Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W7muX2bzg-XOCdPUB3KgpVwxBnw.roa
File: W7muX2bzg-XOCdPUB3KgpVwxBnw.roa (raw, json)
Hash identifier: Laac4Ka952eBldcMPAKhQYF7TKNqJxhpZ3kmaMU33yM=
Subject key identifier: 5B:B9:AE:5F:66:F3:83:E5:CE:09:D3:D4:07:72:A0:A5:5C:31:06:7C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01946B2B49509ED0CD899A91C796DC373EC0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W7muX2bzg-XOCdPUB3KgpVwxBnw.roa
Signing time: Wed 15 Jan 2025 18:13:06 +0000
ROA not before: Wed 15 Jan 2025 18:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:2b:49:50:9e:d0:cd:89:9a:91:c7:96:dc:37:3e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 15 18:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb9ae5f66f383e5ce09d3d40772a0a55c31067c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a8:ee:a6:c5:49:56:3d:17:e0:b6:7b:2e:a6:
91:04:d2:e2:2c:40:ba:f8:fe:e4:fd:41:79:ae:35:
92:49:fd:9f:a0:3c:12:d4:33:dc:12:fb:34:95:19:
6b:0e:36:9a:2d:6a:e0:1a:e0:cb:06:cb:2f:f3:f5:
f0:a4:c9:51:96:09:39:3d:bc:ca:67:2d:a1:87:8b:
dc:56:ac:e7:04:13:4a:8d:13:41:a5:00:0a:eb:ee:
b0:dc:7e:6a:77:c5:4b:5b:d1:aa:f2:43:01:c0:06:
ca:9c:ec:6c:7f:8b:72:23:f4:4a:d9:9b:c6:92:95:
2d:27:39:57:66:9c:6f:4e:83:07:1c:9e:23:e7:80:
00:b4:a0:55:92:0f:29:50:5b:81:a2:e8:29:2b:17:
1b:be:e6:b8:d1:41:de:f0:55:06:6a:39:2d:26:52:
29:95:54:b5:4d:74:2d:5d:72:9c:28:48:4a:f7:bc:
58:0b:89:78:a3:5c:a3:7d:65:a5:7c:2e:0f:7a:f2:
ea:f3:24:b7:5b:89:02:15:18:f2:53:22:b9:e4:30:
6d:d0:1a:8b:7e:c6:e8:3e:6b:5d:23:ae:ec:c0:a2:
d1:38:11:e5:47:00:c4:5f:ee:4a:5f:8b:9d:56:c5:
b5:cf:14:62:e2:02:e4:c7:ef:32:4a:99:4a:7d:cc:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B9:AE:5F:66:F3:83:E5:CE:09:D3:D4:07:72:A0:A5:5C:31:06:7C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/W7muX2bzg-XOCdPUB3KgpVwxBnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
17:60:02:d0:01:d6:fe:68:65:84:e7:50:0b:1e:da:48:75:24:
19:b1:14:6b:cc:aa:40:99:05:09:e7:a2:f4:38:68:d1:cc:a1:
47:e2:55:8f:9c:4f:d1:82:2e:fa:80:90:d2:74:26:10:95:1a:
6b:84:d8:21:7a:a5:84:0f:39:64:f0:42:6f:f6:d6:18:20:40:
d4:9c:93:3a:b6:45:e3:93:89:47:b5:e8:8b:6f:74:e1:c3:ff:
b2:cc:50:44:8a:70:e8:6d:8a:0d:a6:a5:d8:d3:a2:4f:03:f6:
b9:83:c3:b7:62:b4:c3:f3:ad:a3:63:a1:b7:c8:e3:72:b4:77:
6b:4c:98:a3:fe:76:5c:0e:23:0b:59:17:85:00:b2:b4:25:37:
6a:52:13:0a:ff:60:a7:4b:e7:c0:2f:81:7a:69:0d:94:da:8e:
bd:df:36:dd:3e:7b:bf:6b:81:1c:e9:0e:ce:2d:16:34:0e:05:
3b:18:cd:16:da:3c:97:ec:d9:30:36:34:03:57:ce:91:c8:93:
d1:f0:6b:53:83:e9:4d:be:18:9e:3d:ed:cb:82:35:53:59:15:
3b:47:4d:41:be:51:e3:eb:65:a1:04:50:fc:11:40:3b:33:a3:
de:2f:1f:35:ba:c5:dd:3b:82:b7:36:88:23:b1:2c:d9:8d:1f:
4d:68:a1:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRrK0lQntDNiZqRx5bcNz7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE1MTgxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI5YWU1ZjY2ZjM4M2U1Y2UwOWQzZDQwNzcyYTBhNTVjMzEwNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqjupsVJVj0X4LZ7LqaRBNLiLEC6
+P7k/UF5rjWSSf2foDwS1DPcEvs0lRlrDjaaLWrgGuDLBssv8/XwpMlRlgk5PbzK
Zy2hh4vcVqznBBNKjRNBpQAK6+6w3H5qd8VLW9Gq8kMBwAbKnOxsf4tyI/RK2ZvG
kpUtJzlXZpxvToMHHJ4j54AAtKBVkg8pUFuBougpKxcbvua40UHe8FUGajktJlIp
lVS1TXQtXXKcKEhK97xYC4l4o1yjfWWlfC4PevLq8yS3W4kCFRjyUyK55DBt0BqL
fsboPmtdI67swKLROBHlRwDEX+5KX4udVsW1zxRi4gLkx+8ySplKfczetwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFu5rl9m84PlzgnT1AdyoKVcMQZ8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVzdtdVgyYnpnLVhPQ2RQVUIzS2dwVnd4Qm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAF2AC0AHW/mhlhOdQCx7aSHUk
GbEUa8yqQJkFCeei9Dho0cyhR+JVj5xP0YIu+oCQ0nQmEJUaa4TYIXqlhA85ZPBC
b/bWGCBA1JyTOrZF45OJR7Xoi2904cP/ssxQRIpw6G2KDaal2NOiTwP2uYPDt2K0
w/Oto2Oht8jjcrR3a0yYo/52XA4jC1kXhQCytCU3alITCv9gp0vnwC+BemkNlNqO
vd823T57v2uBHOkOzi0WNA4FOxjNFto8l+zZMDY0A1fOkciT0fBrU4PpTb4Ynj3t
y4I1U1kVO0dNQb5R4+tloQRQ/BFAOzOj3i8fNbrF3TuCtzaII7Es2Y0fTWihQg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:56:39 2025 by rpki-client