Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/msMqSfG2zceV61Xf-5l5s9quL00.roa
File: msMqSfG2zceV61Xf-5l5s9quL00.roa (raw, json)
Hash identifier: EYOBFRksJAoOmX1lP+3Adw/R1PB+zAm7St+6rdR2tIg=
Subject key identifier: 9A:C3:2A:49:F1:B6:CD:C7:95:EB:55:DF:FB:99:79:B3:DA:AE:2F:4D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943282C73D4BC0BAFBFF3E9914B2C7BBB1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/msMqSfG2zceV61Xf-5l5s9quL00.roa
Signing time: Sat 04 Jan 2025 18:10:19 +0000
ROA not before: Sat 04 Jan 2025 18:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:32:82:c7:3d:4b:c0:ba:fb:ff:3e:99:14:b2:c7:bb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 4 18:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ac32a49f1b6cdc795eb55dffb9979b3daae2f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:be:fa:0f:3a:db:a3:9f:8b:45:34:63:0d:
f1:09:aa:bf:23:a4:ff:87:d2:9b:2a:60:48:ee:c2:
79:33:47:a1:96:f6:e1:60:30:c3:f7:f3:b4:58:30:
c5:94:1d:b8:34:4e:53:2a:3a:73:a8:6d:be:4a:81:
c5:60:2a:b0:f6:42:af:6e:ee:ad:93:7d:c7:67:3e:
1f:73:96:75:11:5a:0f:4f:97:a8:24:13:50:b9:b4:
43:81:ce:d7:a9:35:d0:b9:ab:58:4c:f2:fb:13:26:
0c:53:cf:9b:55:8c:ba:17:87:a5:b5:02:83:ae:f5:
de:26:cb:40:df:3a:88:ee:ab:83:02:9c:49:f2:39:
a4:6b:86:dc:3c:54:7e:84:30:fb:9b:5e:7b:0a:02:
64:f9:e2:23:67:d3:de:a9:3d:81:9b:aa:c9:09:aa:
22:5c:ba:64:b1:04:d3:23:1c:8a:7f:80:d9:77:69:
92:9b:23:fe:55:95:ed:e5:ad:aa:e5:64:e1:b9:fa:
65:c6:7f:10:7d:bb:8d:97:47:80:40:82:91:f4:4d:
72:f0:6b:c0:e4:07:e1:6f:f8:9d:bc:52:5b:91:49:
1a:91:fe:37:be:89:9a:7f:db:7d:20:d9:dd:85:4a:
ec:03:1d:f4:29:19:6f:6c:63:2b:58:9c:6f:4a:0e:
c9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C3:2A:49:F1:B6:CD:C7:95:EB:55:DF:FB:99:79:B3:DA:AE:2F:4D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/msMqSfG2zceV61Xf-5l5s9quL00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
47:b2:74:72:de:66:c3:7a:af:f9:12:b8:a2:a0:0c:08:73:b1:
25:6b:e7:0c:9d:2b:b2:ff:a1:20:75:9e:66:94:14:0b:51:e8:
86:41:38:de:fe:de:f6:a6:33:f3:b1:60:56:11:db:87:ac:fb:
c9:a1:31:3b:fc:1f:93:59:08:53:4e:89:a1:90:18:b9:29:04:
a4:3e:83:8e:79:6e:7c:2c:f0:45:bd:84:e5:3a:0b:e6:be:73:
06:98:c7:e4:61:3f:cf:18:ef:03:2b:b4:16:80:cb:89:24:ff:
ff:06:9a:25:3b:76:07:65:f9:84:46:f2:c0:07:51:b1:2b:1f:
e5:97:4b:18:29:7e:1b:79:cb:b8:c1:09:a2:de:3b:da:2b:43:
58:6f:69:6b:a0:ec:03:d4:c6:87:d6:f5:c8:80:59:5c:ae:77:
c5:24:3d:5f:1e:32:ba:d8:18:19:f4:5b:d2:11:81:89:d1:75:
be:62:d3:e8:c1:24:e9:0d:57:eb:81:f3:ec:cb:ec:be:b8:da:
c8:32:61:a4:c4:d3:76:b4:2b:ec:b2:5d:52:53:35:d8:d1:27:
00:3e:82:d9:3b:6a:9b:b8:23:f1:0e:d6:45:bf:7e:56:ff:1e:
c4:03:0e:12:c5:fb:0f:a0:36:6a:47:f7:91:b2:41:ca:89:2f:
05:74:8e:a7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQygsc9S8C6+/8+mRSyx7uxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA0MTgxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMzMmE0OWYxYjZjZGM3OTVlYjU1ZGZmYjk5NzliM2RhYWUyZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCK++g8626Ofi0U0Yw3xCaq/I6T/
h9KbKmBI7sJ5M0ehlvbhYDDD9/O0WDDFlB24NE5TKjpzqG2+SoHFYCqw9kKvbu6t
k33HZz4fc5Z1EVoPT5eoJBNQubRDgc7XqTXQuatYTPL7EyYMU8+bVYy6F4eltQKD
rvXeJstA3zqI7quDApxJ8jmka4bcPFR+hDD7m157CgJk+eIjZ9PeqT2Bm6rJCaoi
XLpksQTTIxyKf4DZd2mSmyP+VZXt5a2q5WThufplxn8QfbuNl0eAQIKR9E1y8GvA
5Afhb/idvFJbkUkakf43vomaf9t9INndhUrsAx30KRlvbGMrWJxvSg7JCQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJrDKknxts3HletV3/uZebPari9NMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbXNNcVNmRzJ6Y2VWNjFYZi01bDVzOXF1TDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAR7J0ct5mw3qv+RK4oqAMCHOx
JWvnDJ0rsv+hIHWeZpQUC1HohkE43v7e9qYz87FgVhHbh6z7yaExO/wfk1kIU06J
oZAYuSkEpD6DjnlufCzwRb2E5ToL5r5zBpjH5GE/zxjvAyu0FoDLiST//waaJTt2
B2X5hEbywAdRsSsf5ZdLGCl+G3nLuMEJot472itDWG9pa6DsA9TGh9b1yIBZXK53
xSQ9Xx4yutgYGfRb0hGBidF1vmLT6MEk6Q1X64Hz7MvsvrjayDJhpMTTdrQr7LJd
UlM12NEnAD6C2Ttqm7gj8Q7WRb9+Vv8exAMOEsX7D6A2akf3kbJByokvBXSOpw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:04 2025 by rpki-client