Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/v3kWLI6LKYMZp514oWUUilbdhb0.roa
File: v3kWLI6LKYMZp514oWUUilbdhb0.roa (raw, json)
Hash identifier: 2bRV8m/1rTcUbhfS83V4aZEcV7uHiIDUOe3ZNgudwtA=
Subject key identifier: BF:79:16:2C:8E:8B:29:83:19:A7:9D:78:A1:65:14:8A:56:DD:85:BD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019440E507ED10AE183FCAD1E1A6CFA20C9E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/v3kWLI6LKYMZp514oWUUilbdhb0.roa
Signing time: Tue 07 Jan 2025 13:12:19 +0000
ROA not before: Tue 07 Jan 2025 13:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:e5:07:ed:10:ae:18:3f:ca:d1:e1:a6:cf:a2:0c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 13:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf79162c8e8b298319a79d78a165148a56dd85bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:71:ff:be:7a:75:13:11:4d:84:58:77:c9:
47:3e:c8:d5:da:67:68:32:4c:f1:3f:72:4b:49:55:
ff:b1:32:c2:9d:66:a7:e3:69:a4:59:28:a2:3b:d4:
7f:bc:b9:55:af:eb:20:64:02:f6:2a:c5:e7:ac:d9:
6c:f7:0b:1d:bd:ab:be:b7:f4:03:f9:f9:6f:2e:d2:
5c:d7:9d:93:56:95:0c:62:96:4f:9a:2d:65:5e:2e:
47:66:fa:56:97:68:79:72:7c:f6:ff:0e:a5:37:6a:
10:e2:6c:ef:8e:d5:2a:53:0b:82:3f:2f:10:99:dd:
a1:04:18:d7:75:94:b3:5a:d7:07:26:ee:4e:71:68:
b6:fd:b7:b3:fe:44:f6:c9:e5:cc:d5:0a:3e:a4:3d:
0e:3c:32:e3:ab:d6:64:78:cb:02:f5:40:8d:c4:54:
97:0f:76:7c:aa:c3:00:cc:66:00:30:cf:ed:11:0a:
7b:4e:8a:b7:47:85:1c:d9:82:6b:6f:8d:0f:d0:1d:
8f:f0:f1:3d:07:a7:ab:fe:ef:1f:cc:9a:a6:47:04:
04:5b:46:33:1f:82:51:08:00:92:43:5d:d2:24:7a:
60:7d:c1:0d:62:07:3b:19:96:0c:39:02:3d:a2:1a:
8c:24:d4:e3:b7:d3:6d:61:9f:9d:6b:5f:5c:24:a5:
74:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:79:16:2C:8E:8B:29:83:19:A7:9D:78:A1:65:14:8A:56:DD:85:BD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/v3kWLI6LKYMZp514oWUUilbdhb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
82:2b:a4:f8:3e:16:7b:d6:fd:c6:d0:aa:a3:26:f1:bb:1b:f9:
b8:df:66:30:f5:99:f7:cc:f2:25:ff:cc:4f:23:3b:bb:28:35:
6c:7e:d7:bc:f7:92:8d:59:ff:39:16:ba:5e:e7:8b:27:aa:19:
bd:5e:04:1f:df:57:d1:14:e6:b6:e6:1b:af:b3:43:20:7e:22:
2d:cd:1e:5d:60:03:4e:de:ad:c1:37:8e:d5:dc:df:6b:a7:0f:
e9:5a:ad:81:71:d7:54:37:d7:d5:3c:56:5b:71:ad:44:2c:ff:
a5:07:83:7c:f3:ac:1c:9d:88:34:db:65:08:53:16:78:77:77:
25:03:0c:90:9a:8c:60:d6:75:dc:40:09:e3:b3:3f:d6:53:38:
29:3a:7e:44:9e:26:40:a8:21:6e:8c:51:9f:ba:0a:9b:e3:dc:
f1:ce:95:11:77:34:b8:3c:14:7b:5b:b8:1a:ef:2d:71:80:e9:
0e:ac:95:a0:9e:0e:2e:25:77:86:4a:54:e4:a0:9c:5c:33:4e:
a1:85:08:c7:17:6a:18:db:48:09:28:47:46:cb:94:28:85:44:
e2:38:39:19:ae:c2:20:40:62:32:e3:04:8f:34:30:17:72:c9:
51:45:c0:1c:1a:db:9d:6b:e0:50:9f:a5:ed:1f:09:b3:4c:72:
cf:2a:40:d6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRA5QftEK4YP8rR4abPogyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MTMxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc5MTYyYzhlOGIyOTgzMTlhNzlkNzhhMTY1MTQ4YTU2ZGQ4NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo71x/756dRMRTYRYd8lHPsjV2mdo
MkzxP3JLSVX/sTLCnWan42mkWSiiO9R/vLlVr+sgZAL2KsXnrNls9wsdvau+t/QD
+flvLtJc152TVpUMYpZPmi1lXi5HZvpWl2h5cnz2/w6lN2oQ4mzvjtUqUwuCPy8Q
md2hBBjXdZSzWtcHJu5OcWi2/bez/kT2yeXM1Qo+pD0OPDLjq9ZkeMsC9UCNxFSX
D3Z8qsMAzGYAMM/tEQp7Toq3R4Uc2YJrb40P0B2P8PE9B6er/u8fzJqmRwQEW0Yz
H4JRCACSQ13SJHpgfcENYgc7GZYMOQI9ohqMJNTjt9NtYZ+da19cJKV0kwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL95FiyOiymDGaedeKFlFIpW3YW9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdjNrV0xJNkxLWU1acDUxNG9XVVVpbGJkaGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAgiuk+D4We9b9xtCqoybxuxv5
uN9mMPWZ98zyJf/MTyM7uyg1bH7XvPeSjVn/ORa6XueLJ6oZvV4EH99X0RTmtuYb
r7NDIH4iLc0eXWADTt6twTeO1dzfa6cP6VqtgXHXVDfX1TxWW3GtRCz/pQeDfPOs
HJ2INNtlCFMWeHd3JQMMkJqMYNZ13EAJ47M/1lM4KTp+RJ4mQKghboxRn7oKm+Pc
8c6VEXc0uDwUe1u4Gu8tcYDpDqyVoJ4OLiV3hkpU5KCcXDNOoYUIxxdqGNtICShH
RsuUKIVE4jg5Ga7CIEBiMuMEjzQwF3LJUUXAHBrbnWvgUJ+l7R8Js0xyzypA1g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:02:56 2025 by rpki-client