Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XE4WrhPb3o7BgTj-5RDol2xLTNM.roa
File: XE4WrhPb3o7BgTj-5RDol2xLTNM.roa (raw, json)
Hash identifier: ehc6oyl4gkKkIA4wXQX1CsW038ksL3PU02R83i/K+8A=
Subject key identifier: 5C:4E:16:AE:13:DB:DE:8E:C1:81:38:FE:E5:10:E8:97:6C:4B:4C:D3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191B34BABADAC194382993B33A9276CDC4B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XE4WrhPb3o7BgTj-5RDol2xLTNM.roa
Signing time: Mon 02 Sep 2024 15:12:46 +0000
ROA not before: Mon 02 Sep 2024 15:12:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:4b:ab:ad:ac:19:43:82:99:3b:33:a9:27:6c:dc:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 2 15:12:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c4e16ae13dbde8ec18138fee510e8976c4b4cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6c:ea:0c:85:1e:05:7a:90:ff:52:91:9b:dd:
07:1c:ee:69:46:ba:f5:c0:e7:25:a8:fc:87:d0:2c:
fe:fe:42:62:24:bd:06:26:db:57:e5:52:9d:60:1c:
f1:ca:b5:b9:8d:c7:46:ef:7e:2f:cb:84:a2:c5:da:
87:1a:b9:36:30:b9:5e:56:25:ae:77:03:07:24:b3:
d9:6b:de:77:92:8d:cf:8a:e3:91:67:68:92:14:61:
e0:54:4c:b5:60:bd:8b:0b:c7:b8:9a:ca:df:36:50:
30:23:f8:ea:83:85:ea:9e:d4:89:f6:a7:4a:35:eb:
6a:50:2a:f0:c8:a2:d7:cd:03:d1:70:be:76:67:eb:
c7:19:f9:99:5d:9e:67:11:73:58:c1:65:ef:20:78:
d4:9a:d0:c2:88:6f:df:6a:e3:62:59:00:94:a7:93:
85:f9:e0:58:91:1a:ac:71:10:58:0c:01:77:54:2b:
41:ae:de:40:5b:84:17:77:44:f0:20:2b:4c:2c:4e:
63:40:44:ea:d7:38:ca:fb:f8:5f:b7:34:03:00:7c:
21:69:0d:7a:1a:eb:61:92:d6:59:4c:70:34:38:fc:
ac:e3:fa:4f:83:9d:56:9f:dc:98:28:94:26:df:92:
2d:83:70:f4:31:ed:c9:78:f5:70:3c:57:61:44:27:
a8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4E:16:AE:13:DB:DE:8E:C1:81:38:FE:E5:10:E8:97:6C:4B:4C:D3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XE4WrhPb3o7BgTj-5RDol2xLTNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
1b:03:6d:ac:33:9f:0c:79:d4:ac:62:d6:8e:ad:ab:cb:82:42:
16:10:73:be:c1:b4:fc:fc:b0:ad:67:ee:8b:ec:a0:14:7a:62:
c7:7e:87:c5:92:8a:84:c7:ef:1c:e6:66:a0:5d:ce:c3:47:53:
51:2c:36:56:8c:2e:bf:05:8c:1b:3b:70:91:30:65:02:66:3e:
ef:47:1f:cc:ba:0c:0e:7f:d8:2d:ca:32:82:51:b6:71:69:9c:
13:5c:27:3c:5a:ac:83:16:ba:50:bd:c5:05:d3:3a:7e:c1:55:
f0:3b:18:b7:44:97:e4:2e:9e:2f:2c:cf:2a:7c:21:9a:e6:d2:
42:13:63:2d:68:af:52:26:ee:dc:cc:5d:bc:10:06:cc:1a:1c:
ca:ef:ce:dd:cb:89:50:fe:6a:36:c1:e5:74:7c:ba:0d:cc:29:
97:a3:05:4b:1d:75:36:7d:f5:0b:e0:86:4b:98:e6:5e:dc:57:
c7:82:44:04:37:f0:b7:37:1a:f0:55:d1:32:e4:7d:c3:2e:78:
ba:92:4f:93:e8:80:0a:21:c5:40:21:f7:34:24:8d:79:ee:d8:
05:03:3c:07:9f:0f:55:fc:39:5d:33:c5:06:93:05:65:5e:f4:
81:15:9b:2d:39:ab:0c:ca:3b:34:08:70:27:d0:77:76:ca:b0:
b7:45:42:54
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGzS6utrBlDgpk7M6knbNxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAyMTUxMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRlMTZhZTEzZGJkZThlYzE4MTM4ZmVlNTEwZTg5NzZjNGI0Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWzqDIUeBXqQ/1KRm90HHO5pRrr1
wOclqPyH0Cz+/kJiJL0GJttX5VKdYBzxyrW5jcdG734vy4SixdqHGrk2MLleViWu
dwMHJLPZa953ko3PiuORZ2iSFGHgVEy1YL2LC8e4msrfNlAwI/jqg4XqntSJ9qdK
NetqUCrwyKLXzQPRcL52Z+vHGfmZXZ5nEXNYwWXvIHjUmtDCiG/fauNiWQCUp5OF
+eBYkRqscRBYDAF3VCtBrt5AW4QXd0TwICtMLE5jQETq1zjK+/hftzQDAHwhaQ16
GuthktZZTHA0OPys4/pPg51Wn9yYKJQm35Itg3D0Me3JePVwPFdhRCeoGQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFxOFq4T296OwYE4/uUQ6JdsS0zTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEU0V3JoUGIzbzdCZ1RqLTVSRG9sMnhMVE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAGwNtrDOfDHnUrGLWjq2ry4JC
FhBzvsG0/PywrWfui+ygFHpix36HxZKKhMfvHOZmoF3Ow0dTUSw2VowuvwWMGztw
kTBlAmY+70cfzLoMDn/YLcoyglG2cWmcE1wnPFqsgxa6UL3FBdM6fsFV8DsYt0SX
5C6eLyzPKnwhmubSQhNjLWivUibu3MxdvBAGzBocyu/O3cuJUP5qNsHldHy6Dcwp
l6MFSx11Nn31C+CGS5jmXtxXx4JEBDfwtzca8FXRMuR9wy54upJPk+iACiHFQCH3
NCSNee7YBQM8B58PVfw5XTPFBpMFZV70gRWbLTmrDMo7NAhwJ9B3dsqwt0VCVA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:24:31 2025 by rpki-client