Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q1_PGLPx3oV8IEuZXIPlCVBr7bY.roa
File: Q1_PGLPx3oV8IEuZXIPlCVBr7bY.roa (raw, json)
Hash identifier: Ln9J17vM+6pelJqn+pQTlmposfxNl7x9mEnaOsX2Zcw=
Subject key identifier: 43:5F:CF:18:B3:F1:DE:85:7C:20:4B:99:5C:83:E5:09:50:6B:ED:B6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194554018F633AF0CBE13EDF28EAFC79B32
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q1_PGLPx3oV8IEuZXIPlCVBr7bY.roa
Signing time: Sat 11 Jan 2025 12:04:11 +0000
ROA not before: Sat 11 Jan 2025 12:04:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:5540:1258/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:55:40:18:f6:33:af:0c:be:13:ed:f2:8e:af:c7:9b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 11 12:04:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=435fcf18b3f1de857c204b995c83e509506bedb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:32:cd:9d:dc:f8:c9:7b:73:a5:b3:6f:a5:
5d:03:0d:e9:70:0a:9d:63:24:cb:02:7e:96:e1:41:
de:1b:60:60:ea:07:b6:3b:dd:38:b4:f3:f9:1c:86:
b8:b1:50:6c:61:fb:f7:76:d2:16:e7:08:f6:aa:45:
4d:0d:9c:7e:bd:76:db:e5:12:f2:e7:15:c6:b9:1c:
2e:8b:b0:2c:d1:18:09:69:99:87:16:e1:e8:61:74:
3f:14:94:2e:60:27:ba:c1:c0:b1:ff:bd:38:f1:7f:
4a:1d:ca:06:c0:c3:f7:a1:c9:86:d5:c9:b2:6c:d9:
7c:fb:0c:5e:c2:24:8e:70:fe:b1:4d:62:ec:15:b5:
3f:88:c3:22:52:31:17:03:b0:a4:8d:47:fc:09:bb:
d9:5c:58:db:1d:a5:c7:52:00:91:57:ee:cc:91:68:
84:f5:23:0f:d3:56:4c:35:e8:cf:98:60:cf:50:49:
14:cd:89:90:2f:cf:0b:61:78:22:6b:bf:27:79:d3:
3d:78:65:44:e3:d9:53:3c:b2:ec:c6:fb:0c:b4:47:
68:95:f6:4a:cc:77:5e:61:88:d8:63:4e:18:dc:56:
db:70:93:4e:03:33:25:40:db:d2:cb:6a:fe:c5:98:
3f:07:c0:e8:40:85:84:74:17:0e:a9:5e:bd:64:98:
ff:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5F:CF:18:B3:F1:DE:85:7C:20:4B:99:5C:83:E5:09:50:6B:ED:B6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q1_PGLPx3oV8IEuZXIPlCVBr7bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:5540:1258/128
Signature Algorithm: sha256WithRSAEncryption
2a:3e:48:2c:82:4f:7b:9f:49:df:c9:c4:d0:98:50:cb:87:c1:
7d:a6:80:6c:47:5f:80:0e:25:4e:64:49:0a:22:43:a4:a7:f2:
ac:f5:69:50:c4:de:7c:3d:3f:8e:e8:64:11:fe:d0:e9:b3:43:
66:d0:cb:25:09:91:12:16:d5:95:c2:29:44:0f:4e:c7:70:30:
96:1d:db:da:72:d7:7b:5e:bd:d8:71:29:6b:9b:fd:07:33:52:
90:c5:f2:f9:85:ea:32:cb:3f:78:ef:c7:4d:7d:58:41:5e:1d:
a7:91:cc:39:e0:a5:cf:0e:39:ba:b5:25:f0:92:cb:cf:bf:bc:
3a:2d:b5:d4:4a:44:d5:d9:ae:f7:53:56:81:94:ee:70:4e:18:
41:50:88:c6:3a:1d:93:bd:6d:57:04:3b:e8:d9:c6:21:f4:22:
98:33:a7:36:3b:fe:fa:42:7a:b9:ce:3d:0c:01:cc:ae:c9:61:
65:f5:99:74:f4:77:0c:90:5b:24:d2:b7:8e:5d:c9:cc:7a:77:
03:e5:66:df:ee:f2:2c:8d:c8:19:73:50:54:2d:4c:a2:58:ae:
4d:d1:76:65:c9:e9:df:3f:51:5f:6a:cb:51:fd:7b:9c:e3:1b:
94:3e:92:59:90:3a:42:f8:95:7a:47:00:c2:60:e3:ae:ab:f9:
51:b3:52:51
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRVQBj2M68MvhPt8o6vx5syMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTExMTIwNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVmY2YxOGIzZjFkZTg1N2MyMDRiOTk1YzgzZTUwOTUwNmJlZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLUyzZ3c+Ml7c6Wzb6VdAw3pcAqd
YyTLAn6W4UHeG2Bg6ge2O904tPP5HIa4sVBsYfv3dtIW5wj2qkVNDZx+vXbb5RLy
5xXGuRwui7As0RgJaZmHFuHoYXQ/FJQuYCe6wcCx/7048X9KHcoGwMP3ocmG1cmy
bNl8+wxewiSOcP6xTWLsFbU/iMMiUjEXA7CkjUf8CbvZXFjbHaXHUgCRV+7MkWiE
9SMP01ZMNejPmGDPUEkUzYmQL88LYXgia78nedM9eGVE49lTPLLsxvsMtEdolfZK
zHdeYYjYY04Y3FbbcJNOAzMlQNvSy2r+xZg/B8DoQIWEdBcOqV69ZJj/jwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFENfzxiz8d6FfCBLmVyD5QlQa+22MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUTFfUEdMUHgzb1Y4SUV1WlhJUGxDVkJyN2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlFVAElgwDQYJKoZIhvcNAQELBQADggEB
ACo+SCyCT3ufSd/JxNCYUMuHwX2mgGxHX4AOJU5kSQoiQ6Sn8qz1aVDE3nw9P47o
ZBH+0OmzQ2bQyyUJkRIW1ZXCKUQPTsdwMJYd29py13tevdhxKWub/QczUpDF8vmF
6jLLP3jvx019WEFeHaeRzDngpc8OObq1JfCSy8+/vDottdRKRNXZrvdTVoGU7nBO
GEFQiMY6HZO9bVcEO+jZxiH0IpgzpzY7/vpCernOPQwBzK7JYWX1mXT0dwyQWyTS
t45dycx6dwPlZt/u8iyNyBlzUFQtTKJYrk3RdmXJ6d8/UV9qy1H9e5zjG5Q+klmQ
OkL4lXpHAMJg466r+VGzUlE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:34:20 2025 by rpki-client