Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XJhn3WfjrzzaCjybqBWRpFtrPnI.roa
File: XJhn3WfjrzzaCjybqBWRpFtrPnI.roa (raw, json)
Hash identifier: zE20F0SlLibDNQEgdNhbJ6vYuM1RdAG0dD37D+n7kEc=
Subject key identifier: 5C:98:67:DD:67:E3:AF:3C:DA:0A:3C:9B:A8:15:91:A4:5B:6B:3E:72
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01944070C1E3FD993F6B239375C933336190
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XJhn3WfjrzzaCjybqBWRpFtrPnI.roa
Signing time: Tue 07 Jan 2025 11:05:18 +0000
ROA not before: Tue 07 Jan 2025 11:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:4070:2e0d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:70:c1:e3:fd:99:3f:6b:23:93:75:c9:33:33:61:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 11:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c9867dd67e3af3cda0a3c9ba81591a45b6b3e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4c:ff:2b:b6:69:28:7c:ec:66:31:19:05:18:
2c:9a:cd:b5:76:13:07:1d:f2:20:19:a4:4b:ef:f0:
e6:f6:dd:7d:f6:c7:66:61:e3:e8:99:99:41:00:50:
ff:97:3f:05:72:36:27:60:81:af:07:e4:4a:08:0a:
66:fb:4b:2d:72:85:30:df:4f:df:63:b3:36:db:7e:
99:ab:f5:16:ae:d5:2e:1d:54:6d:e4:18:df:d2:b6:
13:f0:2e:da:5f:49:24:1a:01:5e:16:7f:fc:17:a0:
d2:95:a0:99:3e:0a:dd:56:15:a5:af:1d:6d:40:bb:
72:e3:cb:58:f9:57:9a:4f:be:27:f4:69:9c:a4:25:
7a:6c:09:97:02:be:18:27:2e:1d:f8:d0:43:22:2b:
94:7e:2e:d7:57:eb:3d:1a:b9:6f:1a:65:9d:ad:b3:
64:88:9c:e9:86:ff:bd:01:3e:7b:cb:bf:f4:da:c6:
6c:25:d8:bd:da:92:c0:5d:aa:76:47:29:96:c8:b8:
99:18:26:31:97:40:0a:ef:fa:9f:6b:1d:3d:e1:d5:
a3:dd:80:15:2f:00:92:7f:92:96:46:67:dc:2b:8f:
8b:0e:58:98:49:eb:17:37:7d:9c:7e:d4:77:ef:57:
ba:e5:ec:a4:bd:fe:10:ea:91:c5:f4:2d:69:67:0e:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:98:67:DD:67:E3:AF:3C:DA:0A:3C:9B:A8:15:91:A4:5B:6B:3E:72
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XJhn3WfjrzzaCjybqBWRpFtrPnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:4070:2e0d/128
Signature Algorithm: sha256WithRSAEncryption
35:6e:58:6e:05:f2:8e:29:5e:49:dc:47:5b:f9:e7:da:18:43:
c2:13:1e:03:9e:fb:74:93:0b:f6:a6:48:4b:74:fd:3b:b9:91:
ff:e5:1e:f5:ea:ce:29:34:ab:f9:78:31:c4:ee:89:7d:3e:7c:
ef:7e:34:1c:e9:e6:a5:df:73:a6:bb:48:2b:0d:c6:61:a7:65:
b1:65:a0:50:fe:bf:2a:93:f1:ce:60:f2:5f:7e:7e:0a:33:a8:
0f:9d:f7:e0:82:4c:cd:ef:7d:0f:e7:ae:87:17:7e:f3:12:93:
bd:90:fb:18:11:ab:ef:0a:54:78:d8:ad:8f:37:3a:7a:44:0e:
b0:50:30:7e:5c:2e:ce:2c:f2:a0:3e:3f:83:a5:dc:f1:77:c7:
d2:55:85:b3:a0:2e:d0:9e:6c:8f:b0:4a:91:ec:1a:ad:09:6e:
ab:6b:cb:29:85:58:30:b4:81:64:9d:95:4f:20:83:5f:29:2e:
f7:2e:59:be:cd:d3:b5:e9:46:2c:38:77:5d:89:2b:ac:6e:84:
cd:73:5e:eb:33:75:7c:5a:2a:89:1e:48:9b:19:e0:53:22:e8:
d5:d8:3e:53:b1:12:12:cc:0f:b2:9d:02:65:00:64:a2:87:90:
7a:46:7d:1a:44:83:0b:c0:eb:4d:fa:2f:22:f2:1e:4d:b4:58:
42:5a:9c:9f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRAcMHj/Zk/ayOTdckzM2GQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MTEwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk4NjdkZDY3ZTNhZjNjZGEwYTNjOWJhODE1OTFhNDViNmIzZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kz/K7ZpKHzsZjEZBRgsms21dhMH
HfIgGaRL7/Dm9t199sdmYePomZlBAFD/lz8FcjYnYIGvB+RKCApm+0stcoUw30/f
Y7M2236Zq/UWrtUuHVRt5Bjf0rYT8C7aX0kkGgFeFn/8F6DSlaCZPgrdVhWlrx1t
QLty48tY+VeaT74n9GmcpCV6bAmXAr4YJy4d+NBDIiuUfi7XV+s9GrlvGmWdrbNk
iJzphv+9AT57y7/02sZsJdi92pLAXap2RymWyLiZGCYxl0AK7/qfax094dWj3YAV
LwCSf5KWRmfcK4+LDliYSesXN32cftR371e65eykvf4Q6pHF9C1pZw50mQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFyYZ91n46882go8m6gVkaRbaz5yMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEpobjNXZmpyenphQ2p5YnFCV1JwRnRyUG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlEBwLg0wDQYJKoZIhvcNAQELBQADggEB
ADVuWG4F8o4pXkncR1v559oYQ8ITHgOe+3STC/amSEt0/Tu5kf/lHvXqzik0q/l4
McTuiX0+fO9+NBzp5qXfc6a7SCsNxmGnZbFloFD+vyqT8c5g8l9+fgozqA+d9+CC
TM3vfQ/nrocXfvMSk72Q+xgRq+8KVHjYrY83OnpEDrBQMH5cLs4s8qA+P4Ol3PF3
x9JVhbOgLtCebI+wSpHsGq0JbqtryymFWDC0gWSdlU8gg18pLvcuWb7N07XpRiw4
d12JK6xuhM1zXuszdXxaKokeSJsZ4FMi6NXYPlOxEhLMD7KdAmUAZKKHkHpGfRpE
gwvA6036LyLyHk20WEJanJ8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:27:56 2025 by rpki-client