Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPS7HViikvq2-yb3OUmogI4cjSk.roa
File: lPS7HViikvq2-yb3OUmogI4cjSk.roa (raw, json)
Hash identifier: jc0AyXWy+eYMRqgtzP+y1uSlhaGVEZ6n3ewm2uzvWVs=
Subject key identifier: 94:F4:BB:1D:58:A2:92:FA:B6:FB:26:F7:39:49:A8:80:8E:1C:8D:29
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194C9FBC0514533C101859BC63C3862B63E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPS7HViikvq2-yb3OUmogI4cjSk.roa
Signing time: Mon 03 Feb 2025 04:05:06 +0000
ROA not before: Mon 03 Feb 2025 04:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:c9fb:2728/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c9:fb:c0:51:45:33:c1:01:85:9b:c6:3c:38:62:b6:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 3 04:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f4bb1d58a292fab6fb26f73949a8808e1c8d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b7:ec:a0:4d:2a:ce:87:54:77:fd:12:67:82:
a6:96:17:20:bd:cf:16:3d:71:fa:e4:e9:4d:47:80:
2d:32:43:38:c9:85:5f:ae:82:77:3c:82:06:8e:64:
fe:b8:1f:a9:74:fc:b2:05:14:06:68:52:28:d5:00:
f2:ef:07:86:c1:ef:47:76:f4:e2:10:ad:11:9c:ed:
5f:97:e4:e3:5b:f4:d3:88:75:8e:8b:e4:0e:eb:2f:
cc:40:25:7c:e5:1a:0a:42:a4:13:b9:8d:b8:0d:55:
3d:ef:b1:b1:3a:30:dd:36:9d:b3:ba:df:2a:22:6a:
dd:93:52:53:cb:fe:00:e4:57:c7:3a:32:88:83:5f:
60:f4:2a:48:9f:38:82:db:f0:94:43:56:20:0c:0f:
13:7c:89:29:85:d8:54:09:27:af:b9:61:45:3d:db:
99:13:f9:58:99:d6:26:12:4e:0f:5e:69:04:89:a3:
fe:30:45:89:45:67:ab:7f:e0:5e:0c:92:3c:7d:44:
59:e2:50:9e:bc:1b:74:c9:28:a4:16:50:42:b5:c2:
3a:d2:a2:2a:11:13:6a:d4:0e:66:d3:4d:59:79:40:
c5:63:e8:dd:c0:0f:f2:61:61:ce:7f:ff:8f:ef:fc:
05:cb:49:9a:42:f2:27:b8:53:83:9d:1e:93:11:47:
b7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F4:BB:1D:58:A2:92:FA:B6:FB:26:F7:39:49:A8:80:8E:1C:8D:29
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPS7HViikvq2-yb3OUmogI4cjSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:c9fb:2728/128
Signature Algorithm: sha256WithRSAEncryption
03:7e:6d:50:97:74:46:ce:1c:3b:25:ef:16:26:5b:c1:40:3e:
2a:59:bc:df:2d:7d:61:cd:32:84:65:7d:a9:79:4a:8d:9b:f9:
61:a2:58:69:fb:34:a8:29:b6:18:c1:87:0e:73:53:2f:91:95:
77:bf:d2:3e:df:b4:01:1d:47:8a:84:07:4d:c3:a3:9a:36:1f:
0b:e6:88:6c:66:fd:f6:74:f2:70:9b:e7:b2:36:6c:4a:92:84:
35:aa:c5:9f:f6:44:50:b6:d7:3e:81:1e:d9:ed:fc:f0:d4:0a:
09:df:b3:07:39:a9:60:e2:cc:e1:ba:f9:18:f1:b2:6e:de:81:
7d:84:72:45:e2:2a:4d:b8:2a:2d:0e:c3:07:53:b6:21:78:a9:
bf:23:9b:da:e2:cf:a7:1a:7e:4d:f8:96:02:ff:e2:5f:c6:32:
24:c8:44:0e:be:22:3b:3d:ab:60:57:d4:13:f3:1f:c4:e6:ce:
b4:4c:9e:49:39:ba:55:63:37:51:a4:26:f3:1f:fe:27:5e:4b:
57:14:40:3f:05:ea:ab:16:be:73:b1:62:88:eb:14:34:46:9f:
ee:fb:7d:2e:92:f0:65:81:d9:5d:a3:2b:c4:fb:dd:ac:2b:b3:
70:41:52:d5:14:4a:09:32:2e:ef:46:06:cf:c1:18:05:e9:fc:
e5:1b:a7:4b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZTJ+8BRRTPBAYWbxjw4YrY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjAzMDQwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY0YmIxZDU4YTI5MmZhYjZmYjI2ZjczOTQ5YTg4MDhlMWM4ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLfsoE0qzodUd/0SZ4Kmlhcgvc8W
PXH65OlNR4AtMkM4yYVfroJ3PIIGjmT+uB+pdPyyBRQGaFIo1QDy7weGwe9HdvTi
EK0RnO1fl+TjW/TTiHWOi+QO6y/MQCV85RoKQqQTuY24DVU977GxOjDdNp2zut8q
Imrdk1JTy/4A5FfHOjKIg19g9CpInziC2/CUQ1YgDA8TfIkphdhUCSevuWFFPduZ
E/lYmdYmEk4PXmkEiaP+MEWJRWerf+BeDJI8fURZ4lCevBt0ySikFlBCtcI60qIq
ERNq1A5m001ZeUDFY+jdwA/yYWHOf/+P7/wFy0maQvInuFODnR6TEUe3lQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJT0ux1YopL6tvsm9zlJqICOHI0pMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbFBTN0hWaWlrdnEyLXliM09VbW9nSTRjalNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUyfsnKDANBgkqhkiG9w0BAQsFAAOCAQEAA35tUJd0Rs4cOyXvFiZbwUA+
Klm83y19Yc0yhGV9qXlKjZv5YaJYafs0qCm2GMGHDnNTL5GVd7/SPt+0AR1HioQH
TcOjmjYfC+aIbGb99nTycJvnsjZsSpKENarFn/ZEULbXPoEe2e388NQKCd+zBzmp
YOLM4br5GPGybt6BfYRyReIqTbgqLQ7DB1O2IXipvyOb2uLPpxp+TfiWAv/iX8Yy
JMhEDr4iOz2rYFfUE/MfxObOtEyeSTm6VWM3UaQm8x/+J15LVxRAPwXqqxa+c7Fi
iOsUNEaf7vt9LpLwZYHZXaMrxPvdrCuzcEFS1RRKCTIu70YGz8EYBen85RunSw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:10:26 2025 by rpki-client