Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QAtsQ_yW_fCsHWYlY_xaVHwnYNk.roa
File: QAtsQ_yW_fCsHWYlY_xaVHwnYNk.roa (raw, json)
Hash identifier: h9XBNoHKzZ7z2dLYRIiik8Q0w1JuLAeGIOtU1sIbd4c=
Subject key identifier: 40:0B:6C:43:FC:96:FD:F0:AC:1D:66:25:63:FC:5A:54:7C:27:60:D9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194576AE856D141C3E2D015EABE72AF66B7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QAtsQ_yW_fCsHWYlY_xaVHwnYNk.roa
Signing time: Sat 11 Jan 2025 22:10:11 +0000
ROA not before: Sat 11 Jan 2025 22:10:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:6a:e8:56:d1:41:c3:e2:d0:15:ea:be:72:af:66:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 11 22:10:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=400b6c43fc96fdf0ac1d662563fc5a547c2760d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c6:a1:eb:7e:2d:5a:f0:11:dd:fb:fb:0b:b0:
f9:32:57:ed:3c:6e:52:04:08:70:2d:34:e4:c3:41:
1c:ea:73:c3:63:2f:3f:8c:08:9c:53:6f:0e:f8:c4:
8a:c9:4d:d3:91:bf:f2:95:58:2c:26:46:9a:02:62:
45:a2:0d:76:43:2a:9c:ce:6f:29:9c:94:80:0c:3d:
46:7b:8c:79:cb:fa:5a:86:bf:1a:4f:45:c3:21:c7:
5c:f1:68:83:88:0c:07:f4:05:12:56:7e:22:e0:0a:
3b:0f:cd:52:e4:8a:3a:52:3f:d9:96:b3:7f:84:77:
7a:9d:08:cf:15:95:16:51:42:1f:ca:ff:24:3d:d7:
2f:28:48:fa:7c:d8:8f:55:88:36:26:3e:8e:11:56:
4b:59:72:36:66:af:bd:01:20:59:ca:be:47:aa:bf:
32:62:b1:82:80:ef:24:f6:b1:2a:f5:20:44:dd:6f:
80:c0:b5:74:82:c1:8b:e9:a6:d7:3a:7d:e5:2c:e4:
58:b6:22:d0:76:9f:52:7c:a5:ba:1d:b4:5d:7d:16:
1f:73:ed:72:47:91:a1:4f:62:44:58:61:b8:30:eb:
b4:d3:d5:b1:12:41:4e:cf:36:ac:9b:ea:4c:8c:dc:
df:bd:54:47:0f:54:b1:5b:76:b8:ed:2b:73:22:72:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0B:6C:43:FC:96:FD:F0:AC:1D:66:25:63:FC:5A:54:7C:27:60:D9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QAtsQ_yW_fCsHWYlY_xaVHwnYNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
2b:5e:03:ec:fb:8e:8a:99:aa:ea:fb:17:08:6b:21:88:c1:12:
6b:7f:6e:56:43:a6:70:bd:2b:71:ba:d8:47:82:57:17:21:40:
f3:1a:68:d0:61:f7:af:4d:ff:d5:7a:31:7c:8a:ec:7a:df:7f:
92:3b:20:cf:69:e4:f4:52:55:ce:0b:e1:82:87:1b:84:11:41:
01:d3:e5:5c:e5:ec:1e:01:80:29:b2:ad:b2:2e:49:aa:c0:95:
c8:58:b3:08:f1:9f:b0:f3:d9:b3:b3:cb:c5:aa:69:0d:1c:25:
d0:86:54:fe:a8:14:43:18:31:06:90:d7:f8:f2:92:ba:9f:cb:
83:39:d3:03:b9:84:37:2a:e2:e3:aa:71:3e:9f:7d:2f:04:29:
95:df:b1:da:40:2b:df:87:10:ee:6b:fc:15:19:cd:0e:05:51:
d2:ef:6c:cf:9b:a3:14:d1:9f:d9:3d:37:70:ac:0f:ac:81:ac:
34:7d:d5:be:ac:b0:2f:a9:53:f8:d8:61:e7:07:10:ec:58:08:
fb:1a:6d:2a:9c:db:a2:8c:00:88:e8:fa:f3:12:0d:31:01:2b:
d4:ee:bf:0d:1b:f4:f1:40:eb:57:2b:cf:03:d2:bb:b6:3e:06:
4e:33:b3:49:06:b5:7f:54:6b:fb:bb:8d:6c:26:ef:b0:7a:05:
86:4c:6b:46
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRXauhW0UHD4tAV6r5yr2a3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTExMjIxMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDBiNmM0M2ZjOTZmZGYwYWMxZDY2MjU2M2ZjNWE1NDdjMjc2MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ah634tWvAR3fv7C7D5MlftPG5S
BAhwLTTkw0Ec6nPDYy8/jAicU28O+MSKyU3Tkb/ylVgsJkaaAmJFog12Qyqczm8p
nJSADD1Ge4x5y/pahr8aT0XDIcdc8WiDiAwH9AUSVn4i4Ao7D81S5Io6Uj/ZlrN/
hHd6nQjPFZUWUUIfyv8kPdcvKEj6fNiPVYg2Jj6OEVZLWXI2Zq+9ASBZyr5Hqr8y
YrGCgO8k9rEq9SBE3W+AwLV0gsGL6abXOn3lLORYtiLQdp9SfKW6HbRdfRYfc+1y
R5GhT2JEWGG4MOu009WxEkFOzzasm+pMjNzfvVRHD1SxW3a47StzInJnNwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEALbEP8lv3wrB1mJWP8WlR8J2DZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUUF0c1FfeVdfZkNzSFdZbFlfeGFWSHduWU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAK14D7PuOipmq6vsXCGshiMES
a39uVkOmcL0rcbrYR4JXFyFA8xpo0GH3r03/1XoxfIrset9/kjsgz2nk9FJVzgvh
gocbhBFBAdPlXOXsHgGAKbKtsi5JqsCVyFizCPGfsPPZs7PLxappDRwl0IZU/qgU
QxgxBpDX+PKSup/LgznTA7mENyri46pxPp99LwQpld+x2kAr34cQ7mv8FRnNDgVR
0u9sz5ujFNGf2T03cKwPrIGsNH3VvqywL6lT+Nhh5wcQ7FgI+xptKpzboowAiOj6
8xINMQEr1O6/DRv08UDrVyvPA9K7tj4GTjOzSQa1f1Rr+7uNbCbvsHoFhkxrRg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:38 2025 by rpki-client