Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAVBpus9hyyiw8uL1VBeCWY0OgA.roa
File: XAVBpus9hyyiw8uL1VBeCWY0OgA.roa (raw, json)
Hash identifier: WrFNlXqM+v+LToE1R6Gnu+PROB+oFBMHkq3QAYyj+As=
Subject key identifier: 5C:05:41:A6:EB:3D:87:2C:A2:C3:CB:8B:D5:50:5E:09:66:34:3A:00
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01947E451F39FF9E3F569E86BE5E1ECE5254
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAVBpus9hyyiw8uL1VBeCWY0OgA.roa
Signing time: Sun 19 Jan 2025 11:14:06 +0000
ROA not before: Sun 19 Jan 2025 11:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7e:45:1f:39:ff:9e:3f:56:9e:86:be:5e:1e:ce:52:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 19 11:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c0541a6eb3d872ca2c3cb8bd5505e0966343a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:5a:3e:d4:26:03:6d:8b:c4:a0:5c:11:ea:
0d:e3:09:05:0d:5b:c0:31:77:75:3b:62:04:ba:2a:
c8:f6:e7:22:7f:7c:ed:c8:82:e3:db:32:f5:81:a0:
78:dd:3c:c7:e2:04:6d:cf:e3:f4:83:3c:e4:b1:b7:
83:85:5b:53:ef:29:06:f2:ca:e0:f9:7f:df:c1:3d:
27:2a:08:cb:62:18:e9:b5:b2:38:84:5e:fa:54:be:
69:52:2f:09:29:91:16:29:6a:ca:68:65:b5:73:ad:
57:71:41:83:55:b5:55:0b:5e:03:7e:f0:4d:4c:59:
07:28:89:8b:39:78:65:78:ff:54:2f:88:a3:cd:a9:
b3:b0:f2:55:31:e4:3d:1f:e0:1a:f0:1a:ad:8e:95:
fd:df:6c:78:49:24:c3:46:30:f6:cc:b6:83:bc:64:
be:f9:0d:5f:e2:3b:26:71:69:3c:f4:b1:1a:5b:b2:
53:f5:1a:6f:65:ee:66:98:58:f4:be:83:e4:ed:39:
ce:b3:eb:f0:c8:bd:ff:c6:a8:2a:e3:d5:65:5b:6c:
8f:98:88:d3:87:e0:3c:5c:ec:2c:fc:b9:47:fe:84:
91:11:a5:ed:02:02:7b:c8:19:a9:f1:9c:7f:65:a3:
d4:ca:3d:91:d6:49:8e:d0:cd:d4:47:02:89:b2:15:
d2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:41:A6:EB:3D:87:2C:A2:C3:CB:8B:D5:50:5E:09:66:34:3A:00
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XAVBpus9hyyiw8uL1VBeCWY0OgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
17:b7:6d:92:b7:70:a0:f4:3e:c7:86:c1:4a:96:31:c3:f1:ea:
d2:8c:3d:8d:18:43:ce:bc:6f:8d:fd:e1:db:28:bc:68:89:79:
3a:1c:29:c0:b9:e4:37:64:6d:97:04:a2:4a:15:7f:c6:50:e8:
3b:28:d6:69:34:1c:1a:46:98:50:29:5a:9e:9a:07:d8:82:9e:
f0:05:8d:a1:82:2e:85:c5:73:04:84:a2:a8:f3:6d:03:08:d9:
92:aa:42:b2:79:f7:c0:c2:11:4c:30:80:c1:5c:c4:60:cd:9d:
71:c9:1f:09:57:3a:ab:92:23:35:0f:91:5a:59:1d:95:27:b2:
c9:53:72:c5:c2:75:92:0a:cc:63:c1:0f:4f:57:33:24:25:c3:
cd:6a:0f:a1:5e:a4:a0:80:32:3a:1b:a1:76:2f:de:be:de:4c:
cd:38:0f:64:b4:3e:44:56:9f:18:19:4e:61:c8:38:7f:6c:91:
d1:3a:04:2c:d3:7e:a7:90:75:bd:38:f8:79:b3:78:5c:36:b6:
dd:01:c0:0f:28:74:06:5d:bf:c3:5b:f4:e0:df:55:77:e3:9d:
c0:10:e0:a6:c3:fb:ec:f9:36:6d:56:b4:b5:87:97:0c:2e:07:
f9:29:35:d4:08:89:6e:dc:34:65:40:4d:a0:55:37:7f:13:f7:
aa:ad:ee:2e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZR+RR85/54/Vp6Gvl4ezlJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE5MTExNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1NDFhNmViM2Q4NzJjYTJjM2NiOGJkNTUwNWUwOTY2MzQzYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2xaPtQmA22LxKBcEeoN4wkFDVvA
MXd1O2IEuirI9ucif3ztyILj2zL1gaB43TzH4gRtz+P0gzzksbeDhVtT7ykG8srg
+X/fwT0nKgjLYhjptbI4hF76VL5pUi8JKZEWKWrKaGW1c61XcUGDVbVVC14DfvBN
TFkHKImLOXhleP9UL4ijzamzsPJVMeQ9H+Aa8BqtjpX932x4SSTDRjD2zLaDvGS+
+Q1f4jsmcWk89LEaW7JT9RpvZe5mmFj0voPk7TnOs+vwyL3/xqgq49VlW2yPmIjT
h+A8XOws/LlH/oSREaXtAgJ7yBmp8Zx/ZaPUyj2R1kmO0M3URwKJshXSLQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFwFQabrPYcsosPLi9VQXglmNDoAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEFWQnB1czloeXlpdzh1TDFWQmVDV1kwT2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAF7dtkrdwoPQ+x4bBSpYxw/Hq
0ow9jRhDzrxvjf3h2yi8aIl5OhwpwLnkN2RtlwSiShV/xlDoOyjWaTQcGkaYUCla
npoH2IKe8AWNoYIuhcVzBISiqPNtAwjZkqpCsnn3wMIRTDCAwVzEYM2dcckfCVc6
q5IjNQ+RWlkdlSeyyVNyxcJ1kgrMY8EPT1czJCXDzWoPoV6koIAyOhuhdi/evt5M
zTgPZLQ+RFafGBlOYcg4f2yR0ToELNN+p5B1vTj4ebN4XDa23QHADyh0Bl2/w1v0
4N9Vd+OdwBDgpsP77Pk2bVa0tYeXDC4H+Sk11AiJbtw0ZUBNoFU3fxP3qq3uLg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:41:48 2025 by rpki-client