:0e:09:91:cb:29:12:25:fc:
4e:bb:2f:db:a4:5e:ed:04:5c:18:56:0b:4f:82:86:
e6:9e:d8:b5:c2:7b:91:93:68:c7:a5:ac:b4:5d:2b:
29:73:7a:14:a6:a5:0d:af:e9:8a:2d:71:75:a1:17:
61:03:39:d3:95:75:99:b8:35:d9:18:5d:1d:bc:b4:
df:2d:05:0d:c3:86:29:20:09:ff:62:d8:d7:d7:3b:
e0:14:8e:06:43:cf:c2:37:b3:6c:54:f7:2b:2f:71:
54:9a:2f:cb:58:3d:c9:42:ef:a1:44:32:ac:d0:44:
f8:98:89:6e:ba:b3:0c:32:6c:7c:1d:07:cc:2a:a1:
56:80:a9:13:88:cf:e7:53:4d:f8:6c:45:57:09:e5:
09:25:a1:97:67:a0:39:52:ba:ab:31:78:5d:62:08:
90:4b:6c:27:04:35:e4:2a:5b:8d:cb:99:f5:d7:f2:
ce:d5:84:9f:84:61:ac:91:7b:35:fa:ce:f6:5a:1d:
41:ac:27:cf:7d:ae:db:72:10:b9:13:db:d4:1c:61:
eb:b2:59:e7:dd:71:2a:66:44:5a:42:e4:4c:b5:da:
93:71:19:50:60:91:45:7f:ab:6e:2f:96:83:89:ce:
99:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0C:43:D9:C8:A5:C9:18:F2:44:72:16:CB:A2:B5:95:E6:65:36:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LQxD2cilyRjyRHIWy6K1leZlNgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:97c5:2db/128
Signature Algorithm: sha256WithRSAEncryption
6d:95:8b:9e:2e:c2:15:50:41:4c:86:b3:7d:19:6c:7e:4d:b0:
08:d3:7e:24:de:3d:4d:27:ed:dc:42:b3:21:07:5a:cc:e2:d4:
6a:34:6f:36:b7:71:97:9c:59:f2:18:cc:d5:52:2c:b9:d8:5b:
44:a4:a1:81:33:da:87:07:62:8c:e4:13:7b:5c:be:7e:2d:ec:
a1:83:49:b2:44:9a:1d:05:00:2d:e1:0c:c0:c4:80:2a:60:5a:
03:10:11:e4:54:65:5e:c2:1b:f9:44:a0:3f:2a:b9:be:1f:a9:
50:53:26:df:7e:89:9a:8e:6f:9c:5c:d2:98:ea:2b:78:9d:1a:
40:83:a1:19:d5:18:3b:6f:ac:9d:5b:1a:c8:b4:c3:af:ee:05:
b2:a0:7e:fb:d6:e5:21:d6:48:13:f7:a7:ad:b6:8c:94:3e:59:
03:02:9e:73:a4:a9:41:a5:3c:f1:37:99:49:35:b1:bd:ff:e6:
28:36:4f:26:ce:f9:52:44:52:0a:80:bd:57:03:87:d6:f9:e8:
a0:88:8c:b3:7d:10:42:17:d0:da:66:00:99:0b:01:1a:e2:3c:
39:d1:6b:b6:bc:9e:7f:e9:f5:2e:b8:ba:e3:c4:01:b8:90:0c:
b0:ae:5c:d2:a6:50:66:f1:6e:6c:73:f8:3f:53:32:6a:29:f5:
4c:d2:ee:41
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSXxb+EfNEOSbcLPufvYAA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTI0MTAwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBjNDNkOWM4YTVjOTE4ZjI0NDcyMTZjYmEyYjU5NWU2NjUzNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnidL/ATe5mWvSC9hcpZmwgS8QdHW
DgmRyykSJfxOuy/bpF7tBFwYVgtPgobmnti1wnuRk2jHpay0XSspc3oUpqUNr+mK
LXF1oRdhAznTlXWZuDXZGF0dvLTfLQUNw4YpIAn/YtjX1zvgFI4GQ8/CN7NsVPcr
L3FUmi/LWD3JQu+hRDKs0ET4mIluurMMMmx8HQfMKqFWgKkTiM/nU034bEVXCeUJ
JaGXZ6A5UrqrMXhdYgiQS2wnBDXkKluNy5n11/LO1YSfhGGskXs1+s72Wh1BrCfP
fa7bchC5E9vUHGHrslnn3XEqZkRaQuRMtdqTcRlQYJFFf6tuL5aDic6ZMQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC0MQ9nIpckY8kRyFsuitZXmZTYDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTFF4RDJjaWx5Ump5UkhJV3k2SzFsZVpsTmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUl8UC2zANBgkqhkiG9w0BAQsFAAOCAQEAbZWLni7CFVBBTIazfRlsfk2w
CNN+JN49TSft3EKzIQdazOLUajRvNrdxl5xZ8hjM1VIsudhbRKShgTPahwdijOQT
e1y+fi3soYNJskSaHQUALeEMwMSAKmBaAxAR5FRlXsIb+USgPyq5vh+pUFMm336J
mo5vnFzSmOoreJ0aQIOhGdUYO2+snVsayLTDr+4FsqB++9blIdZIE/enrbaMlD5Z
AwKec6SpQaU88TeZSTWxvf/mKDZPJs75UkRSCoC9VwOH1vnooIiMs30QQhfQ2mYA
mQsBGuI8OdFrtryef+n1Lri648QBuJAMsK5c0qZQZvFubHP4P1Myain1TNLuQQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:39:39 2025 by rpki-client