Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w29vj43xXOWPOR__4eXoH5z9f1c.roa
File: w29vj43xXOWPOR__4eXoH5z9f1c.roa (raw, json)
Hash identifier: XtWT7rM7qffPf8W484neDiYc1TzeXpiDjBexqPZZIEk=
Subject key identifier: C3:6F:6F:8F:8D:F1:5C:E5:8F:39:1F:FF:E1:E5:E8:1F:9C:FD:7F:57
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01944C429372A851DF33A06F63AC39965047
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w29vj43xXOWPOR__4eXoH5z9f1c.roa
Signing time: Thu 09 Jan 2025 18:10:18 +0000
ROA not before: Thu 09 Jan 2025 18:10:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4c:42:93:72:a8:51:df:33:a0:6f:63:ac:39:96:50:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 9 18:10:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c36f6f8f8df15ce58f391fffe1e5e81f9cfd7f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:34:3a:10:e0:cc:0a:c0:a3:6f:69:6a:c1:93:
c4:e8:d9:ad:17:40:e7:e6:3c:86:a4:f7:aa:08:b2:
36:6b:79:3f:07:58:df:0f:7f:b8:67:c2:2b:9a:5f:
28:45:38:09:22:b5:b2:86:5c:ef:97:ce:da:71:ae:
d8:51:05:2b:71:d4:6a:f4:1d:0d:f9:e2:f0:90:28:
2c:cc:39:b9:a2:68:dc:b3:61:87:7c:67:68:49:9a:
24:cb:e6:dc:21:92:2a:45:fb:7b:16:29:36:a2:ea:
e7:00:44:8f:6a:1e:70:c9:e2:db:0e:a3:59:4d:53:
59:72:e7:2a:7a:e8:81:8a:60:f1:5f:da:cb:e4:f1:
66:d8:d7:c0:c9:03:57:e9:fa:ff:b5:6a:c6:f4:a7:
f8:54:36:94:a9:34:bc:2e:f6:86:39:e7:0e:7b:78:
d5:6b:b0:bd:1d:03:54:dd:e5:a5:b3:26:08:58:8b:
d8:5e:32:39:d2:8b:cf:b4:e4:4d:3a:88:45:54:6a:
d3:c2:c4:bf:06:7d:35:6a:97:89:18:c0:9c:dc:22:
7d:a1:cc:82:c8:ac:64:ac:f8:91:52:33:b8:9f:cd:
03:14:c0:65:31:f1:ee:34:e3:0f:b9:4d:bd:a3:db:
10:89:4f:1b:12:78:b9:a5:97:6c:db:5b:d8:9b:84:
5a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6F:6F:8F:8D:F1:5C:E5:8F:39:1F:FF:E1:E5:E8:1F:9C:FD:7F:57
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w29vj43xXOWPOR__4eXoH5z9f1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
23:43:ab:da:01:5a:f7:00:4c:78:f8:3f:69:42:d8:7a:91:24:
07:c9:83:88:70:d3:ed:b7:b3:ce:c1:80:71:8c:17:38:db:3a:
ca:e8:41:76:ad:10:06:9e:f7:30:5c:19:18:2f:8c:11:ec:56:
9a:56:d5:ef:ac:f6:29:98:f9:ec:36:38:ea:22:25:72:68:5f:
20:46:da:6b:01:70:3d:f1:27:1c:c4:2a:85:ea:9a:38:c5:73:
f6:0f:dd:66:96:94:92:14:1d:96:21:33:a6:94:4f:ee:70:73:
15:92:d5:45:f9:7d:68:af:1f:61:7c:73:fb:64:d4:63:c8:a4:
1d:b0:18:32:1a:9e:ee:1f:ae:35:b8:2a:ff:8b:76:6d:88:35:
44:ed:e2:b5:66:16:db:05:62:8f:ba:6e:17:06:92:47:bb:12:
b7:94:63:a4:02:58:53:cd:d4:d0:1f:2e:c2:20:8a:b4:62:2a:
f4:cd:62:9c:58:01:5a:73:a7:12:b1:4a:bd:96:cd:83:64:c1:
e0:34:0f:e3:a0:1e:78:fd:bc:c2:fd:34:ad:5e:90:d4:62:4e:
b2:48:20:c0:92:a0:c9:dc:3e:de:94:0c:2d:93:f0:af:32:f1:
7a:90:f8:9b:7b:ba:f3:fc:61:c0:99:4b:74:8f:7e:26:65:f5:
7e:dc:77:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRMQpNyqFHfM6BvY6w5llBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA5MTgxMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzZmNmY4ZjhkZjE1Y2U1OGYzOTFmZmZlMWU1ZTgxZjljZmQ3ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDQ6EODMCsCjb2lqwZPE6NmtF0Dn
5jyGpPeqCLI2a3k/B1jfD3+4Z8Irml8oRTgJIrWyhlzvl87aca7YUQUrcdRq9B0N
+eLwkCgszDm5omjcs2GHfGdoSZoky+bcIZIqRft7Fik2ournAESPah5wyeLbDqNZ
TVNZcucqeuiBimDxX9rL5PFm2NfAyQNX6fr/tWrG9Kf4VDaUqTS8LvaGOecOe3jV
a7C9HQNU3eWlsyYIWIvYXjI50ovPtORNOohFVGrTwsS/Bn01apeJGMCc3CJ9ocyC
yKxkrPiRUjO4n80DFMBlMfHuNOMPuU29o9sQiU8bEni5pZds21vYm4RaWwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMNvb4+N8Vzljzkf/+Hl6B+c/X9XMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdzI5dmo0M3hYT1dQT1JfXzRlWG9INXo5ZjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAI0Or2gFa9wBMePg/aULYepEk
B8mDiHDT7bezzsGAcYwXONs6yuhBdq0QBp73MFwZGC+MEexWmlbV76z2KZj57DY4
6iIlcmhfIEbaawFwPfEnHMQqheqaOMVz9g/dZpaUkhQdliEzppRP7nBzFZLVRfl9
aK8fYXxz+2TUY8ikHbAYMhqe7h+uNbgq/4t2bYg1RO3itWYW2wVij7puFwaSR7sS
t5RjpAJYU83U0B8uwiCKtGIq9M1inFgBWnOnErFKvZbNg2TB4DQP46AeeP28wv00
rV6Q1GJOskggwJKgydw+3pQMLZPwrzLxepD4m3u68/xhwJlLdI9+JmX1ftx3ZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:11:52 2025 by rpki-client