Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rg1C84IHlG2YPiUNmcRZ85vuXBY.roa
File: rg1C84IHlG2YPiUNmcRZ85vuXBY.roa (raw, json)
Hash identifier: 5smoCIjtu+KB7Zw56yX2IiqeNOLaDrW7gURqI5xBXTE=
Subject key identifier: AE:0D:42:F3:82:07:94:6D:98:3E:25:0D:99:C4:59:F3:9B:EE:5C:16
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019483D957D266CAE6AC1588EEA9B5A2E4DD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rg1C84IHlG2YPiUNmcRZ85vuXBY.roa
Signing time: Mon 20 Jan 2025 13:14:06 +0000
ROA not before: Mon 20 Jan 2025 13:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:d9:57:d2:66:ca:e6:ac:15:88:ee:a9:b5:a2:e4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 20 13:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae0d42f38207946d983e250d99c459f39bee5c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:13:70:14:4a:d3:20:25:0b:d7:5a:95:41:10:
89:39:19:c3:21:b5:41:ab:fa:a8:71:14:ba:d0:59:
fa:1e:98:e1:64:10:35:df:95:74:d2:85:29:f6:b2:
55:62:10:04:5f:52:01:69:c9:37:07:f6:00:1b:88:
28:8a:e6:aa:c3:f9:03:6e:1e:fa:4b:6d:01:ea:31:
26:69:de:07:95:1c:17:39:6c:f8:39:81:3a:84:c5:
ed:71:9e:fa:ab:99:89:99:15:a2:2c:3b:f8:96:b8:
b6:3f:54:8e:c3:f3:63:71:6e:e6:28:f1:92:59:9d:
32:0c:5e:75:66:44:5c:13:ce:98:ee:fb:87:ae:27:
68:1e:fe:56:d9:d4:45:b3:30:d4:3f:7e:06:ea:b9:
97:49:2e:ab:b4:2e:97:ee:cd:84:11:96:64:71:ca:
29:f4:5c:55:90:c2:ff:f5:a8:6f:32:bd:1c:fb:13:
93:bb:38:d8:8f:c8:f7:44:09:6b:86:9a:50:d7:85:
87:0e:b4:0d:3e:23:58:12:94:b9:85:b8:0e:0a:f1:
52:14:41:d7:96:f0:7d:f2:96:ae:27:04:de:73:97:
44:25:6b:d0:8c:ae:a1:b2:81:c7:56:c5:d7:d4:7f:
52:a8:e0:b2:c2:25:6d:35:fb:36:ee:bf:63:4c:e5:
4e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0D:42:F3:82:07:94:6D:98:3E:25:0D:99:C4:59:F3:9B:EE:5C:16
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/rg1C84IHlG2YPiUNmcRZ85vuXBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
49:09:e6:bc:1b:0b:b3:74:e5:95:aa:30:a4:ed:f0:8e:90:13:
eb:bc:c4:2b:fa:32:72:34:8e:b0:f9:b1:f7:f2:e3:ef:c8:f7:
2a:b8:ac:7e:45:a3:3c:4e:4f:04:d7:c5:ad:07:46:c6:8b:17:
44:b6:02:9c:a9:76:c8:9f:85:7d:57:1f:97:29:a5:76:9f:c4:
f5:d0:0c:ed:5a:e6:d6:28:30:e4:06:7b:46:0e:99:a5:e2:ec:
91:b9:c0:2d:36:2f:5f:1f:f9:f8:ab:65:11:85:79:d5:9a:8f:
59:e4:25:9d:33:3c:2b:21:a0:f1:7c:c5:53:6f:49:5d:e8:2f:
a0:08:15:75:1a:d1:27:60:b5:1b:bb:10:72:c1:a3:d8:ef:14:
31:56:20:ef:38:96:de:e4:80:22:8e:33:a2:a1:fc:20:8c:52:
73:5b:a7:03:11:26:df:b1:38:a8:3c:50:23:22:b2:46:a3:21:
b0:94:ac:87:25:1b:d6:44:53:2f:b2:42:2f:d3:69:30:2f:cc:
a6:9e:ae:6c:a7:9d:88:90:95:7c:d8:18:91:0d:fa:27:83:51:
bb:87:34:51:de:29:e9:f7:33:0e:0e:b6:db:cc:54:06:d3:55:
02:82:c4:09:49:87:11:c6:2a:30:1d:2b:db:ff:45:36:8c:a2:
f1:41:19:0c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZSD2VfSZsrmrBWI7qm1ouTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTIwMTMxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBkNDJmMzgyMDc5NDZkOTgzZTI1MGQ5OWM0NTlmMzliZWU1YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xNwFErTICUL11qVQRCJORnDIbVB
q/qocRS60Fn6HpjhZBA135V00oUp9rJVYhAEX1IBack3B/YAG4goiuaqw/kDbh76
S20B6jEmad4HlRwXOWz4OYE6hMXtcZ76q5mJmRWiLDv4lri2P1SOw/NjcW7mKPGS
WZ0yDF51ZkRcE86Y7vuHridoHv5W2dRFszDUP34G6rmXSS6rtC6X7s2EEZZkccop
9FxVkML/9ahvMr0c+xOTuzjYj8j3RAlrhppQ14WHDrQNPiNYEpS5hbgOCvFSFEHX
lvB98pauJwTec5dEJWvQjK6hsoHHVsXX1H9SqOCywiVtNfs27r9jTOVOowIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK4NQvOCB5RtmD4lDZnEWfOb7lwWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcmcxQzg0SUhsRzJZUGlVTm1jUlo4NXZ1WEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEASQnmvBsLs3TllaowpO3wjpAT
67zEK/oycjSOsPmx9/Lj78j3KrisfkWjPE5PBNfFrQdGxosXRLYCnKl2yJ+FfVcf
lymldp/E9dAM7Vrm1igw5AZ7Rg6ZpeLskbnALTYvXx/5+KtlEYV51ZqPWeQlnTM8
KyGg8XzFU29JXegvoAgVdRrRJ2C1G7sQcsGj2O8UMVYg7ziW3uSAIo4zoqH8IIxS
c1unAxEm37E4qDxQIyKyRqMhsJSshyUb1kRTL7JCL9NpMC/Mpp6ubKediJCVfNgY
kQ36J4NRu4c0Ud4p6fczDg6228xUBtNVAoLECUmHEcYqMB0r2/9FNoyi8UEZDA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:47 2025 by rpki-client