Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cxloFtdsU-K48NVDj8u_liCxamU.roa
File: cxloFtdsU-K48NVDj8u_liCxamU.roa (raw, json)
Hash identifier: 3T9CCYjzkr2COpMlF1QYWkbueQ43sJ0nNDFTLhqvUrw=
Subject key identifier: 73:19:68:16:D7:6C:53:E2:B8:F0:D5:43:8F:CB:BF:96:20:B1:6A:65
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019166E841829771FFB8B8948D48278BA022
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cxloFtdsU-K48NVDj8u_liCxamU.roa
Signing time: Sun 18 Aug 2024 19:13:02 +0000
ROA not before: Sun 18 Aug 2024 19:13:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:66:e8:41:82:97:71:ff:b8:b8:94:8d:48:27:8b:a0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 18 19:13:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73196816d76c53e2b8f0d5438fcbbf9620b16a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:49:95:b5:f6:cd:27:2d:62:3d:95:2e:d7:
52:ad:1d:39:91:e3:6e:bf:20:dc:b7:9a:45:3a:75:
96:76:89:85:a4:c9:cf:13:56:13:e0:bf:69:14:82:
eb:9d:77:e5:e4:b4:5d:26:14:84:3e:38:d7:dd:05:
bb:62:04:11:21:a0:4a:04:3f:84:5b:69:0c:8a:ad:
d0:24:4b:48:70:81:a9:8a:6d:09:a8:bf:75:e1:f2:
d2:97:4e:af:26:02:b7:e6:8f:34:a6:21:44:0e:f5:
af:55:aa:dc:3a:e3:e4:36:9a:3b:0f:03:ab:d4:45:
91:bf:12:97:68:e2:25:61:5e:a5:8d:72:8c:89:ad:
e4:4a:9b:91:25:21:ee:aa:ec:6a:3f:c8:48:91:df:
44:97:12:10:52:a1:4d:19:2d:ac:a5:42:90:5b:f0:
1e:92:d6:7c:f9:ee:2a:36:0b:6e:3b:bb:76:10:f8:
10:90:ca:e9:e1:fe:26:6b:92:cd:6f:82:15:9b:f0:
84:01:53:9e:59:36:67:23:c4:f6:f2:81:ab:9f:a2:
2b:52:f8:d4:b3:22:3b:51:b8:3e:a5:c8:3d:3d:3c:
cf:3c:1e:de:73:d5:aa:96:8a:9d:30:5d:65:1f:9d:
24:a7:44:1a:4d:41:08:b0:81:93:38:c1:c4:da:f8:
7a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:19:68:16:D7:6C:53:E2:B8:F0:D5:43:8F:CB:BF:96:20:B1:6A:65
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cxloFtdsU-K48NVDj8u_liCxamU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
7c:44:72:a2:0b:47:44:bd:58:59:34:13:96:e3:ad:a9:32:58:
85:35:72:75:0d:47:8a:89:e3:39:c7:a4:87:22:87:9f:69:3e:
da:9e:65:d8:91:fc:96:ab:6b:d8:0d:19:de:92:fd:fa:aa:e2:
80:db:d1:81:35:f6:39:10:dd:1d:16:e8:11:9c:8d:e5:25:9b:
f9:d8:6d:74:d0:25:ec:a8:8c:2f:6b:77:60:2b:21:0b:7e:34:
8a:b1:93:22:ef:d2:e7:f4:2a:fa:6e:31:5a:53:08:0c:50:c2:
75:61:a0:74:7d:a1:12:62:c7:cf:d8:96:18:74:0e:19:56:49:
70:cf:57:04:a3:5c:2a:c1:5d:88:90:13:fd:f8:28:1a:61:83:
ee:c5:2f:fd:85:14:ec:0c:66:6d:30:57:df:f2:f9:52:05:aa:
16:0f:e1:ff:bf:78:9e:70:4a:af:76:89:fc:3d:92:6e:7a:50:
86:8a:a7:ad:02:a1:76:1c:3d:5f:e7:f3:29:4b:36:27:da:7b:
6e:05:e7:28:42:ad:92:9c:4e:7c:6b:79:db:89:a8:6d:b7:e1:
c6:0b:93:42:57:40:c0:c3:04:fe:0f:d2:89:47:1c:cc:a0:e3:
9c:91:2c:89:d0:49:54:ab:c2:9f:e3:2e:f0:25:af:3c:90:df:
bd:c5:b5:67
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFm6EGCl3H/uLiUjUgni6AiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODE4MTkxMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE5NjgxNmQ3NmM1M2UyYjhmMGQ1NDM4ZmNiYmY5NjIwYjE2YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygFJlbX2zSctYj2VLtdSrR05keNu
vyDct5pFOnWWdomFpMnPE1YT4L9pFILrnXfl5LRdJhSEPjjX3QW7YgQRIaBKBD+E
W2kMiq3QJEtIcIGpim0JqL914fLSl06vJgK35o80piFEDvWvVarcOuPkNpo7DwOr
1EWRvxKXaOIlYV6ljXKMia3kSpuRJSHuquxqP8hIkd9ElxIQUqFNGS2spUKQW/Ae
ktZ8+e4qNgtuO7t2EPgQkMrp4f4ma5LNb4IVm/CEAVOeWTZnI8T28oGrn6IrUvjU
syI7Ubg+pcg9PTzPPB7ec9WqloqdMF1lH50kp0QaTUEIsIGTOMHE2vh6kwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHMZaBbXbFPiuPDVQ4/Lv5YgsWplMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY3hsb0Z0ZHNVLUs0OE5WRGo4dV9saUN4YW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAfERyogtHRL1YWTQTluOtqTJY
hTVydQ1HionjOcekhyKHn2k+2p5l2JH8lqtr2A0Z3pL9+qrigNvRgTX2ORDdHRbo
EZyN5SWb+dhtdNAl7KiML2t3YCshC340irGTIu/S5/Qq+m4xWlMIDFDCdWGgdH2h
EmLHz9iWGHQOGVZJcM9XBKNcKsFdiJAT/fgoGmGD7sUv/YUU7AxmbTBX3/L5UgWq
Fg/h/794nnBKr3aJ/D2SbnpQhoqnrQKhdhw9X+fzKUs2J9p7bgXnKEKtkpxOfGt5
24mobbfhxguTQldAwMME/g/SiUcczKDjnJEsidBJVKvCn+Mu8CWvPJDfvcW1Zw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:31:41 2025 by rpki-client