Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q9uNqqFNW0WXJxEwotwZsSOGofM.roa
File: Q9uNqqFNW0WXJxEwotwZsSOGofM.roa (raw, json)
Hash identifier: 1YEjemRlc/YAWAucxBmqxnMr/1Bmz3uyDdZ65G1222Q=
Subject key identifier: 43:DB:8D:AA:A1:4D:5B:45:97:27:11:30:A2:DC:19:B1:23:86:A1:F3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019435BC95736535B68FC9BC18A3CAE62F1E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q9uNqqFNW0WXJxEwotwZsSOGofM.roa
Signing time: Sun 05 Jan 2025 09:12:19 +0000
ROA not before: Sun 05 Jan 2025 09:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:bc:95:73:65:35:b6:8f:c9:bc:18:a3:ca:e6:2f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 5 09:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43db8daaa14d5b4597271130a2dc19b12386a1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:29:31:c2:cc:33:db:e5:fd:36:95:45:1c:0b:
2d:81:7d:24:86:43:b7:7d:cc:16:58:d4:77:94:62:
32:c0:9f:0c:38:01:a0:61:95:99:13:5c:3f:9c:68:
4c:59:da:ea:c7:ee:9e:f8:7c:b8:4c:ca:8f:53:5a:
3f:28:82:e6:3c:b3:f3:66:f9:bf:2c:21:b5:1a:18:
55:8b:9c:e4:8f:7c:83:8b:da:35:6a:17:ad:ec:5a:
26:56:c8:20:9b:6c:64:e2:58:1a:4b:f9:60:a0:ae:
8a:f5:b6:3d:df:f1:de:02:90:b5:6e:db:94:82:38:
42:e7:ec:cc:8a:09:4d:2e:5e:6d:a5:62:60:42:9c:
d6:9d:7e:4a:95:94:1e:e7:9e:0e:20:2f:0f:28:7f:
ae:df:5c:cb:fa:a5:ce:05:ac:08:fc:62:fd:70:6d:
91:42:e8:de:6f:5a:a3:9c:c4:1b:c7:f2:82:72:f5:
4d:24:bf:79:df:3a:5c:1a:bd:cf:ce:fd:a5:9c:28:
00:1e:7c:8c:b7:13:7a:f6:c9:56:08:0b:27:58:05:
12:b2:ca:71:1a:63:23:02:1b:fc:81:b3:61:b0:f9:
66:ab:55:f4:d1:68:69:0e:d3:e3:47:2b:58:a9:11:
c0:50:9b:d1:71:0f:f7:9a:25:61:4d:d1:a7:5b:81:
d7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DB:8D:AA:A1:4D:5B:45:97:27:11:30:A2:DC:19:B1:23:86:A1:F3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Q9uNqqFNW0WXJxEwotwZsSOGofM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
98:4d:b3:5e:96:f7:fd:38:9a:90:e5:39:81:f8:cb:19:64:89:
26:5a:a1:e5:f2:c8:ed:7a:ee:77:51:01:ce:e5:60:0f:6f:c5:
03:ef:e4:48:8d:2a:71:84:25:52:c3:7c:24:3d:72:62:16:70:
7a:e7:67:56:1d:a1:94:af:80:2b:7f:c5:a9:be:f1:0d:a3:c0:
40:fb:bf:0d:36:57:5d:3e:00:cf:ca:a8:2a:58:97:cc:8c:16:
3f:af:0c:67:39:4c:44:f9:54:2c:1f:b0:6c:e1:d9:e7:90:76:
e2:0a:2d:ff:91:b8:86:f1:cd:0e:5d:f8:de:d0:a3:b3:e9:66:
76:7c:82:bf:5b:93:8d:a8:7e:d9:fc:b5:a7:88:25:cf:a4:09:
2d:52:df:90:11:25:5e:bb:ac:be:66:91:c3:52:da:03:b4:ec:
a7:ac:e8:d6:ee:c0:ab:e2:0d:53:ec:b8:99:60:20:8a:67:f3:
83:12:f4:0c:52:20:d7:c7:38:8d:84:d0:14:d3:27:29:a6:aa:
49:52:41:e4:01:d8:03:e9:7a:3d:eb:65:67:7f:8e:3f:73:56:
15:0d:ce:f8:b1:fe:c2:a5:3b:5c:0b:82:21:f1:b8:05:ac:e3:
ce:19:be:31:79:ab:00:04:7d:3a:7b:2e:a1:67:f9:a9:ad:4f:
8e:57:b1:fd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ1vJVzZTW2j8m8GKPK5i8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA1MDkxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RiOGRhYWExNGQ1YjQ1OTcyNzExMzBhMmRjMTliMTIzODZhMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSkxwswz2+X9NpVFHAstgX0khkO3
fcwWWNR3lGIywJ8MOAGgYZWZE1w/nGhMWdrqx+6e+Hy4TMqPU1o/KILmPLPzZvm/
LCG1GhhVi5zkj3yDi9o1ahet7FomVsggm2xk4lgaS/lgoK6K9bY93/HeApC1btuU
gjhC5+zMiglNLl5tpWJgQpzWnX5KlZQe554OIC8PKH+u31zL+qXOBawI/GL9cG2R
Qujeb1qjnMQbx/KCcvVNJL953zpcGr3Pzv2lnCgAHnyMtxN69slWCAsnWAUSsspx
GmMjAhv8gbNhsPlmq1X00WhpDtPjRytYqRHAUJvRcQ/3miVhTdGnW4HXMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEPbjaqhTVtFlycRMKLcGbEjhqHzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUTl1TnFxRk5XMFdYSnhFd290d1pzU09Hb2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAmE2zXpb3/TiakOU5gfjLGWSJ
Jlqh5fLI7Xrud1EBzuVgD2/FA+/kSI0qcYQlUsN8JD1yYhZweudnVh2hlK+AK3/F
qb7xDaPAQPu/DTZXXT4Az8qoKliXzIwWP68MZzlMRPlULB+wbOHZ55B24got/5G4
hvHNDl343tCjs+lmdnyCv1uTjah+2fy1p4glz6QJLVLfkBElXrusvmaRw1LaA7Ts
p6zo1u7Aq+INU+y4mWAgimfzgxL0DFIg18c4jYTQFNMnKaaqSVJB5AHYA+l6Petl
Z3+OP3NWFQ3O+LH+wqU7XAuCIfG4Bazjzhm+MXmrAAR9OnsuoWf5qa1Pjlex/Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:02:22 2025 by rpki-client