Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkoXib7d_haHEUk2k6gzJllrLig.roa
File: tkoXib7d_haHEUk2k6gzJllrLig.roa (raw, json)
Hash identifier: c8z196q5hcEkN9g0TKo88hwBphF68Vrkm6Z23Zdxzwk=
Subject key identifier: B6:4A:17:89:BE:DD:FE:16:87:11:49:36:93:A8:33:26:59:6B:2E:28
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943818D5D2B3F22058308EC6462EF1DDF7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkoXib7d_haHEUk2k6gzJllrLig.roa
Signing time: Sun 05 Jan 2025 20:12:19 +0000
ROA not before: Sun 05 Jan 2025 20:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:38:18:d5:d2:b3:f2:20:58:30:8e:c6:46:2e:f1:dd:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 5 20:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b64a1789beddfe168711493693a83326596b2e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:62:71:b0:cb:8c:c4:28:d9:63:ec:f0:00:3e:
6c:9d:5c:26:6b:6d:47:7c:42:fb:28:6e:48:38:3d:
f4:5f:b8:92:a8:83:3b:92:fa:33:f3:4b:93:d6:d6:
48:b9:36:be:7a:79:6c:c3:0a:28:da:7b:fe:30:68:
91:7a:88:c2:4a:96:79:46:66:32:bf:a1:ea:31:b6:
0f:9a:9d:31:8c:14:07:9b:61:94:c1:6a:f7:e6:85:
de:f3:61:7a:29:9a:78:02:ee:a7:95:85:48:42:42:
07:1c:d0:51:e5:44:d2:69:77:41:a8:71:13:22:2e:
eb:2b:43:82:5d:8a:e5:0e:80:36:6d:72:45:c8:29:
c3:e2:00:ca:9b:6a:fc:7d:aa:a2:0b:6a:11:23:e3:
47:1a:4a:e3:ba:92:0e:0d:00:ec:1d:b9:2f:47:3c:
ec:23:cd:98:cc:b8:2c:4f:10:fe:51:09:ae:2c:7d:
72:e7:d3:9d:d7:64:fe:44:4e:94:65:84:99:05:1d:
83:04:b3:35:f8:75:5d:61:76:15:73:f5:88:20:e8:
fd:9f:72:6f:d7:51:d5:94:01:c9:3f:6b:69:6f:42:
3a:e6:a4:e9:d6:6d:ac:1e:08:83:cc:02:ad:99:1d:
0e:55:16:c4:7e:f3:38:03:8f:10:6f:92:4d:b8:e4:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4A:17:89:BE:DD:FE:16:87:11:49:36:93:A8:33:26:59:6B:2E:28
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tkoXib7d_haHEUk2k6gzJllrLig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
25:96:58:0d:09:83:d4:7d:a9:86:19:bf:83:a8:c9:68:f7:f6:
ff:7e:86:fc:ff:42:1d:f8:36:f4:4d:a0:ca:b2:46:b9:c4:b9:
d2:a6:23:a2:a4:51:38:a5:11:1a:11:2c:24:39:89:fb:bc:69:
5e:81:99:ff:31:22:2b:a1:38:6d:3c:7d:02:fe:2e:e1:21:d5:
ff:66:d5:d2:9f:08:01:2e:f1:9b:00:f2:8d:a2:d1:c0:53:94:
89:b7:20:49:26:d1:b0:07:e2:7a:7d:a3:b0:38:82:34:ea:23:
d0:7c:e9:9d:ea:4e:eb:f3:40:40:dc:63:af:14:28:86:fd:6e:
e5:c8:7a:08:8e:00:c4:01:3d:6d:f7:4b:b2:ef:21:fa:a4:17:
d4:66:67:a2:dd:11:13:7b:d0:53:98:4a:77:6e:43:72:ea:2e:
9f:c0:95:10:8e:e2:b4:80:da:0b:38:77:87:e8:f5:d3:5a:d7:
a3:15:c3:21:a2:35:49:8b:30:26:3a:7e:b9:ae:9e:6f:68:2b:
fe:2d:c1:b6:a2:08:ac:1d:67:67:99:fd:78:d9:9c:0f:73:61:
76:d5:c4:4f:cd:1f:0c:7f:61:0e:d1:c4:e3:ee:38:c6:79:ee:
8b:0b:18:e7:fc:0c:a6:3c:f3:a9:44:ef:05:38:97:fc:d4:9f:
58:c8:97:89
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ4GNXSs/IgWDCOxkYu8d33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA1MjAxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRhMTc4OWJlZGRmZTE2ODcxMTQ5MzY5M2E4MzMyNjU5NmIyZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGJxsMuMxCjZY+zwAD5snVwma21H
fEL7KG5IOD30X7iSqIM7kvoz80uT1tZIuTa+enlswwoo2nv+MGiReojCSpZ5RmYy
v6HqMbYPmp0xjBQHm2GUwWr35oXe82F6KZp4Au6nlYVIQkIHHNBR5UTSaXdBqHET
Ii7rK0OCXYrlDoA2bXJFyCnD4gDKm2r8faqiC2oRI+NHGkrjupIODQDsHbkvRzzs
I82YzLgsTxD+UQmuLH1y59Od12T+RE6UZYSZBR2DBLM1+HVdYXYVc/WIIOj9n3Jv
11HVlAHJP2tpb0I65qTp1m2sHgiDzAKtmR0OVRbEfvM4A48Qb5JNuOQdQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLZKF4m+3f4WhxFJNpOoMyZZay4oMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdGtvWGliN2RfaGFIRVVrMms2Z3pKbGxyTGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAJZZYDQmD1H2phhm/g6jJaPf2
/36G/P9CHfg29E2gyrJGucS50qYjoqRROKURGhEsJDmJ+7xpXoGZ/zEiK6E4bTx9
Av4u4SHV/2bV0p8IAS7xmwDyjaLRwFOUibcgSSbRsAfien2jsDiCNOoj0HzpnepO
6/NAQNxjrxQohv1u5ch6CI4AxAE9bfdLsu8h+qQX1GZnot0RE3vQU5hKd25Dcuou
n8CVEI7itIDaCzh3h+j101rXoxXDIaI1SYswJjp+ua6eb2gr/i3BtqIIrB1nZ5n9
eNmcD3NhdtXET80fDH9hDtHE4+44xnnuiwsY5/wMpjzzqUTvBTiX/NSfWMiXiQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:15 2025 by rpki-client