Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VKpYN-8ikJh6H1fztl3oqAQ-Rt4.roa
File: VKpYN-8ikJh6H1fztl3oqAQ-Rt4.roa (raw, json)
Hash identifier: P/4lj0w4fBAsjxtwip/IKEk4aAAxglrxGU1zt9elMQQ=
Subject key identifier: 54:AA:58:37:EF:22:90:98:7A:1F:57:F3:B6:5D:E8:A8:04:3E:46:DE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194870E91F88787BBC52E1EE93D7F004921
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VKpYN-8ikJh6H1fztl3oqAQ-Rt4.roa
Signing time: Tue 21 Jan 2025 04:11:06 +0000
ROA not before: Tue 21 Jan 2025 04:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:87:0e:91:f8:87:87:bb:c5:2e:1e:e9:3d:7f:00:49:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 21 04:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54aa5837ef2290987a1f57f3b65de8a8043e46de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:47:40:25:ad:d1:8c:2e:92:b2:86:4d:db:f1:
8c:01:4e:4b:4c:e6:28:74:61:bc:e6:19:bb:97:df:
6a:c2:ec:93:27:19:5b:fe:b6:fd:9e:72:d5:c1:64:
73:20:e1:2b:10:b4:30:aa:41:8a:d6:05:d9:6b:e5:
ca:cd:46:da:48:aa:46:0d:b2:58:1e:70:70:4e:d5:
53:55:30:cb:97:a1:7e:aa:70:d4:63:f8:c1:92:e0:
80:47:e8:a9:21:10:fa:71:3c:c9:de:2f:35:fc:ba:
04:b7:8e:1e:9d:53:3e:a1:4c:36:bc:95:fd:b6:cc:
b4:7c:b2:db:23:ef:60:da:07:68:37:98:df:a3:8d:
2d:62:79:79:3e:02:58:8a:f5:d7:99:cb:19:f4:b6:
46:98:10:e9:21:4d:a6:d5:81:e4:3d:44:dc:54:c5:
4d:26:ea:e3:7c:da:03:ce:6d:84:f9:f7:d2:dd:4a:
45:11:49:4f:c3:a5:6c:55:9a:98:e1:04:fc:6b:a9:
68:10:a1:17:f7:34:64:27:d1:3f:4d:94:6d:6a:cd:
69:2e:fa:99:57:6b:3a:f2:af:07:21:9d:8a:46:8a:
33:ba:d2:c8:51:30:44:bf:67:2a:79:b4:de:3f:38:
ec:71:35:74:93:26:dc:a6:6e:83:e6:9c:22:6c:c1:
69:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AA:58:37:EF:22:90:98:7A:1F:57:F3:B6:5D:E8:A8:04:3E:46:DE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VKpYN-8ikJh6H1fztl3oqAQ-Rt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
90:08:8d:1f:9a:db:84:09:e1:81:ac:45:79:5c:49:ea:36:9d:
0f:8e:6e:d5:9c:a6:fb:87:87:15:94:f9:bc:f4:e9:73:ba:2c:
41:67:17:19:4e:8c:2e:f8:98:d8:c0:39:4f:f7:e7:08:8e:e4:
d1:0d:01:0d:d2:fb:f9:ae:50:f8:05:50:36:7a:91:72:5d:0d:
93:4a:3b:7b:4e:0a:c2:71:8c:e5:2b:25:f8:24:34:c3:39:5d:
2d:da:65:55:c2:c5:32:f5:11:38:c2:dd:39:5f:53:2f:ef:d7:
24:ae:9a:20:07:79:51:8b:8b:58:38:8f:cf:2c:d6:70:c9:e8:
c7:b3:28:c0:93:f3:8a:ae:d8:b1:27:11:dc:dd:5d:48:dd:f9:
35:e2:98:b2:15:0b:49:c1:5d:d1:df:58:7e:b8:ca:19:03:c7:
0a:83:81:d5:93:8e:d0:a9:2b:d7:d4:bf:ce:b3:fe:55:2b:03:
e6:da:b8:68:7b:24:b5:8b:35:30:b3:bf:1f:82:86:98:34:b9:
3a:69:48:15:68:62:55:6c:1a:10:e2:54:dc:e9:dd:60:b9:3c:
b2:a6:99:2b:dd:11:ea:4b:f6:8c:80:b8:2a:94:aa:7a:04:50:
38:9e:66:5c:4a:38:78:8b:da:8f:5c:01:03:34:32:50:ce:da:
9f:00:1d:67
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSHDpH4h4e7xS4e6T1/AEkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTIxMDQxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGFhNTgzN2VmMjI5MDk4N2ExZjU3ZjNiNjVkZThhODA0M2U0NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUdAJa3RjC6SsoZN2/GMAU5LTOYo
dGG85hm7l99qwuyTJxlb/rb9nnLVwWRzIOErELQwqkGK1gXZa+XKzUbaSKpGDbJY
HnBwTtVTVTDLl6F+qnDUY/jBkuCAR+ipIRD6cTzJ3i81/LoEt44enVM+oUw2vJX9
tsy0fLLbI+9g2gdoN5jfo40tYnl5PgJYivXXmcsZ9LZGmBDpIU2m1YHkPUTcVMVN
JurjfNoDzm2E+ffS3UpFEUlPw6VsVZqY4QT8a6loEKEX9zRkJ9E/TZRtas1pLvqZ
V2s68q8HIZ2KRoozutLIUTBEv2cqebTePzjscTV0kybcpm6D5pwibMFpVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFSqWDfvIpCYeh9X87Zd6KgEPkbeMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVktwWU4tOGlrSmg2SDFmenRsM29xQVEtUnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAkAiNH5rbhAnhgaxFeVxJ6jad
D45u1Zym+4eHFZT5vPTpc7osQWcXGU6MLviY2MA5T/fnCI7k0Q0BDdL7+a5Q+AVQ
NnqRcl0Nk0o7e04KwnGM5Ssl+CQ0wzldLdplVcLFMvUROMLdOV9TL+/XJK6aIAd5
UYuLWDiPzyzWcMnox7MowJPziq7YsScR3N1dSN35NeKYshULScFd0d9YfrjKGQPH
CoOB1ZOO0Kkr19S/zrP+VSsD5tq4aHsktYs1MLO/H4KGmDS5OmlIFWhiVWwaEOJU
3OndYLk8sqaZK90R6kv2jIC4KpSqegRQOJ5mXEo4eIvaj1wBAzQyUM7anwAdZw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:58 2025 by rpki-client