Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQVKDkcE5TstB_EYdtUA54Jil-w.roa
File: qQVKDkcE5TstB_EYdtUA54Jil-w.roa (raw, json)
Hash identifier: DcSzfYoIA8TZ2zZJmlUYH5KRDHd2dnCrgwgRwd4kInk=
Subject key identifier: A9:05:4A:0E:47:04:E5:3B:2D:07:F1:18:76:D5:00:E7:82:62:97:EC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019593B7AEB715E66D9CB1FA2D2B1D0D32B4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQVKDkcE5TstB_EYdtUA54Jil-w.roa
Signing time: Fri 14 Mar 2025 08:14:03 +0000
ROA not before: Fri 14 Mar 2025 08:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:b7:ae:b7:15:e6:6d:9c:b1:fa:2d:2b:1d:0d:32:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 08:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9054a0e4704e53b2d07f11876d500e7826297ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:f0:3c:85:0c:4c:e9:42:40:e9:2a:e1:58:
cb:f9:e5:5f:28:2b:1f:a1:25:74:4f:f5:19:ac:57:
34:74:59:35:2a:5b:57:c4:15:d3:71:79:b7:d0:cb:
08:a3:ef:65:2b:37:0a:30:5a:2c:19:de:dc:07:1d:
8d:23:ca:ec:75:1a:72:d6:c0:b4:d8:16:24:a5:69:
06:d4:7a:00:08:c0:c1:c5:b8:0d:5b:f6:f8:1f:3a:
62:77:cd:b5:6e:e3:be:c6:5c:20:0a:9f:ae:d0:cc:
a6:39:7e:47:73:32:39:a6:01:df:d4:0d:55:0e:53:
4d:11:c7:27:79:09:11:9f:f5:ab:fe:99:25:89:37:
7b:6e:d2:a4:59:7a:16:59:e3:ee:b8:ad:ee:b0:9c:
f0:45:71:bc:4d:4a:e2:4a:a5:94:00:81:ac:45:8b:
30:94:58:d4:52:96:71:f2:92:d9:5a:5b:bc:94:09:
cb:94:27:6d:93:78:23:37:f2:5a:63:7a:f8:98:f0:
0e:83:b1:b4:07:33:d4:98:15:13:d5:ec:22:24:5d:
e6:94:1e:b1:84:bf:2a:64:28:9b:03:59:78:9b:3a:
b5:c1:a9:be:5b:bd:75:a8:26:5e:9a:24:25:54:5c:
f4:ef:f3:c3:b1:80:65:b0:17:ae:c8:9a:9b:83:e9:
16:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:05:4A:0E:47:04:E5:3B:2D:07:F1:18:76:D5:00:E7:82:62:97:EC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qQVKDkcE5TstB_EYdtUA54Jil-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
05:2b:25:ad:86:40:54:e7:b7:a6:f0:ed:f0:18:7e:04:e8:11:
61:8b:17:d4:88:49:74:4c:12:0a:16:d8:94:15:e5:55:6e:a7:
96:ee:a4:ac:20:10:81:a1:fa:1d:8c:ea:2c:97:05:2d:ed:c5:
4e:97:88:d0:9f:dd:f0:2f:59:13:ed:b0:d0:e3:00:e5:9e:28:
f2:17:b6:0d:dc:23:49:48:18:a2:3f:34:83:da:f0:23:94:d7:
d8:a2:7e:d6:f6:a8:a4:44:26:8f:dd:c0:78:1c:d2:c0:93:37:
d2:1f:0e:9b:a7:d8:7b:70:6d:e2:7d:6e:6f:85:4d:1a:d4:33:
0a:e2:59:87:a1:4d:96:f1:23:3f:70:ca:5a:4e:40:e2:57:9c:
b3:57:37:5e:c5:64:bb:a0:7c:8f:c8:e1:4c:b9:6a:48:30:e6:
ac:06:01:5a:61:35:b7:6b:79:bc:bf:dd:e6:85:d3:a8:52:61:
c7:0f:ec:69:c8:e5:4a:6e:3e:8e:3c:58:62:a1:6f:be:3c:74:
97:96:cb:e7:34:f9:e1:0d:58:a4:f2:72:5d:51:af:b8:a1:df:
9e:fe:2c:03:3c:93:cb:79:4a:6c:fa:39:3f:94:ae:06:df:f5:
08:0c:ca:db:33:e0:ea:b1:cd:82:f9:19:75:01:ec:7f:14:c4:
59:12:dc:3a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWTt663FeZtnLH6LSsdDTK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MDgxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA1NGEwZTQ3MDRlNTNiMmQwN2YxMTg3NmQ1MDBlNzgyNjI5N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvXwPIUMTOlCQOkq4VjL+eVfKCsf
oSV0T/UZrFc0dFk1KltXxBXTcXm30MsIo+9lKzcKMFosGd7cBx2NI8rsdRpy1sC0
2BYkpWkG1HoACMDBxbgNW/b4Hzpid821buO+xlwgCp+u0MymOX5HczI5pgHf1A1V
DlNNEccneQkRn/Wr/pkliTd7btKkWXoWWePuuK3usJzwRXG8TUriSqWUAIGsRYsw
lFjUUpZx8pLZWlu8lAnLlCdtk3gjN/JaY3r4mPAOg7G0BzPUmBUT1ewiJF3mlB6x
hL8qZCibA1l4mzq1wam+W711qCZemiQlVFz07/PDsYBlsBeuyJqbg+kWcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKkFSg5HBOU7LQfxGHbVAOeCYpfsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcVFWS0RrY0U1VHN0Ql9FWWR0VUE1NEppbC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEABSslrYZAVOe3pvDt8Bh+BOgR
YYsX1IhJdEwSChbYlBXlVW6nlu6krCAQgaH6HYzqLJcFLe3FTpeI0J/d8C9ZE+2w
0OMA5Z4o8he2DdwjSUgYoj80g9rwI5TX2KJ+1vaopEQmj93AeBzSwJM30h8Om6fY
e3Bt4n1ub4VNGtQzCuJZh6FNlvEjP3DKWk5A4lecs1c3XsVku6B8j8jhTLlqSDDm
rAYBWmE1t2t5vL/d5oXTqFJhxw/sacjlSm4+jjxYYqFvvjx0l5bL5zT54Q1YpPJy
XVGvuKHfnv4sAzyTy3lKbPo5P5SuBt/1CAzK2zPg6rHNgvkZdQHsfxTEWRLcOg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:53:10 2025 by rpki-client