Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XvZisXg1znk26dGJ7mXTLb-W9hg.roa
File: XvZisXg1znk26dGJ7mXTLb-W9hg.roa (raw, json)
Hash identifier: bLqgy5v0ZvZHoF5j29Wssa2wvPltAi3nV8P1O+3at1w=
Subject key identifier: 5E:F6:62:B1:78:35:CE:79:36:E9:D1:89:EE:65:D3:2D:BF:96:F6:18
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959B023CF6DB6E1776A0D243CBB5C72E11
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XvZisXg1znk26dGJ7mXTLb-W9hg.roa
Signing time: Sat 15 Mar 2025 18:12:49 +0000
ROA not before: Sat 15 Mar 2025 18:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9b:02:3c:f6:db:6e:17:76:a0:d2:43:cb:b5:c7:2e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 18:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ef662b17835ce7936e9d189ee65d32dbf96f618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:d2:e6:58:74:9b:03:1c:87:da:9e:cc:08:
2d:a1:fd:90:91:4e:08:67:e6:ac:0b:0f:6b:3a:0d:
45:82:70:de:aa:34:ba:8b:7d:5c:12:12:de:b8:90:
9f:85:fe:9c:61:18:46:1e:49:25:e4:c6:73:b0:3a:
88:a9:ef:8b:05:73:de:83:df:9d:34:2d:f3:0a:18:
1f:51:fb:13:38:36:67:15:c2:79:f9:11:c3:e3:75:
e6:81:65:e7:fa:40:ad:0b:ab:f4:f4:36:f6:97:f1:
46:cb:5f:c6:38:f0:97:dc:76:3e:b2:1a:02:fd:57:
6e:1d:29:54:58:be:a6:b4:53:a3:dd:fd:cc:c0:ed:
54:96:23:6f:8d:9a:9d:37:c3:59:55:d1:96:47:aa:
96:03:fe:7d:6a:8e:91:eb:52:4f:92:64:fe:2c:26:
39:40:41:8b:66:e8:e7:55:56:ce:12:cc:f4:53:99:
df:1e:48:6c:a4:ab:d4:9d:03:96:1c:ab:f7:64:49:
ef:78:ae:82:91:53:cf:19:fa:e2:7d:ad:ba:86:20:
69:5c:4d:36:e3:ed:b7:70:1b:65:9a:45:14:e3:c1:
ba:9c:6f:05:28:6e:5f:75:b6:59:5d:8a:ff:a8:8e:
7e:03:89:50:aa:67:02:93:dc:95:90:50:4a:4d:aa:
96:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F6:62:B1:78:35:CE:79:36:E9:D1:89:EE:65:D3:2D:BF:96:F6:18
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XvZisXg1znk26dGJ7mXTLb-W9hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
3c:23:c9:e9:e0:f0:d9:88:4a:69:1a:2d:9a:b2:9e:11:7d:3c:
22:38:57:1b:89:a7:a6:43:82:fd:34:fa:2b:80:99:ab:b3:84:
21:09:70:3b:32:55:3b:2f:d6:d8:bb:9e:29:1c:06:8f:ec:21:
86:62:75:75:7e:ec:82:00:62:f3:e8:ff:d3:7d:a4:c8:43:21:
84:86:21:68:6e:55:6d:2a:5d:e1:4c:e5:ab:87:20:f8:73:9a:
37:e0:32:f1:af:d9:35:68:21:10:62:3c:74:17:7c:1f:0c:8a:
1b:cd:2d:2a:94:69:f1:83:8e:c8:f9:0d:e5:52:79:08:f6:84:
b6:86:4f:d9:6c:70:d9:9f:8d:2e:02:4e:fb:43:ac:d3:9e:26:
12:96:a5:0a:44:f6:4b:42:98:5c:0f:93:c3:4b:f7:5c:72:5b:
f1:db:ce:f7:12:84:5b:5c:3d:15:e8:a2:15:0d:6f:ea:5d:ee:
70:2a:ce:42:4f:f8:b4:a1:e2:ab:0a:3d:07:8a:67:c9:f5:33:
a2:9c:5f:e5:26:b5:f1:99:79:7d:63:f9:fa:66:cf:b8:8d:97:
c0:cc:a9:cc:fb:83:7b:91:08:62:29:ff:1b:9e:5a:19:68:9f:
fe:bf:4c:d8:63:b9:d4:c5:c7:0e:dc:59:ab:7b:58:9d:d7:d4:
a1:b0:41:91
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWbAjz2224XdqDSQ8u1xy4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MTgxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY2NjJiMTc4MzVjZTc5MzZlOWQxODllZTY1ZDMyZGJmOTZmNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HPS5lh0mwMch9qezAgtof2QkU4I
Z+asCw9rOg1FgnDeqjS6i31cEhLeuJCfhf6cYRhGHkkl5MZzsDqIqe+LBXPeg9+d
NC3zChgfUfsTODZnFcJ5+RHD43XmgWXn+kCtC6v09Db2l/FGy1/GOPCX3HY+shoC
/VduHSlUWL6mtFOj3f3MwO1UliNvjZqdN8NZVdGWR6qWA/59ao6R61JPkmT+LCY5
QEGLZujnVVbOEsz0U5nfHkhspKvUnQOWHKv3ZEnveK6CkVPPGfrifa26hiBpXE02
4+23cBtlmkUU48G6nG8FKG5fdbZZXYr/qI5+A4lQqmcCk9yVkFBKTaqWYQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF72YrF4Nc55NunRie5l0y2/lvYYMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWHZaaXNYZzF6bmsyNmRHSjdtWFRMYi1XOWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAPCPJ6eDw2YhKaRotmrKeEX08
IjhXG4mnpkOC/TT6K4CZq7OEIQlwOzJVOy/W2LueKRwGj+whhmJ1dX7sggBi8+j/
032kyEMhhIYhaG5VbSpd4Uzlq4cg+HOaN+Ay8a/ZNWghEGI8dBd8HwyKG80tKpRp
8YOOyPkN5VJ5CPaEtoZP2Wxw2Z+NLgJO+0Os054mEpalCkT2S0KYXA+Tw0v3XHJb
8dvO9xKEW1w9FeiiFQ1v6l3ucCrOQk/4tKHiqwo9B4pnyfUzopxf5Sa18Zl5fWP5
+mbPuI2XwMypzPuDe5EIYin/G55aGWif/r9M2GO51MXHDtxZq3tYndfUobBBkQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:17:22 2025 by rpki-client