Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vfOfMHs5i6ByNuvdM4N6zaRkpww.roa
File: vfOfMHs5i6ByNuvdM4N6zaRkpww.roa (raw, json)
Hash identifier: tG8HDezN8lk69+FQoktN6iu4+ZI893JDfBHgsBVUIyw=
Subject key identifier: BD:F3:9F:30:7B:39:8B:A0:72:36:EB:DD:33:83:7A:CD:A4:64:A7:0C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01947F8DCBE75DE55B132C709D318E6D771E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vfOfMHs5i6ByNuvdM4N6zaRkpww.roa
Signing time: Sun 19 Jan 2025 17:13:06 +0000
ROA not before: Sun 19 Jan 2025 17:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:8d:cb:e7:5d:e5:5b:13:2c:70:9d:31:8e:6d:77:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 19 17:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdf39f307b398ba07236ebdd33837acda464a70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8d:34:9e:56:c6:26:61:e0:17:bf:91:6f:e4:
29:2c:85:73:70:06:14:64:80:18:19:8f:ff:a0:97:
56:a5:71:85:c9:7e:06:21:10:b8:dc:82:18:64:33:
3a:ca:42:b0:cb:0b:25:b8:9a:63:ac:45:fd:fa:71:
62:88:7f:4b:f0:43:79:82:dc:d3:8d:9a:9d:8c:a7:
2f:fd:48:80:dd:92:28:db:24:f7:9a:fa:3c:87:d6:
3f:be:15:ad:3a:cf:19:6e:57:2d:41:ad:7e:15:14:
b9:68:86:7a:06:b9:9e:fd:40:9d:0f:5e:18:85:94:
c0:c4:2a:18:72:8f:d9:9e:6f:9b:a7:d9:b7:5c:ec:
ac:4f:a4:75:b9:d4:a7:13:25:ce:02:74:ae:ba:82:
41:b2:e4:20:1b:91:1f:a2:6c:6e:c0:77:f9:0a:a4:
d0:d3:68:a6:4a:44:55:5a:42:45:50:0e:83:ab:e2:
01:bc:79:72:8b:51:89:b9:b8:87:4f:fc:1c:d2:a8:
01:4c:d2:4b:a0:e7:d9:76:8f:26:da:84:f2:70:fd:
61:6b:a0:55:a6:47:b6:16:a3:61:7c:eb:f3:af:c8:
85:27:63:74:9e:3c:e6:3a:31:af:9e:4c:dc:d2:67:
f0:08:76:4f:7e:c5:6b:80:a9:34:c5:03:d7:91:a1:
35:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F3:9F:30:7B:39:8B:A0:72:36:EB:DD:33:83:7A:CD:A4:64:A7:0C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/vfOfMHs5i6ByNuvdM4N6zaRkpww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
78:01:de:40:26:07:13:2e:ea:e5:59:a1:ca:a0:ae:05:d3:88:
e6:8f:f8:17:57:46:bc:d8:63:e9:1c:76:28:67:4d:63:aa:4b:
98:f2:95:63:02:9f:98:55:5e:fe:db:d8:50:fa:b2:a4:e4:09:
a9:c7:c5:7f:8b:f6:df:95:ed:26:e8:39:d1:78:3d:df:94:8d:
45:9f:00:62:75:d3:80:29:28:51:bc:11:90:34:43:41:be:3c:
6a:7b:e3:37:5d:98:69:3d:72:54:64:30:75:69:2c:01:4a:d6:
54:72:34:40:72:84:ca:8e:14:63:ff:db:0c:1c:40:23:36:19:
bf:74:54:fb:d6:3e:66:38:dd:68:8b:51:6d:2d:e6:5d:26:de:
d9:a5:b7:da:f3:2e:d2:85:1b:36:2e:b3:1f:73:9e:67:07:89:
17:b1:f3:83:71:84:b4:2d:77:87:da:d2:b1:81:a9:61:38:02:
c9:9e:e3:a7:90:b2:79:cc:bb:66:d1:ca:57:58:20:c6:0b:69:
b6:b8:96:d1:5b:8f:ec:63:28:23:f1:ce:35:77:00:21:f5:d3:
c7:98:4e:6e:84:1c:a9:d6:ff:bb:bc:7f:77:5c:e3:d7:8d:f7:
fe:07:0b:e7:c5:9d:a6:cc:26:08:37:0d:17:eb:01:42:0e:78:
6a:2a:02:64
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZR/jcvnXeVbEyxwnTGObXceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE5MTcxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGYzOWYzMDdiMzk4YmEwNzIzNmViZGQzMzgzN2FjZGE0NjRhNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o00nlbGJmHgF7+Rb+QpLIVzcAYU
ZIAYGY//oJdWpXGFyX4GIRC43IIYZDM6ykKwywsluJpjrEX9+nFiiH9L8EN5gtzT
jZqdjKcv/UiA3ZIo2yT3mvo8h9Y/vhWtOs8ZblctQa1+FRS5aIZ6Brme/UCdD14Y
hZTAxCoYco/Znm+bp9m3XOysT6R1udSnEyXOAnSuuoJBsuQgG5EfomxuwHf5CqTQ
02imSkRVWkJFUA6Dq+IBvHlyi1GJubiHT/wc0qgBTNJLoOfZdo8m2oTycP1ha6BV
pke2FqNhfOvzr8iFJ2N0njzmOjGvnkzc0mfwCHZPfsVrgKk0xQPXkaE1KQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL3znzB7OYugcjbr3TODes2kZKcMMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdmZPZk1IczVpNkJ5TnV2ZE00TjZ6YVJrcHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAeAHeQCYHEy7q5VmhyqCuBdOI
5o/4F1dGvNhj6Rx2KGdNY6pLmPKVYwKfmFVe/tvYUPqypOQJqcfFf4v235XtJug5
0Xg935SNRZ8AYnXTgCkoUbwRkDRDQb48anvjN12YaT1yVGQwdWksAUrWVHI0QHKE
yo4UY//bDBxAIzYZv3RU+9Y+ZjjdaItRbS3mXSbe2aW32vMu0oUbNi6zH3OeZweJ
F7Hzg3GEtC13h9rSsYGpYTgCyZ7jp5Cyecy7ZtHKV1ggxgtptriW0VuP7GMoI/HO
NXcAIfXTx5hOboQcqdb/u7x/d1zj1433/gcL58WdpswmCDcNF+sBQg54aioCZA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:12:08 2025 by rpki-client