Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i2TkNHOrO4TZ7hsM4Z5lRS_koy4.roa
File: i2TkNHOrO4TZ7hsM4Z5lRS_koy4.roa (raw, json)
Hash identifier: nhG1qekHnYt8/a+32sjkYAtQrlAsOV7cwCZJXep0qqI=
Subject key identifier: 8B:64:E4:34:73:AB:3B:84:D9:EE:1B:0C:E1:9E:65:45:2F:E4:A3:2E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019598D5986999FB1C09D4D015ABD0F1372C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i2TkNHOrO4TZ7hsM4Z5lRS_koy4.roa
Signing time: Sat 15 Mar 2025 08:04:49 +0000
ROA not before: Sat 15 Mar 2025 08:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
2001:67c:64:ffff:0:195:98d5:bd6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:98:d5:98:69:99:fb:1c:09:d4:d0:15:ab:d0:f1:37:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 08:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b64e43473ab3b84d9ee1b0ce19e65452fe4a32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1a:25:c1:d2:ce:53:4d:7e:33:8c:37:a9:3e:
a3:e5:75:fd:78:2d:da:77:47:48:88:4c:14:43:3d:
bb:b2:f9:aa:11:46:db:48:10:d1:e3:20:71:0d:0c:
f1:c1:47:53:da:8a:be:93:14:ce:6a:b8:79:fe:5d:
81:b4:a8:d6:bf:32:8b:bb:bd:ee:35:e0:7a:f3:8c:
bd:22:12:70:de:84:3f:bf:d5:e6:70:69:3b:a5:9b:
c6:67:de:0e:80:a9:39:11:ac:78:64:b7:f7:fc:bb:
75:6a:3e:96:5e:6b:45:4d:2e:4c:04:9e:c5:81:d7:
76:b7:0f:10:bd:a5:1c:58:85:23:c7:ed:6e:53:43:
39:1f:a0:50:27:a1:42:90:aa:69:71:87:b5:1c:28:
70:6c:19:7c:80:f9:3d:f7:e9:1e:f1:c7:ac:2c:02:
b5:8f:68:b4:50:ff:3d:24:ba:e5:8d:a2:99:bb:07:
0f:4e:a1:6f:41:6c:51:7a:a1:80:f0:5c:e4:32:96:
e5:e2:6f:9a:44:53:a8:81:88:86:90:0f:5c:17:5e:
11:49:0b:fd:50:5a:cb:f3:88:ba:b6:ef:c0:0d:cb:
6d:ee:bc:05:1e:ca:af:58:26:b7:c7:01:1f:25:78:
97:96:4f:1f:d3:98:9f:43:cb:a2:f2:26:67:9f:08:
8b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:64:E4:34:73:AB:3B:84:D9:EE:1B:0C:E1:9E:65:45:2F:E4:A3:2E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/i2TkNHOrO4TZ7hsM4Z5lRS_koy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
2001:67c:64:ffff:0:195:98d5:bd6/128
Signature Algorithm: sha256WithRSAEncryption
87:6b:3b:8c:1f:32:0f:53:78:34:89:ab:9c:3a:ef:04:fa:6f:
3b:87:e5:8a:79:6a:e2:42:18:dd:d1:a2:cf:d8:2b:4f:64:0b:
76:0a:36:d5:7f:94:bf:02:ac:c3:c7:75:a0:1f:6c:b4:00:ca:
d1:86:4b:b2:c9:a1:47:86:da:5a:84:d7:98:57:7b:9a:b4:a7:
27:c5:20:1e:99:00:ee:31:5e:99:ff:94:7a:31:19:02:43:0e:
58:d8:c5:d3:32:99:d0:80:31:2b:62:eb:4c:97:39:4c:04:c2:
45:15:e3:df:cd:e8:6f:88:89:35:7a:b4:1c:e3:74:74:f9:e0:
3b:f7:e1:26:ab:36:31:2f:95:17:62:cd:bd:3b:8c:ad:04:a6:
58:08:00:34:6e:77:61:90:55:dd:26:09:f5:5d:bd:2c:33:cb:
5f:b2:bf:5b:5a:7b:cb:9a:a5:f9:54:a9:3b:d8:0d:d4:fd:d5:
57:12:7a:92:35:da:e6:de:56:8a:8b:d8:ad:07:a0:eb:f7:b8:
67:ea:d5:91:68:ba:da:33:94:16:54:8b:d7:bb:52:58:36:2b:
04:b5:f9:50:55:6c:c9:91:ce:cb:d3:7a:cd:d2:01:08:b2:cf:
0c:f5:b6:67:91:4a:3e:c8:a3:06:31:4a:cd:ca:f3:4c:1f:92:
07:a3:0d:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWY1ZhpmfscCdTQFavQ8TcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MDgwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY0ZTQzNDczYWIzYjg0ZDllZTFiMGNlMTllNjU0NTJmZTRhMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtholwdLOU01+M4w3qT6j5XX9eC3a
d0dIiEwUQz27svmqEUbbSBDR4yBxDQzxwUdT2oq+kxTOarh5/l2BtKjWvzKLu73u
NeB684y9IhJw3oQ/v9XmcGk7pZvGZ94OgKk5Eax4ZLf3/Lt1aj6WXmtFTS5MBJ7F
gdd2tw8QvaUcWIUjx+1uU0M5H6BQJ6FCkKppcYe1HChwbBl8gPk99+ke8cesLAK1
j2i0UP89JLrljaKZuwcPTqFvQWxReqGA8FzkMpbl4m+aRFOogYiGkA9cF14RSQv9
UFrL84i6tu/ADctt7rwFHsqvWCa3xwEfJXiXlk8f05ifQ8ui8iZnnwiLqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFItk5DRzqzuE2e4bDOGeZUUv5KMuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaTJUa05IT3JPNFRaN2hzTTRaNWxSU19rb3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGVhs9jDAMRACABBnwAZP//AAABlZjVC9YwDQYJKoZIhvcNAQELBQADggEB
AIdrO4wfMg9TeDSJq5w67wT6bzuH5Yp5auJCGN3Ros/YK09kC3YKNtV/lL8CrMPH
daAfbLQAytGGS7LJoUeG2lqE15hXe5q0pyfFIB6ZAO4xXpn/lHoxGQJDDljYxdMy
mdCAMSti60yXOUwEwkUV49/N6G+IiTV6tBzjdHT54Dv34SarNjEvlRdizb07jK0E
plgIADRud2GQVd0mCfVdvSwzy1+yv1tae8uapflUqTvYDdT91VcSepI12ubeVoqL
2K0HoOv3uGfq1ZFoutozlBZUi9e7Ulg2KwS1+VBVbMmRzsvTes3SAQiyzwz1tmeR
Sj7IowYxSs3K80wfkgejDbE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:42 2025 by rpki-client