Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lnzJSf4A9T2L4YWOpCqi3vp0w0M.roa
File: lnzJSf4A9T2L4YWOpCqi3vp0w0M.roa (raw, json)
Hash identifier: TIJ5s1p523NEe4hTUz9ZbszyIp4PW05azcIukKS9PqA=
Subject key identifier: 96:7C:C9:49:FE:00:F5:3D:8B:E1:85:8E:A4:2A:A2:DE:FA:74:C3:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194FBFAC2F13DAF5FCD2284711FFC1A9880
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lnzJSf4A9T2L4YWOpCqi3vp0w0M.roa
Signing time: Wed 12 Feb 2025 21:05:02 +0000
ROA not before: Wed 12 Feb 2025 21:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:fbfa:2d9d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fb:fa:c2:f1:3d:af:5f:cd:22:84:71:1f:fc:1a:98:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 12 21:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=967cc949fe00f53d8be1858ea42aa2defa74c343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cb:8f:bd:30:5d:42:e3:45:c7:79:5c:b7:50:
f7:cb:d3:49:27:79:f7:b3:de:06:3c:b0:74:13:a5:
60:ed:23:f9:a0:52:18:c9:39:75:a1:a3:43:dc:42:
93:73:59:ec:12:24:e9:9e:b9:7d:8c:d6:6c:29:1d:
f3:d0:71:2e:c6:3f:e6:88:f4:1a:d8:1f:fe:3f:5e:
19:bc:91:03:a7:e7:51:d9:f6:b7:d5:5e:a0:50:07:
c7:4b:a4:c6:6c:9e:5d:82:45:d1:08:cb:d7:b0:ff:
8e:d0:79:27:1d:78:ba:3c:9b:3e:17:c4:85:da:f0:
ec:4e:bd:bc:b1:13:09:6c:e3:01:19:78:70:b3:c5:
17:86:4d:9d:29:3a:cd:12:96:2e:6c:b7:8b:c2:7b:
0d:fe:aa:ea:83:4b:d5:2d:10:88:3f:fd:56:30:46:
c8:66:06:c8:27:dd:68:08:98:5b:1f:93:04:00:93:
54:f6:b3:7a:ce:2b:fb:60:57:4f:73:6a:5c:da:1d:
0f:47:03:e1:ad:7e:7d:88:4e:ec:ec:7c:93:3c:8a:
89:2d:85:56:2d:e0:db:df:87:3a:77:0d:3e:be:8c:
6f:59:10:ee:63:4d:f9:e8:1f:49:fe:44:05:11:c7:
af:d1:f0:fd:92:67:bb:bf:76:45:1c:de:bb:ae:98:
a9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7C:C9:49:FE:00:F5:3D:8B:E1:85:8E:A4:2A:A2:DE:FA:74:C3:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lnzJSf4A9T2L4YWOpCqi3vp0w0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:fbfa:2d9d/128
Signature Algorithm: sha256WithRSAEncryption
8c:03:8a:4d:ea:53:0f:4a:43:41:7e:21:61:f9:13:21:14:67:
d7:66:43:9a:74:98:d6:64:a4:2a:10:3e:09:15:af:e9:72:54:
4a:95:5e:f7:2a:65:8d:b4:b3:bb:79:c0:49:10:ee:22:8f:ea:
03:bd:7d:44:27:0e:9a:55:aa:c4:af:7c:19:f7:5d:04:d6:de:
6c:26:6f:b2:06:f2:ec:b1:81:d4:10:79:9f:4a:af:33:bf:2e:
07:59:78:03:10:b1:cd:ba:de:2c:2f:57:45:c7:e7:ff:94:71:
ed:ac:15:b5:b3:c8:35:11:0f:34:9b:30:77:64:c0:14:88:1f:
a5:a3:42:07:64:07:f4:c2:fb:b9:e6:df:72:04:80:5a:fa:a7:
6d:87:a1:58:f5:6e:96:09:52:f2:61:2d:ce:82:5c:de:81:35:
c3:f8:c6:fe:e2:51:c3:9a:c9:21:19:7d:3e:92:38:1e:25:4d:
4e:4a:63:05:d6:03:10:23:d1:7d:ff:9e:53:5e:e2:4e:35:f7:
29:d8:9e:0e:71:5d:f8:b4:60:4b:ab:95:4a:25:d2:b6:b5:b6:
55:72:1e:32:12:b4:a2:5c:85:ba:15:cd:fe:10:e0:ce:e7:c9:
a0:64:e8:e5:7d:bd:5d:22:02:52:3e:13:30:5d:1d:3d:9f:50:
09:77:7c:9f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZT7+sLxPa9fzSKEcR/8GpiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjEyMjEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdjYzk0OWZlMDBmNTNkOGJlMTg1OGVhNDJhYTJkZWZhNzRjMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsuPvTBdQuNFx3lct1D3y9NJJ3n3
s94GPLB0E6Vg7SP5oFIYyTl1oaND3EKTc1nsEiTpnrl9jNZsKR3z0HEuxj/miPQa
2B/+P14ZvJEDp+dR2fa31V6gUAfHS6TGbJ5dgkXRCMvXsP+O0HknHXi6PJs+F8SF
2vDsTr28sRMJbOMBGXhws8UXhk2dKTrNEpYubLeLwnsN/qrqg0vVLRCIP/1WMEbI
ZgbIJ91oCJhbH5MEAJNU9rN6ziv7YFdPc2pc2h0PRwPhrX59iE7s7HyTPIqJLYVW
LeDb34c6dw0+voxvWRDuY0356B9J/kQFEcev0fD9kme7v3ZFHN67rpip4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJZ8yUn+APU9i+GFjqQqot76dMNDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbG56SlNmNEE5VDJMNFlXT3BDcWkzdnAwdzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGU+/otnTANBgkqhkiG9w0BAQsFAAOCAQEAjAOKTepTD0pDQX4hYfkTIRRn
12ZDmnSY1mSkKhA+CRWv6XJUSpVe9ypljbSzu3nASRDuIo/qA719RCcOmlWqxK98
GfddBNbebCZvsgby7LGB1BB5n0qvM78uB1l4AxCxzbreLC9XRcfn/5Rx7awVtbPI
NREPNJswd2TAFIgfpaNCB2QH9ML7uebfcgSAWvqnbYehWPVulglS8mEtzoJc3oE1
w/jG/uJRw5rJIRl9PpI4HiVNTkpjBdYDECPRff+eU17iTjX3KdieDnFd+LRgS6uV
SiXStrW2VXIeMhK0olyFuhXN/hDgzufJoGTo5X29XSICUj4TMF0dPZ9QCXd8nw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:39:32 2025 by rpki-client