Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QCXuD5Yl-pi81NTcwEY6I_VEZhc.roa
File: QCXuD5Yl-pi81NTcwEY6I_VEZhc.roa (raw, json)
Hash identifier: QKI40u/LbIuKE5pz5aWh9M90jpF7hjxdPo7tNL5eIHY=
Subject key identifier: 40:25:EE:0F:96:25:FA:98:BC:D4:D4:DC:C0:46:3A:23:F5:44:66:17
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01944D8796A52105CA765329353B803A96B2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QCXuD5Yl-pi81NTcwEY6I_VEZhc.roa
Signing time: Fri 10 Jan 2025 00:05:19 +0000
ROA not before: Fri 10 Jan 2025 00:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:4d86:edfe/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4d:87:96:a5:21:05:ca:76:53:29:35:3b:80:3a:96:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 10 00:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4025ee0f9625fa98bcd4d4dcc0463a23f5446617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d4:a7:79:ca:f7:4b:4e:8f:a4:f4:d9:f1:03:
a4:44:1c:81:23:e9:01:c0:92:de:5c:ff:e6:a4:54:
78:c0:29:0f:39:a8:fe:ce:81:00:b7:e2:5e:56:af:
aa:05:9d:80:46:e3:90:74:a8:0a:a3:8b:e9:15:82:
86:1c:c7:dd:95:f7:94:05:87:d2:46:b4:6e:d7:88:
8e:66:e5:0a:50:e4:0e:d5:6a:29:82:3f:01:1d:9f:
13:7b:51:9f:9b:75:7d:86:bb:7a:7b:d3:b0:69:6e:
08:8c:bc:55:73:5d:a2:07:4b:7a:c4:fc:d9:b3:e4:
02:c3:7a:22:f9:a5:f3:c5:62:93:c6:e4:3d:be:ee:
84:d8:2f:81:62:b8:28:b2:5c:74:3f:ec:d8:3d:03:
73:d9:1e:d3:fb:10:72:7c:68:c4:3d:59:eb:b8:1e:
60:46:f0:88:06:35:48:b7:a4:d3:bf:be:78:bf:6d:
14:94:ad:16:65:2a:92:b4:be:0c:76:de:2a:ab:ab:
7c:b6:b6:3c:1e:01:61:0d:54:67:c3:9d:6e:ce:ac:
c0:9a:cc:9f:24:4f:dd:de:e8:4e:c0:9c:cd:8e:88:
2a:3e:55:f2:28:e3:18:56:e2:1e:a0:75:e7:df:55:
cb:90:83:1c:ea:d7:d8:1e:0b:b9:4f:ac:c9:2f:77:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:25:EE:0F:96:25:FA:98:BC:D4:D4:DC:C0:46:3A:23:F5:44:66:17
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QCXuD5Yl-pi81NTcwEY6I_VEZhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:4d86:edfe/128
Signature Algorithm: sha256WithRSAEncryption
5c:e6:af:1a:28:2f:be:b6:23:97:11:5d:22:05:71:4a:e6:0c:
f6:c5:46:68:e1:c8:96:05:d9:c9:b5:bd:a7:b4:20:b2:d1:63:
11:b2:a4:5a:6b:df:ec:a7:14:17:d4:41:5d:a1:31:0d:f9:dd:
cb:f8:26:1c:f2:20:40:e1:e1:6d:ad:c9:0e:69:f8:c0:40:73:
c3:c0:d3:6d:4d:aa:3f:74:d5:8f:ee:f1:54:26:80:f5:b0:b6:
58:47:a6:fe:41:cc:49:ea:93:0e:7f:94:1b:e3:fe:f1:10:a8:
55:f6:65:6c:3c:ff:88:6b:78:31:94:b5:48:c6:27:32:b0:72:
20:22:24:b8:e4:81:33:7b:a9:00:63:ef:9b:5f:86:6d:c2:e7:
7a:ca:da:5c:00:14:39:f2:c9:6f:fb:a6:64:59:24:a3:08:b8:
44:80:44:5e:16:b9:6d:3f:95:94:8f:7b:86:a2:59:96:48:7c:
82:c4:ce:89:db:a3:8f:e3:0b:73:a6:bc:0b:85:e2:a2:67:ee:
67:d4:93:c2:b1:5c:8c:d4:0f:c6:db:ee:34:3d:c9:57:df:31:
f1:b8:0a:68:ed:ed:8b:0f:9a:e0:22:ff:c5:7a:3c:bf:d1:ed:
4a:ca:e1:c1:5f:24:f0:e1:45:70:6f:47:98:1d:76:7e:47:08:
11:e0:0f:e0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRNh5alIQXKdlMpNTuAOpayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTEwMDAwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI1ZWUwZjk2MjVmYTk4YmNkNGQ0ZGNjMDQ2M2EyM2Y1NDQ2NjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tSnecr3S06PpPTZ8QOkRByBI+kB
wJLeXP/mpFR4wCkPOaj+zoEAt+JeVq+qBZ2ARuOQdKgKo4vpFYKGHMfdlfeUBYfS
RrRu14iOZuUKUOQO1Wopgj8BHZ8Te1Gfm3V9hrt6e9OwaW4IjLxVc12iB0t6xPzZ
s+QCw3oi+aXzxWKTxuQ9vu6E2C+BYrgoslx0P+zYPQNz2R7T+xByfGjEPVnruB5g
RvCIBjVIt6TTv754v20UlK0WZSqStL4Mdt4qq6t8trY8HgFhDVRnw51uzqzAmsyf
JE/d3uhOwJzNjogqPlXyKOMYVuIeoHXn31XLkIMc6tfYHgu5T6zJL3f76QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEAl7g+WJfqYvNTU3MBGOiP1RGYXMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUUNYdUQ1WWwtcGk4MU5UY3dFWTZJX1ZFWmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlE2G7f4wDQYJKoZIhvcNAQELBQADggEB
AFzmrxooL762I5cRXSIFcUrmDPbFRmjhyJYF2cm1vae0ILLRYxGypFpr3+ynFBfU
QV2hMQ353cv4JhzyIEDh4W2tyQ5p+MBAc8PA021Nqj901Y/u8VQmgPWwtlhHpv5B
zEnqkw5/lBvj/vEQqFX2ZWw8/4hreDGUtUjGJzKwciAiJLjkgTN7qQBj75tfhm3C
53rK2lwAFDnyyW/7pmRZJKMIuESARF4WuW0/lZSPe4aiWZZIfILEzonbo4/jC3Om
vAuF4qJn7mfUk8KxXIzUD8bb7jQ9yVffMfG4Cmjt7YsPmuAi/8V6PL/R7UrK4cFf
JPDhRXBvR5gddn5HCBHgD+A=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:09:57 2025 by rpki-client