Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fnsr2YJ2MhpObb0c_N4CCw1tEwU.roa
File: fnsr2YJ2MhpObb0c_N4CCw1tEwU.roa (raw, json)
Hash identifier: hsAT/frOvcOHeh8x7oU2MoRalbzi578bHxU+7DAu1+U=
Subject key identifier: 7E:7B:2B:D9:82:76:32:1A:4E:6D:BD:1C:FC:DE:02:0B:0D:6D:13:05
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194429AA66F526723AB0BB3A4978A0C7E47
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fnsr2YJ2MhpObb0c_N4CCw1tEwU.roa
Signing time: Tue 07 Jan 2025 21:10:18 +0000
ROA not before: Tue 07 Jan 2025 21:10:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:9a:a6:6f:52:67:23:ab:0b:b3:a4:97:8a:0c:7e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 21:10:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e7b2bd98276321a4e6dbd1cfcde020b0d6d1305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:48:a1:bf:07:5d:38:d2:db:8b:24:94:67:
ef:a5:b1:13:04:e0:b4:ee:c4:0b:08:e6:41:8a:67:
9d:01:4b:4e:9b:2e:87:b7:42:d7:06:07:32:9d:9f:
31:36:72:96:5c:9f:60:59:fc:e9:26:ec:bb:b8:86:
d7:9b:6e:ac:3d:49:9f:58:5a:bd:b6:1e:f2:bc:c0:
5d:f8:83:c1:4d:b5:11:fe:75:d8:b0:67:93:06:9e:
df:87:50:df:46:72:3d:2e:d6:c3:51:b7:ef:92:7d:
91:93:2c:29:88:4e:23:8a:a9:f3:88:13:d6:4a:3d:
52:b4:54:f1:96:0b:23:1d:85:c3:a5:6c:c9:ee:6b:
8c:59:ac:42:37:65:9d:eb:e6:ef:de:5b:06:12:c5:
75:a8:b1:04:b0:1e:5d:e6:c7:b1:a3:16:62:79:20:
f3:c9:53:4a:c0:3b:0c:a2:ae:90:55:f9:3c:5d:20:
52:84:8c:a0:b6:ed:6b:30:33:cb:a2:b2:54:59:59:
be:3f:9f:7d:c8:e3:29:e2:80:fc:85:ea:39:c4:28:
9c:23:74:0e:1e:a4:93:6f:e9:fb:ec:11:b9:b7:65:
d3:9a:fe:f4:65:91:bf:d7:4f:23:d0:dd:5b:68:ca:
b0:29:65:c1:0b:57:58:0a:ea:68:bc:50:86:d8:ad:
60:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7B:2B:D9:82:76:32:1A:4E:6D:BD:1C:FC:DE:02:0B:0D:6D:13:05
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/fnsr2YJ2MhpObb0c_N4CCw1tEwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
62:28:8d:87:d3:e6:19:d1:fc:da:e9:14:20:52:81:02:0e:95:
c1:2d:4b:30:2c:6b:82:26:20:3e:30:14:51:86:79:e7:97:04:
83:06:33:31:af:dd:79:56:01:95:81:6d:d2:5f:0f:f2:93:09:
29:91:70:b2:a4:f5:b2:51:b0:b4:22:9d:d3:4a:ab:7f:3a:70:
d5:c3:1e:41:aa:3c:2b:64:f7:3a:a1:d1:f8:1c:9c:0e:d4:81:
95:50:aa:50:81:fe:a4:05:cf:06:16:c4:19:a5:87:cc:db:ce:
95:88:10:7a:5d:32:a0:c0:84:62:59:8f:14:af:dc:c7:73:96:
0c:94:d9:0e:47:e3:1f:04:af:b8:c9:80:db:64:b6:68:d8:20:
1e:fd:7d:b6:12:4f:dd:b2:bf:39:11:4d:7f:01:85:7d:92:65:
65:f6:d4:44:9f:3a:71:80:9c:96:76:2a:d8:b0:a1:74:af:6a:
f5:9e:b6:47:4d:f7:97:c1:16:72:64:e6:25:74:de:0e:62:6d:
a3:f6:01:c6:1e:66:45:57:6f:52:48:67:ce:15:03:70:46:b0:
a6:85:49:1b:3c:eb:ed:7c:c6:af:57:4f:51:3c:2b:85:30:73:
92:00:74:f0:7d:46:68:4e:64:37:db:e8:d5:ed:f9:ac:60:ac:
5f:16:d2:81
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRCmqZvUmcjqwuzpJeKDH5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MjExMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdiMmJkOTgyNzYzMjFhNGU2ZGJkMWNmY2RlMDIwYjBkNmQxMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz1Iob8HXTjS24sklGfvpbETBOC0
7sQLCOZBimedAUtOmy6Ht0LXBgcynZ8xNnKWXJ9gWfzpJuy7uIbXm26sPUmfWFq9
th7yvMBd+IPBTbUR/nXYsGeTBp7fh1DfRnI9LtbDUbfvkn2RkywpiE4jiqnziBPW
Sj1StFTxlgsjHYXDpWzJ7muMWaxCN2Wd6+bv3lsGEsV1qLEEsB5d5sexoxZieSDz
yVNKwDsMoq6QVfk8XSBShIygtu1rMDPLorJUWVm+P599yOMp4oD8heo5xCicI3QO
HqSTb+n77BG5t2XTmv70ZZG/108j0N1baMqwKWXBC1dYCupovFCG2K1g+QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFH57K9mCdjIaTm29HPzeAgsNbRMFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZm5zcjJZSjJNaHBPYmIwY19ONENDdzF0RXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAYiiNh9PmGdH82ukUIFKBAg6V
wS1LMCxrgiYgPjAUUYZ555cEgwYzMa/deVYBlYFt0l8P8pMJKZFwsqT1slGwtCKd
00qrfzpw1cMeQao8K2T3OqHR+BycDtSBlVCqUIH+pAXPBhbEGaWHzNvOlYgQel0y
oMCEYlmPFK/cx3OWDJTZDkfjHwSvuMmA22S2aNggHv19thJP3bK/ORFNfwGFfZJl
ZfbURJ86cYCclnYq2LChdK9q9Z62R033l8EWcmTmJXTeDmJto/YBxh5mRVdvUkhn
zhUDcEawpoVJGzzr7XzGr1dPUTwrhTBzkgB08H1GaE5kN9vo1e35rGCsXxbSgQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:41 2025 by rpki-client