Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_02KJFc3-dXZ6rWUcfPo3nCwiLo.roa
File: _02KJFc3-dXZ6rWUcfPo3nCwiLo.roa (raw, json)
Hash identifier: JWyoQZ6JdxTF+r/JBH/8X0y3PcE9e9ohVd8UEw20DBU=
Subject key identifier: FF:4D:8A:24:57:37:F9:D5:D9:EA:B5:94:71:F3:E8:DE:70:B0:88:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019599EEA9ABD852663411A3920FC83F3903
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_02KJFc3-dXZ6rWUcfPo3nCwiLo.roa
Signing time: Sat 15 Mar 2025 13:11:49 +0000
ROA not before: Sat 15 Mar 2025 13:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:ee:a9:ab:d8:52:66:34:11:a3:92:0f:c8:3f:39:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 13:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff4d8a245737f9d5d9eab59471f3e8de70b088ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:23:13:45:25:fe:cc:d9:75:68:9c:e1:6a:d0:
62:27:8e:55:a9:b0:cf:ec:b8:dc:5e:7e:ef:d7:c6:
f2:49:40:16:cb:21:12:a3:1c:90:97:43:81:63:2e:
34:c0:94:29:f0:8f:d4:59:9a:30:52:78:93:f0:22:
2a:74:3f:7b:a5:e1:13:f9:d9:d3:4f:d1:0e:12:2c:
50:4d:9b:4d:4d:2d:15:5f:4f:c0:38:c2:f7:18:3e:
9d:46:93:e2:bb:3f:1b:25:d8:72:dd:fb:3d:05:22:
a7:88:d4:a6:f9:35:7d:64:bb:83:a0:a5:6b:d4:88:
e3:e1:23:8b:9c:20:7e:95:28:f1:c0:b5:b9:c2:9c:
82:f4:96:3d:7b:5f:2e:c7:0c:d8:8d:a3:40:4d:3b:
27:ba:e6:69:1e:18:74:e2:34:b1:22:75:61:28:d4:
b4:51:af:f5:44:07:31:52:df:46:30:f5:19:fa:7a:
59:77:9d:af:7c:7c:c2:ee:c2:56:8e:9c:7d:f8:72:
c5:52:2f:a5:d4:61:2b:c5:f3:6d:12:97:bc:96:f6:
a1:ca:fd:b0:1c:45:af:4f:25:7b:20:e8:50:b8:de:
8f:7c:82:b2:fd:da:81:22:fc:e5:ee:a4:2e:17:b2:
76:e5:6c:11:25:f6:99:50:99:f7:8c:ce:8a:8e:41:
08:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4D:8A:24:57:37:F9:D5:D9:EA:B5:94:71:F3:E8:DE:70:B0:88:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_02KJFc3-dXZ6rWUcfPo3nCwiLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
02:cd:95:42:fb:b9:76:b4:ef:1d:57:75:dc:10:95:c2:a1:36:
25:bb:b5:bb:4d:a1:11:cc:b8:74:c8:27:d3:02:1f:4a:b2:0b:
d9:7e:45:42:39:54:18:36:fc:f4:0b:71:7d:69:cd:04:5b:2b:
c6:7c:7e:27:b4:4c:9e:ed:9e:ef:e3:52:71:2a:8f:9f:d6:9a:
05:69:89:57:90:5e:e4:b7:1c:8c:c0:2f:b8:15:1d:19:ae:b7:
ec:75:8e:02:01:e0:56:e7:e2:a4:24:e7:72:5c:1b:6b:3f:aa:
06:be:d6:51:66:83:a7:7b:d2:6f:e3:34:4f:9b:42:64:2d:5a:
4a:5b:15:0e:f0:18:f8:ad:8b:2f:a4:95:38:b0:fd:83:d3:5b:
4d:e5:92:d7:8d:95:76:54:d8:c0:fe:89:3b:09:79:90:18:a2:
b3:d8:94:92:52:d5:2d:70:ad:6a:b8:88:28:43:ba:62:6e:29:
be:5f:12:0b:9a:96:72:46:99:9d:0b:fc:2e:82:8e:17:2d:de:
48:5e:e5:54:ae:c3:a0:1d:94:7c:80:06:c3:7d:d2:e0:a1:a4:
3b:09:d0:45:b8:dc:d5:98:a8:2c:ce:8f:19:28:c6:25:fd:d1:
94:7f:a1:d6:9b:b0:d5:99:61:56:30:45:54:98:a5:d6:99:5c:
0f:8f:d7:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWZ7qmr2FJmNBGjkg/IPzkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MTMxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjRkOGEyNDU3MzdmOWQ1ZDllYWI1OTQ3MWYzZThkZTcwYjA4OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyMTRSX+zNl1aJzhatBiJ45VqbDP
7LjcXn7v18bySUAWyyESoxyQl0OBYy40wJQp8I/UWZowUniT8CIqdD97peET+dnT
T9EOEixQTZtNTS0VX0/AOML3GD6dRpPiuz8bJdhy3fs9BSKniNSm+TV9ZLuDoKVr
1Ijj4SOLnCB+lSjxwLW5wpyC9JY9e18uxwzYjaNATTsnuuZpHhh04jSxInVhKNS0
Ua/1RAcxUt9GMPUZ+npZd52vfHzC7sJWjpx9+HLFUi+l1GErxfNtEpe8lvahyv2w
HEWvTyV7IOhQuN6PfIKy/dqBIvzl7qQuF7J25WwRJfaZUJn3jM6KjkEInwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP9NiiRXN/nV2eq1lHHz6N5wsIi6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvXzAyS0pGYzMtZFhaNnJXVWNmUG8zbkN3aUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAAs2VQvu5drTvHVd13BCVwqE2
Jbu1u02hEcy4dMgn0wIfSrIL2X5FQjlUGDb89AtxfWnNBFsrxnx+J7RMnu2e7+NS
cSqPn9aaBWmJV5Be5LccjMAvuBUdGa637HWOAgHgVufipCTnclwbaz+qBr7WUWaD
p3vSb+M0T5tCZC1aSlsVDvAY+K2LL6SVOLD9g9NbTeWS142VdlTYwP6JOwl5kBii
s9iUklLVLXCtariIKEO6Ym4pvl8SC5qWckaZnQv8LoKOFy3eSF7lVK7DoB2UfIAG
w33S4KGkOwnQRbjc1ZioLM6PGSjGJf3RlH+h1puw1ZlhVjBFVJil1plcD4/X0A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:39 2025 by rpki-client