Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WTq-iB52VWIH20Hm6Qb-eOcfll8.roa
File: WTq-iB52VWIH20Hm6Qb-eOcfll8.roa (raw, json)
Hash identifier: ozkeT4WXWz61z6YjQaHXVa+p2YqryeuyaNtbja0Q4wo=
Subject key identifier: 59:3A:BE:88:1E:76:55:62:07:DB:41:E6:E9:06:FE:78:E7:1F:96:5F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019430954F2ACB60395696E72E52CC985965
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WTq-iB52VWIH20Hm6Qb-eOcfll8.roa
Signing time: Sat 04 Jan 2025 09:11:19 +0000
ROA not before: Sat 04 Jan 2025 09:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:30:95:4f:2a:cb:60:39:56:96:e7:2e:52:cc:98:59:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 4 09:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=593abe881e76556207db41e6e906fe78e71f965f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:3e:9b:c2:67:fd:da:b6:57:e3:67:36:0a:
5c:a5:8b:1f:07:23:24:b9:2b:98:8f:e9:9c:cc:e3:
87:c6:ab:3e:3d:97:2d:3c:53:07:9e:ee:86:e2:3b:
3a:ed:e4:89:81:4e:20:21:58:d6:91:51:95:e1:fa:
74:e5:0a:13:38:68:17:f0:c4:4f:e5:d9:4d:28:3a:
f1:49:4e:71:32:f8:90:15:04:f7:49:d1:73:e3:ce:
34:0c:4f:63:47:b3:22:49:44:a2:b7:5b:24:7b:68:
75:69:4e:92:dd:1d:0d:11:e6:35:6f:bc:5e:f0:43:
54:5e:a5:5d:55:5e:64:78:3d:66:c4:e8:73:66:b6:
34:f2:16:3c:50:cf:3f:1e:ae:22:54:25:b0:76:f5:
3c:0e:b0:b6:59:33:3a:e3:50:7b:43:4c:d7:7f:3f:
77:48:33:22:65:90:43:04:36:33:db:7d:30:8d:09:
20:20:62:cb:cc:56:2d:72:e8:0b:03:cc:19:29:f1:
cf:b5:5b:22:d0:14:97:41:d4:63:cb:fe:6c:fd:04:
d7:7c:87:b9:49:6b:85:8e:27:4f:7f:70:c4:c8:ec:
e6:88:cb:5c:d7:b1:80:4f:07:6f:53:34:60:7f:9f:
4b:65:b5:d4:82:8b:a3:31:67:48:73:7c:89:de:9a:
21:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3A:BE:88:1E:76:55:62:07:DB:41:E6:E9:06:FE:78:E7:1F:96:5F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WTq-iB52VWIH20Hm6Qb-eOcfll8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
2d:36:29:3a:b5:34:39:f7:c0:fd:f7:c5:39:99:f7:8c:30:a7:
9f:f8:e8:0d:f3:27:73:c1:9a:ec:cb:36:7e:0d:49:dd:39:fd:
69:66:33:80:60:9a:52:2f:f4:de:20:2a:4a:2f:ee:25:e8:4d:
d1:42:e2:72:ca:6e:be:3f:88:a6:c8:91:9e:b7:d9:8c:7d:25:
40:6f:8c:4b:10:5d:b4:7b:7e:5b:7a:e8:97:88:da:6a:46:d8:
66:d8:67:56:d7:7c:f6:97:ad:3c:bc:98:3b:2e:99:9d:ea:04:
b9:88:94:5c:41:eb:38:04:3a:db:d4:a4:b4:01:4a:66:5c:64:
41:82:69:cc:c8:93:81:17:ab:73:5a:76:61:b4:c9:05:52:83:
f6:19:e8:26:b9:2f:78:76:76:be:73:47:71:52:ed:f6:10:71:
75:43:74:55:bb:2a:7c:6f:9e:02:3a:e3:90:46:6d:c6:a4:12:
84:eb:32:40:ea:86:5b:03:bb:af:fb:5a:02:71:a8:af:c6:a6:
6a:8a:87:44:ce:74:70:d5:7d:08:6d:27:bf:51:a8:45:4b:89:
62:78:12:e0:c1:ad:92:87:42:1f:89:22:e9:56:75:c3:8c:cd:
58:fa:52:b0:ed:c3:ca:a3:17:ed:01:b9:0e:b9:d5:d7:35:88:
5c:8d:f7:f0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQwlU8qy2A5VpbnLlLMmFllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA0MDkxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNhYmU4ODFlNzY1NTYyMDdkYjQxZTZlOTA2ZmU3OGU3MWY5NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukg+m8Jn/dq2V+NnNgpcpYsfByMk
uSuYj+mczOOHxqs+PZctPFMHnu6G4js67eSJgU4gIVjWkVGV4fp05QoTOGgX8MRP
5dlNKDrxSU5xMviQFQT3SdFz4840DE9jR7MiSUSit1ske2h1aU6S3R0NEeY1b7xe
8ENUXqVdVV5keD1mxOhzZrY08hY8UM8/Hq4iVCWwdvU8DrC2WTM641B7Q0zXfz93
SDMiZZBDBDYz230wjQkgIGLLzFYtcugLA8wZKfHPtVsi0BSXQdRjy/5s/QTXfIe5
SWuFjidPf3DEyOzmiMtc17GATwdvUzRgf59LZbXUgoujMWdIc3yJ3pohywIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFk6vogedlViB9tB5ukG/njnH5ZfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV1RxLWlCNTJWV0lIMjBIbTZRYi1lT2NmbGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEALTYpOrU0OffA/ffFOZn3jDCn
n/joDfMnc8Ga7Ms2fg1J3Tn9aWYzgGCaUi/03iAqSi/uJehN0ULicspuvj+IpsiR
nrfZjH0lQG+MSxBdtHt+W3rol4jaakbYZthnVtd89petPLyYOy6ZneoEuYiUXEHr
OAQ629SktAFKZlxkQYJpzMiTgRerc1p2YbTJBVKD9hnoJrkveHZ2vnNHcVLt9hBx
dUN0VbsqfG+eAjrjkEZtxqQShOsyQOqGWwO7r/taAnGor8amaoqHRM50cNV9CG0n
v1GoRUuJYngS4MGtkodCH4ki6VZ1w4zNWPpSsO3DyqMX7QG5DrnV1zWIXI338A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:09:47 2025 by rpki-client