Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqfjPcKLSJC0U9ZCi7taVeQPGyQ.roa
File: pqfjPcKLSJC0U9ZCi7taVeQPGyQ.roa (raw, json)
Hash identifier: 8Zn1BRBIXoKcijG6MsKL2/RmPpaMCcX+GPw3XJBixJ4=
Subject key identifier: A6:A7:E3:3D:C2:8B:48:90:B4:53:D6:42:8B:BB:5A:55:E4:0F:1B:24
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191CB4D3DEC7D8354BE3A9FB68D71FE86A8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqfjPcKLSJC0U9ZCi7taVeQPGyQ.roa
Signing time: Sat 07 Sep 2024 07:05:22 +0000
ROA not before: Sat 07 Sep 2024 07:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:cb4c:5fd3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cb:4d:3d:ec:7d:83:54:be:3a:9f:b6:8d:71:fe:86:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 7 07:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6a7e33dc28b4890b453d6428bbb5a55e40f1b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4b:d7:10:6a:8c:5a:c0:87:d3:12:df:0b:e2:
1d:2c:c0:c8:9d:8a:26:3a:69:35:60:fb:92:ff:58:
14:66:5b:d9:75:e0:3f:1b:8c:89:27:38:b0:3a:3e:
cd:d1:8a:90:b3:dd:82:c7:48:5e:d4:66:2f:a6:c4:
e4:3a:b3:f3:70:c7:01:77:50:9f:49:bc:7b:87:0c:
0b:a0:a9:77:81:04:eb:9c:82:16:9e:30:28:dd:56:
51:f3:f7:ed:1e:a0:ab:91:9e:a2:a9:9e:09:5c:87:
59:e1:9b:cc:c5:50:8c:96:6b:3f:0f:8f:9e:95:79:
c6:fc:9d:fd:5b:f8:32:15:b5:62:47:80:57:3c:0e:
89:d3:ba:21:7c:79:28:c5:88:e7:02:82:cb:89:03:
44:23:38:46:e3:a3:38:2f:a8:1a:81:b2:d8:11:a5:
6e:86:d6:72:a8:32:d7:29:a6:4f:f4:14:bf:fd:6a:
aa:b9:a9:8f:30:57:0d:a5:de:40:6f:28:1d:5c:fc:
fb:28:8b:c2:12:54:bc:80:3e:43:54:45:18:43:7f:
f9:78:3d:0f:fe:a2:c7:02:a1:04:b3:ea:b6:7c:10:
b1:02:01:3e:d2:e8:12:d6:1b:af:b7:6e:5b:08:ce:
b9:db:67:7e:f2:e2:84:dc:a0:8e:98:a9:da:5c:a6:
9b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A7:E3:3D:C2:8B:48:90:B4:53:D6:42:8B:BB:5A:55:E4:0F:1B:24
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/pqfjPcKLSJC0U9ZCi7taVeQPGyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:cb4c:5fd3/128
Signature Algorithm: sha256WithRSAEncryption
88:b3:d9:f1:9d:7a:5a:de:45:1a:fc:d7:33:c7:dd:6d:fb:1e:
a1:08:38:b8:74:70:5b:c4:41:e8:0d:2c:c0:6b:bf:3b:04:4b:
14:ed:19:71:4c:58:97:d2:82:37:a6:6a:85:a0:5c:d2:55:f9:
da:1d:d6:3d:a4:fb:a0:0b:47:78:ce:4a:2e:9d:63:2a:67:82:
a9:77:28:fb:91:03:88:d2:ec:0f:d7:6a:da:2c:bd:46:70:e7:
2e:d1:2b:12:7f:93:ab:81:10:5e:45:d3:39:db:91:f1:ce:d4:
bb:14:64:ee:5d:ea:68:91:9b:b3:f0:8b:f1:9e:4b:cd:f5:dc:
e6:9f:f0:f1:bc:1e:34:02:69:06:0f:01:e0:e7:b7:f1:bd:46:
7d:71:10:c0:1c:f5:71:45:66:e5:ac:f5:a6:bb:51:1d:fc:24:
96:e6:16:3c:9e:c1:14:a1:39:37:9a:18:05:5e:17:ec:5e:b2:
7c:8a:cd:e9:a9:b5:0c:7e:72:b0:8e:0d:0a:8f:cc:66:f0:8b:
26:ce:68:b9:7e:cd:e2:4a:98:a5:00:74:e7:ef:8c:60:bf:cf:
31:01:cb:15:7e:31:ba:4d:ae:f2:d8:02:50:d0:eb:1d:ee:08:
4e:c4:d1:86:98:a7:48:10:bd:c8:ff:11:19:7f:71:8a:27:8e:
cd:06:bb:59
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHLTT3sfYNUvjqfto1x/oaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA3MDcwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE3ZTMzZGMyOGI0ODkwYjQ1M2Q2NDI4YmJiNWE1NWU0MGYxYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUvXEGqMWsCH0xLfC+IdLMDInYom
Omk1YPuS/1gUZlvZdeA/G4yJJziwOj7N0YqQs92Cx0he1GYvpsTkOrPzcMcBd1Cf
Sbx7hwwLoKl3gQTrnIIWnjAo3VZR8/ftHqCrkZ6iqZ4JXIdZ4ZvMxVCMlms/D4+e
lXnG/J39W/gyFbViR4BXPA6J07ohfHkoxYjnAoLLiQNEIzhG46M4L6gagbLYEaVu
htZyqDLXKaZP9BS//WqquamPMFcNpd5AbygdXPz7KIvCElS8gD5DVEUYQ3/5eD0P
/qLHAqEEs+q2fBCxAgE+0ugS1huvt25bCM6522d+8uKE3KCOmKnaXKabFwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKan4z3Ci0iQtFPWQou7WlXkDxskMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcHFmalBjS0xTSkMwVTlaQ2k3dGFWZVFQR3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkctMX9MwDQYJKoZIhvcNAQELBQADggEB
AIiz2fGdelreRRr81zPH3W37HqEIOLh0cFvEQegNLMBrvzsESxTtGXFMWJfSgjem
aoWgXNJV+dod1j2k+6ALR3jOSi6dYypngql3KPuRA4jS7A/XatosvUZw5y7RKxJ/
k6uBEF5F0znbkfHO1LsUZO5d6miRm7Pwi/GeS8313Oaf8PG8HjQCaQYPAeDnt/G9
Rn1xEMAc9XFFZuWs9aa7UR38JJbmFjyewRShOTeaGAVeF+xesnyKzemptQx+crCO
DQqPzGbwiybOaLl+zeJKmKUAdOfvjGC/zzEByxV+MbpNrvLYAlDQ6x3uCE7E0YaY
p0gQvcj/ERl/cYonjs0Gu1k=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:35:16 2025 by rpki-client