Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/k2tw8Wf37KVrpCbNLMi2EXzpR2Y.roa
File: k2tw8Wf37KVrpCbNLMi2EXzpR2Y.roa (raw, json)
Hash identifier: aK/b/jf/RE8H2QLeHbTpZnszFvqj1MG7+nBvVa0ivtk=
Subject key identifier: 93:6B:70:F1:67:F7:EC:A5:6B:A4:26:CD:2C:C8:B6:11:7C:E9:47:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019472082FFBB98B874CD6620226D4E84BCA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/k2tw8Wf37KVrpCbNLMi2EXzpR2Y.roa
Signing time: Fri 17 Jan 2025 02:12:06 +0000
ROA not before: Fri 17 Jan 2025 02:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:72:08:2f:fb:b9:8b:87:4c:d6:62:02:26:d4:e8:4b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 17 02:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=936b70f167f7eca56ba426cd2cc8b6117ce94766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:ca:f9:3b:02:94:40:65:9e:55:b7:f1:8e:
84:7d:d5:8d:dd:a0:05:44:9d:f1:c4:09:5e:a4:a4:
2f:df:05:36:24:5c:27:e4:0f:70:0a:1b:54:18:fb:
4c:07:61:d6:72:a4:ee:59:0c:cd:b7:b4:25:23:f0:
ee:bf:7a:61:b7:de:e8:12:03:0e:73:cf:64:38:04:
48:ac:05:3f:9d:a5:53:be:e4:de:c9:9a:35:ec:26:
d3:05:6f:60:52:00:59:f3:3b:84:bb:1c:bc:e6:73:
d1:c3:94:44:94:07:2d:6e:33:da:44:9b:46:f3:c1:
c4:14:d8:fd:2f:4f:b7:76:ad:43:00:d5:ff:d1:a1:
97:39:f6:48:52:e6:61:5c:bc:bb:6f:89:48:d2:41:
35:6a:24:06:f1:02:8b:f3:37:6a:26:94:e4:a7:9c:
f4:c2:20:f1:ad:f1:0d:2d:e2:50:b7:29:d8:db:3b:
f9:7e:81:01:34:c3:dd:65:54:57:98:3a:67:0a:b3:
43:1b:ac:63:32:3e:9c:60:48:7d:08:6e:cf:4a:98:
f2:db:10:ad:b9:89:ec:e0:1c:5a:e9:da:df:d6:40:
09:0c:ba:ac:02:6c:90:94:76:01:70:0e:75:ab:cb:
10:91:3f:5c:fe:1c:f1:53:73:96:ef:f7:06:d8:60:
7d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6B:70:F1:67:F7:EC:A5:6B:A4:26:CD:2C:C8:B6:11:7C:E9:47:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/k2tw8Wf37KVrpCbNLMi2EXzpR2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
30:7b:3c:9c:7d:91:78:4c:d4:14:2a:81:8d:d7:09:e1:be:e4:
cf:8c:1e:c5:8c:b1:b6:72:ca:06:54:e2:0f:eb:23:2f:c2:60:
a3:8f:0a:19:7b:e0:b7:d2:16:53:08:d1:80:ef:ea:f2:0e:a5:
e8:9b:3d:b3:fe:54:a7:2a:c6:7a:15:9d:96:d2:52:68:b5:1b:
19:16:22:95:94:f4:f5:60:2d:9e:91:cc:cb:62:91:8d:25:5c:
41:39:ca:c4:d0:39:5b:63:0b:82:a5:c6:0e:43:50:07:b8:76:
a3:a5:8e:ad:16:86:a7:2f:39:b1:45:d0:5b:dd:28:49:54:68:
a7:37:e6:b6:e8:c8:14:ba:6c:67:40:f8:a7:c8:96:ee:78:2c:
b5:29:ca:81:26:10:eb:2a:dc:a9:78:41:d7:36:49:c7:08:c2:
fe:17:ce:9e:72:f2:5c:07:e5:5b:5c:f5:98:08:05:66:91:a6:
44:35:e6:5a:93:33:a6:69:de:bd:53:1e:9e:c7:ae:4a:12:27:
45:0e:7b:62:42:87:d2:6e:9e:f1:97:6d:3a:50:c9:6d:60:11:
40:5e:31:5c:22:27:5f:66:fa:bf:94:47:3f:ae:16:2b:81:14:
cc:a7:9e:37:02:c0:2b:b7:0a:dd:e8:a9:3b:37:c1:cf:f9:3c:
19:d5:7d:9c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRyCC/7uYuHTNZiAibU6EvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE3MDIxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzZiNzBmMTY3ZjdlY2E1NmJhNDI2Y2QyY2M4YjYxMTdjZTk0NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJDK+TsClEBlnlW38Y6EfdWN3aAF
RJ3xxAlepKQv3wU2JFwn5A9wChtUGPtMB2HWcqTuWQzNt7QlI/Duv3pht97oEgMO
c89kOARIrAU/naVTvuTeyZo17CbTBW9gUgBZ8zuEuxy85nPRw5RElActbjPaRJtG
88HEFNj9L0+3dq1DANX/0aGXOfZIUuZhXLy7b4lI0kE1aiQG8QKL8zdqJpTkp5z0
wiDxrfENLeJQtynY2zv5foEBNMPdZVRXmDpnCrNDG6xjMj6cYEh9CG7PSpjy2xCt
uYns4Bxa6drf1kAJDLqsAmyQlHYBcA51q8sQkT9c/hzxU3OW7/cG2GB9CwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJNrcPFn9+yla6QmzSzIthF86UdmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvazJ0dzhXZjM3S1ZycENiTkxNaTJFWHpwUjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAMHs8nH2ReEzUFCqBjdcJ4b7k
z4wexYyxtnLKBlTiD+sjL8Jgo48KGXvgt9IWUwjRgO/q8g6l6Js9s/5UpyrGehWd
ltJSaLUbGRYilZT09WAtnpHMy2KRjSVcQTnKxNA5W2MLgqXGDkNQB7h2o6WOrRaG
py85sUXQW90oSVRopzfmtujIFLpsZ0D4p8iW7ngstSnKgSYQ6yrcqXhB1zZJxwjC
/hfOnnLyXAflW1z1mAgFZpGmRDXmWpMzpmnevVMenseuShInRQ57YkKH0m6e8Zdt
OlDJbWARQF4xXCInX2b6v5RHP64WK4EUzKeeNwLAK7cK3eipOzfBz/k8GdV9nA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:24:35 2025 by rpki-client