Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SVsaWdtqirEmr7uCK-HDe7jywWY.roa
File: SVsaWdtqirEmr7uCK-HDe7jywWY.roa (raw, json)
Hash identifier: szOGbyjlONRZkkQ/tLX6oSGJskMqRLI8hFkYIJa3uQ0=
Subject key identifier: 49:5B:1A:59:DB:6A:8A:B1:26:AF:BB:82:2B:E1:C3:7B:B8:F2:C1:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01946227519C50CAEE3F4C5B87C7C8CCE54B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SVsaWdtqirEmr7uCK-HDe7jywWY.roa
Signing time: Tue 14 Jan 2025 00:12:11 +0000
ROA not before: Tue 14 Jan 2025 00:12:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:62:27:51:9c:50:ca:ee:3f:4c:5b:87:c7:c8:cc:e5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 14 00:12:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=495b1a59db6a8ab126afbb822be1c37bb8f2c166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:ce:2b:4f:b2:f0:4f:90:5d:04:e7:20:4a:
b4:23:9a:76:06:cb:c6:36:19:b4:7e:c0:8c:09:fc:
54:0e:2b:55:04:8d:f5:74:cd:ff:6e:a3:db:50:ba:
1d:97:ef:01:85:14:22:45:9a:21:53:3d:36:89:d4:
23:4e:c2:53:f2:ec:1e:3a:28:c9:63:51:6a:68:c9:
48:9e:3e:c0:94:6c:bf:21:28:74:af:09:78:47:27:
04:ac:ce:8b:75:c9:d4:28:c0:86:33:d4:cf:0a:52:
81:7e:da:b2:be:59:d4:b0:c2:8f:27:f2:c0:d4:a8:
74:ec:6d:a8:1f:c8:da:91:db:21:14:f0:22:08:7b:
f2:80:10:85:61:a7:de:b5:b8:21:17:ac:f8:41:fb:
6f:b7:75:24:e1:58:09:a8:7d:3d:aa:bb:c9:d0:36:
16:24:e1:04:f5:56:b0:04:a4:76:c6:7d:02:fb:1a:
c7:5d:44:79:84:5d:f7:43:13:91:12:d4:ca:50:c2:
03:1a:51:cd:57:fc:68:93:e7:81:7a:07:2b:dd:5c:
a1:15:7b:14:40:06:7b:73:f9:98:66:99:a5:67:8f:
0f:33:0e:86:5a:aa:98:19:60:65:c4:ef:67:50:9b:
bc:f9:e3:30:6f:07:53:8a:9d:42:32:1a:c2:11:9c:
80:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5B:1A:59:DB:6A:8A:B1:26:AF:BB:82:2B:E1:C3:7B:B8:F2:C1:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/SVsaWdtqirEmr7uCK-HDe7jywWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
91:10:25:3c:3a:ba:a4:ff:1b:41:c5:b8:af:27:2c:a8:ef:52:
6d:9f:a4:8a:f4:8e:5f:86:30:af:7f:47:9c:c7:32:3a:27:b8:
ce:7a:2d:03:ac:a9:8a:cd:07:1c:9f:1e:a8:31:22:92:70:79:
56:f7:3f:38:19:92:8b:c1:19:11:27:f0:42:87:16:b3:4b:f5:
f3:1a:69:9c:f3:d3:02:72:7b:e7:73:11:a3:cb:04:de:e1:06:
eb:84:dd:30:d4:8b:29:41:0b:43:2f:3e:ff:5b:66:5b:bf:ad:
be:ad:88:fa:76:85:cd:96:cd:35:41:59:bd:6d:c6:24:e8:90:
12:7e:70:bc:36:01:8a:b2:d6:b9:5c:ea:df:88:85:66:07:ab:
44:88:94:27:26:af:58:6e:18:74:0b:11:00:65:b9:64:d8:19:
96:53:91:60:b0:b5:de:cb:65:90:be:30:da:dd:93:88:ec:5e:
82:40:2e:78:dd:2c:35:3f:c3:88:96:08:a9:66:b3:21:36:ab:
02:08:da:a3:94:4e:47:a2:23:f3:08:45:3a:d0:4c:c9:94:b9:
3f:13:ec:89:41:02:b4:51:5d:01:98:c6:6c:03:0e:89:8b:34:
43:27:37:36:ad:ed:6b:df:01:03:cc:9d:c1:9b:06:33:e0:cf:
e5:89:9e:89
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRiJ1GcUMruP0xbh8fIzOVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE0MDAxMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTViMWE1OWRiNmE4YWIxMjZhZmJiODIyYmUxYzM3YmI4ZjJjMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuczOK0+y8E+QXQTnIEq0I5p2BsvG
Nhm0fsCMCfxUDitVBI31dM3/bqPbULodl+8BhRQiRZohUz02idQjTsJT8uweOijJ
Y1FqaMlInj7AlGy/ISh0rwl4RycErM6LdcnUKMCGM9TPClKBftqyvlnUsMKPJ/LA
1Kh07G2oH8jakdshFPAiCHvygBCFYafetbghF6z4Qftvt3Uk4VgJqH09qrvJ0DYW
JOEE9VawBKR2xn0C+xrHXUR5hF33QxOREtTKUMIDGlHNV/xok+eBegcr3VyhFXsU
QAZ7c/mYZpmlZ48PMw6GWqqYGWBlxO9nUJu8+eMwbwdTip1CMhrCEZyACwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFElbGlnbaoqxJq+7givhw3u48sFmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvU1ZzYVdkdHFpckVtcjd1Q0stSERlN2p5d1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAkRAlPDq6pP8bQcW4rycsqO9S
bZ+kivSOX4Ywr39HnMcyOie4znotA6ypis0HHJ8eqDEiknB5Vvc/OBmSi8EZESfw
QocWs0v18xppnPPTAnJ753MRo8sE3uEG64TdMNSLKUELQy8+/1tmW7+tvq2I+naF
zZbNNUFZvW3GJOiQEn5wvDYBirLWuVzq34iFZgerRIiUJyavWG4YdAsRAGW5ZNgZ
llORYLC13stlkL4w2t2TiOxegkAueN0sNT/DiJYIqWazITarAgjao5ROR6Ij8whF
OtBMyZS5PxPsiUECtFFdAZjGbAMOiYs0Qyc3Nq3ta98BA8ydwZsGM+DP5YmeiQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:49:00 2025 by rpki-client