Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RsGvLAGzoVlpzR8ZTS1HUPlpgG0.roa
File: RsGvLAGzoVlpzR8ZTS1HUPlpgG0.roa (raw, json)
Hash identifier: Y5l+nRJvm+6nECiA10zGKh1XuMKga74imtRbrSZoquo=
Subject key identifier: 46:C1:AF:2C:01:B3:A1:59:69:CD:1F:19:4D:2D:47:50:F9:69:80:6D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959FF1A97F248BD0278B4D9BAC210CAB31
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RsGvLAGzoVlpzR8ZTS1HUPlpgG0.roa
Signing time: Sun 16 Mar 2025 17:12:49 +0000
ROA not before: Sun 16 Mar 2025 17:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:f1:a9:7f:24:8b:d0:27:8b:4d:9b:ac:21:0c:ab:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 17:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46c1af2c01b3a15969cd1f194d2d4750f969806d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:57:9a:a0:d2:75:65:e9:50:c0:fc:25:60:ff:
15:d3:b1:10:ef:6b:3b:87:09:ca:bd:1e:94:65:ef:
1d:d3:cf:ab:c9:17:b5:83:a9:5a:2f:85:4a:aa:97:
02:1e:62:42:c9:6c:2d:fb:7a:84:9d:e9:76:46:b0:
40:5b:5c:30:cf:a2:b2:c5:f3:04:8a:c8:c7:ea:37:
73:66:ee:1d:ba:d3:eb:2f:75:00:91:3b:86:67:51:
b9:aa:a0:71:e0:92:0b:82:a9:57:dd:46:c9:dd:80:
ac:8a:04:8c:0a:42:50:b8:8a:48:7e:fd:d3:0b:aa:
de:53:89:b4:0e:cf:c3:75:32:e6:c6:d4:c0:39:e7:
0d:bb:97:60:87:61:b2:e2:ce:32:99:82:82:b6:18:
f0:23:97:ba:94:bf:f4:bc:65:c5:57:8b:54:0b:dc:
28:42:17:79:36:ed:7e:14:12:a1:f5:f1:6d:88:e3:
81:23:2d:24:ce:4d:70:87:f4:85:26:ba:ef:74:8c:
13:39:96:10:b0:c3:b1:ad:7c:83:47:cf:bb:b5:2f:
f7:4c:7b:9f:72:41:f1:b0:d5:94:a3:cb:89:6f:2b:
16:81:06:6e:68:5b:a9:43:3d:19:8c:58:0f:68:d5:
e6:af:80:1b:11:ad:ae:84:a5:bf:00:2e:99:7c:50:
6b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C1:AF:2C:01:B3:A1:59:69:CD:1F:19:4D:2D:47:50:F9:69:80:6D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RsGvLAGzoVlpzR8ZTS1HUPlpgG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
3a:4a:cd:1f:37:60:c3:a9:fe:90:e2:96:23:79:6d:71:e2:87:
5e:ae:96:26:2e:f2:73:48:7f:89:db:75:8d:77:3c:fa:5f:30:
3a:14:50:ce:f0:52:90:3f:4a:22:9e:a6:12:1a:39:a5:75:5c:
4b:5a:61:55:14:c8:a1:ac:77:c6:f8:c5:21:f9:d8:9b:7c:27:
86:51:a9:6b:8b:83:d6:af:86:45:e6:3d:f0:d7:51:26:74:76:
2d:1b:9b:37:14:ff:19:cc:ba:77:d5:3a:80:d6:8c:f8:b3:20:
35:db:c0:bb:df:e9:98:83:ee:46:fb:73:68:0c:11:5e:28:e3:
1d:ec:d4:43:73:39:a1:02:99:76:5c:04:ec:97:b6:f2:44:01:
79:42:65:6e:a5:58:8a:88:cf:93:40:08:b1:fb:e3:45:a5:e9:
f5:3d:84:8a:80:3f:53:e8:89:fd:8a:a5:e8:09:3c:67:31:03:
33:cc:bf:95:fd:ac:f9:32:a3:bd:07:eb:1f:58:3b:3b:dd:6a:
76:d0:22:8c:4d:b6:da:54:a5:7e:a6:02:f0:e0:2b:f6:96:57:
cf:27:1f:dd:1c:6d:b0:be:84:f1:78:5e:54:fb:0f:ec:4c:5b:
8c:8a:74:81:24:57:97:1b:b8:66:d7:92:d6:e2:87:10:49:a5:
5a:61:ee:24
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWf8al/JIvQJ4tNm6whDKsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTcxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmMxYWYyYzAxYjNhMTU5NjljZDFmMTk0ZDJkNDc1MGY5Njk4MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VeaoNJ1ZelQwPwlYP8V07EQ72s7
hwnKvR6UZe8d08+ryRe1g6laL4VKqpcCHmJCyWwt+3qEnel2RrBAW1wwz6KyxfME
isjH6jdzZu4dutPrL3UAkTuGZ1G5qqBx4JILgqlX3UbJ3YCsigSMCkJQuIpIfv3T
C6reU4m0Ds/DdTLmxtTAOecNu5dgh2Gy4s4ymYKCthjwI5e6lL/0vGXFV4tUC9wo
Qhd5Nu1+FBKh9fFtiOOBIy0kzk1wh/SFJrrvdIwTOZYQsMOxrXyDR8+7tS/3THuf
ckHxsNWUo8uJbysWgQZuaFupQz0ZjFgPaNXmr4AbEa2uhKW/AC6ZfFBrPQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEbBrywBs6FZac0fGU0tR1D5aYBtMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUnNHdkxBR3pvVmxwelI4WlRTMUhVUGxwZ0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAOkrNHzdgw6n+kOKWI3ltceKH
Xq6WJi7yc0h/idt1jXc8+l8wOhRQzvBSkD9KIp6mEho5pXVcS1phVRTIoax3xvjF
IfnYm3wnhlGpa4uD1q+GReY98NdRJnR2LRubNxT/Gcy6d9U6gNaM+LMgNdvAu9/p
mIPuRvtzaAwRXijjHezUQ3M5oQKZdlwE7Je28kQBeUJlbqVYiojPk0AIsfvjRaXp
9T2EioA/U+iJ/Yql6Ak8ZzEDM8y/lf2s+TKjvQfrH1g7O91qdtAijE222lSlfqYC
8OAr9pZXzycf3RxtsL6E8XheVPsP7ExbjIp0gSRXlxu4ZteS1uKHEEmlWmHuJA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:52:54 2025 by rpki-client