Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r2VmkD2m42Q6VKFc3F8bF1PDTUo.roa
File: r2VmkD2m42Q6VKFc3F8bF1PDTUo.roa (raw, json)
Hash identifier: c676K6utuC/3rv7AGQF43UO8g600O5QJQWTNLA/WjSc=
Subject key identifier: AF:65:66:90:3D:A6:E3:64:3A:54:A1:5C:DC:5F:1B:17:53:C3:4D:4A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019441F7B00CFF21B09D6CAF8E8164DBBA18
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r2VmkD2m42Q6VKFc3F8bF1PDTUo.roa
Signing time: Tue 07 Jan 2025 18:12:19 +0000
ROA not before: Tue 07 Jan 2025 18:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:f7:b0:0c:ff:21:b0:9d:6c:af:8e:81:64:db:ba:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 18:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af6566903da6e3643a54a15cdc5f1b1753c34d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:58:fd:ff:70:de:55:95:f6:e3:99:50:24:f6:
bd:22:1c:29:ee:88:cd:58:1f:78:88:b0:f7:13:b2:
b1:11:81:26:7b:43:bd:d2:ab:0a:45:dc:cc:0b:db:
59:04:cb:15:b1:c7:33:70:6b:c4:84:1a:d5:90:db:
a1:dc:89:67:31:1d:81:bb:f5:c7:66:7b:88:33:9d:
90:58:62:16:1e:ca:4d:e3:ff:74:2a:04:65:18:ec:
df:34:c0:a9:28:c7:26:61:06:db:81:ad:1d:f5:19:
86:3c:84:72:d7:6b:71:d0:c9:b6:33:2b:35:7d:4a:
47:3b:d8:08:97:05:e2:08:34:61:4b:93:86:6a:e6:
f6:7c:b4:85:5b:31:91:fa:78:42:e2:60:70:d7:33:
f8:79:57:3a:c7:60:b3:f6:e0:a5:9b:54:e0:23:53:
77:43:61:66:88:90:37:66:47:2f:ee:14:8a:ee:d2:
5b:4a:3b:88:fa:a2:83:46:8d:48:b6:23:7c:d5:25:
d1:f2:29:7c:a9:59:99:b0:15:49:d2:b6:75:f7:39:
bf:95:29:5a:f3:d0:fa:54:2d:54:6b:b7:37:57:a9:
6b:46:0c:18:93:9f:cc:e4:0a:a7:67:5f:63:6c:de:
87:52:f5:76:58:b7:57:52:82:07:5c:54:54:fd:e3:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:65:66:90:3D:A6:E3:64:3A:54:A1:5C:DC:5F:1B:17:53:C3:4D:4A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r2VmkD2m42Q6VKFc3F8bF1PDTUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
61:cd:ce:23:dc:f6:4d:5b:76:cf:f1:ec:ee:af:79:e1:19:a5:
92:c0:23:6d:80:2c:fc:c7:31:d4:cc:13:ae:fa:3a:4e:6d:31:
0e:0a:29:e6:12:a9:c3:a5:b3:a9:46:47:3d:93:be:d8:48:45:
7b:59:f7:12:e0:bd:e3:e4:45:af:2b:24:af:ef:e3:41:5c:33:
22:18:c9:dc:2f:e0:28:79:22:35:58:d4:63:d8:fd:34:7e:d9:
33:93:4b:f9:37:1f:b9:14:02:22:f5:16:9f:d7:36:bc:a4:7e:
85:92:5f:1a:42:53:0e:c7:6f:a9:a0:19:d0:5b:b5:85:26:e2:
9b:9c:62:03:23:e0:7b:61:6e:a7:67:fe:05:9e:97:55:77:33:
bc:c8:a8:7e:6f:81:9f:e7:00:e8:5b:11:d8:5b:02:aa:e2:49:
59:7c:b6:be:6b:5c:7d:84:84:ee:8e:dc:1c:21:59:5a:98:36:
80:40:52:1e:35:73:cc:5d:30:a7:f8:24:80:e1:f8:a7:23:28:
bd:9b:d7:78:78:25:fc:45:af:48:b1:62:ab:09:0f:0a:bd:99:
67:d5:44:fb:a0:e4:61:5e:70:7b:c7:33:c7:42:5f:b0:09:4b:
9f:7b:20:36:ef:6b:58:2b:d1:1a:86:88:64:5c:58:d2:4a:29:
d5:63:cd:29
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRB97AM/yGwnWyvjoFk27oYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MTgxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY1NjY5MDNkYTZlMzY0M2E1NGExNWNkYzVmMWIxNzUzYzM0ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61j9/3DeVZX245lQJPa9Ihwp7ojN
WB94iLD3E7KxEYEme0O90qsKRdzMC9tZBMsVscczcGvEhBrVkNuh3IlnMR2Bu/XH
ZnuIM52QWGIWHspN4/90KgRlGOzfNMCpKMcmYQbbga0d9RmGPIRy12tx0Mm2Mys1
fUpHO9gIlwXiCDRhS5OGaub2fLSFWzGR+nhC4mBw1zP4eVc6x2Cz9uClm1TgI1N3
Q2FmiJA3Zkcv7hSK7tJbSjuI+qKDRo1ItiN81SXR8il8qVmZsBVJ0rZ19zm/lSla
89D6VC1Ua7c3V6lrRgwYk5/M5AqnZ19jbN6HUvV2WLdXUoIHXFRU/eOorwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK9lZpA9puNkOlShXNxfGxdTw01KMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcjJWbWtEMm00MlE2VktGYzNGOGJGMVBEVFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAYc3OI9z2TVt2z/Hs7q954Rml
ksAjbYAs/Mcx1MwTrvo6Tm0xDgop5hKpw6WzqUZHPZO+2EhFe1n3EuC94+RFrysk
r+/jQVwzIhjJ3C/gKHkiNVjUY9j9NH7ZM5NL+TcfuRQCIvUWn9c2vKR+hZJfGkJT
DsdvqaAZ0Fu1hSbim5xiAyPge2Fup2f+BZ6XVXczvMiofm+Bn+cA6FsR2FsCquJJ
WXy2vmtcfYSE7o7cHCFZWpg2gEBSHjVzzF0wp/gkgOH4pyMovZvXeHgl/EWvSLFi
qwkPCr2ZZ9VE+6DkYV5we8czx0JfsAlLn3sgNu9rWCvRGoaIZFxY0kop1WPNKQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:31:47 2025 by rpki-client