Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w7STKaqKJf39__XgSlSQ3XuuKJo.roa
File: w7STKaqKJf39__XgSlSQ3XuuKJo.roa (raw, json)
Hash identifier: EQ/WjDfuhTpubpVUhRsZdOLx08AivqwJTws+SWTSZ0w=
Subject key identifier: C3:B4:93:29:AA:8A:25:FD:FD:FF:F5:E0:4A:54:90:DD:7B:AE:28:9A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019597C2F017F7A4A49B3178E0A57891427F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w7STKaqKJf39__XgSlSQ3XuuKJo.roa
Signing time: Sat 15 Mar 2025 03:04:49 +0000
ROA not before: Sat 15 Mar 2025 03:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
2001:67c:64:ffff:0:195:97c2:8260/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:97:c2:f0:17:f7:a4:a4:9b:31:78:e0:a5:78:91:42:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 03:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3b49329aa8a25fdfdfff5e04a5490dd7bae289a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:95:0f:a8:59:56:1a:56:3e:9f:d7:48:b7:48:
da:73:fa:ac:90:b7:e7:b0:f7:12:4d:dd:3a:a7:f6:
c5:be:52:c8:a4:d1:1c:ca:79:4a:ba:8a:a0:69:31:
7b:a5:67:f0:90:53:a1:cb:f8:28:30:5f:29:9e:5e:
81:2b:4a:7d:5b:ff:28:6b:19:c0:97:81:d6:0e:0f:
48:47:78:5c:28:a4:7f:58:0d:8a:6e:bc:f7:b2:84:
dd:cd:54:e2:a7:8b:58:b2:0d:f3:7a:20:d1:27:a3:
53:b9:18:5f:c5:1b:c5:06:8f:60:f5:a8:57:da:99:
4e:e2:e8:f9:72:12:31:db:08:f9:8b:b3:b3:57:4e:
51:ea:78:29:12:e0:df:19:17:7b:a8:65:79:07:ce:
82:88:2a:57:9c:31:36:50:ab:7a:08:62:3c:ca:d4:
8a:d4:58:e0:bd:1f:90:78:eb:18:aa:34:5f:0f:4b:
e6:11:a7:13:20:ef:b4:2f:2c:50:17:d1:91:31:e7:
94:18:5e:a0:22:11:2a:46:ce:07:63:62:ba:56:5b:
a1:24:76:03:02:f8:5b:f1:0c:99:6e:84:b8:05:81:
fe:24:3f:8a:de:6d:47:18:ef:90:82:f3:0d:8f:f3:
d7:ef:e1:0d:e4:95:24:b7:b5:4a:88:45:73:58:db:
ab:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B4:93:29:AA:8A:25:FD:FD:FF:F5:E0:4A:54:90:DD:7B:AE:28:9A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/w7STKaqKJf39__XgSlSQ3XuuKJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
2001:67c:64:ffff:0:195:97c2:8260/128
Signature Algorithm: sha256WithRSAEncryption
62:ee:22:29:16:27:c3:29:98:4a:0d:1b:4c:7f:02:69:29:3e:
9e:e2:89:e4:d4:49:89:cc:6c:84:88:ae:97:67:1e:98:5c:2a:
7e:3e:fd:da:22:25:f5:5f:61:26:a4:09:48:b7:8a:33:42:61:
69:ff:3b:9e:4b:07:79:e5:06:6b:23:73:f0:84:ac:00:4b:96:
c7:8e:5d:1a:b2:2a:88:83:f4:2e:73:45:8f:81:1a:e5:c4:39:
5f:7f:c9:97:14:00:aa:fe:66:ab:60:08:c8:66:46:b2:22:2f:
af:e2:4a:60:19:bb:a5:57:46:1e:e5:7c:d7:00:13:76:55:08:
5c:53:99:fc:dd:e0:4c:52:3b:8b:e7:dd:a2:8f:77:55:b1:cf:
28:1a:61:1a:28:c7:77:32:8e:13:6e:0c:46:a7:60:5d:cf:4a:
e4:62:55:46:14:a3:2d:f5:e3:cf:da:8b:5c:5d:b0:59:51:78:
69:4c:46:c1:f7:79:fb:a5:96:82:57:00:ba:a4:91:1d:fa:e9:
bb:26:9c:a0:82:cf:a4:01:0f:9a:94:30:4d:8e:12:29:41:ef:
9c:e8:22:b9:30:66:42:e6:1a:d2:04:d1:1d:bb:1d:3d:3e:eb:
e1:77:ef:15:31:62:0b:e0:d4:3a:24:da:04:ae:33:bc:97:97:
71:24:41:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWXwvAX96SkmzF44KV4kUJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MDMwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2I0OTMyOWFhOGEyNWZkZmRmZmY1ZTA0YTU0OTBkZDdiYWUyODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopUPqFlWGlY+n9dIt0jac/qskLfn
sPcSTd06p/bFvlLIpNEcynlKuoqgaTF7pWfwkFOhy/goMF8pnl6BK0p9W/8oaxnA
l4HWDg9IR3hcKKR/WA2Kbrz3soTdzVTip4tYsg3zeiDRJ6NTuRhfxRvFBo9g9ahX
2plO4uj5chIx2wj5i7OzV05R6ngpEuDfGRd7qGV5B86CiCpXnDE2UKt6CGI8ytSK
1FjgvR+QeOsYqjRfD0vmEacTIO+0LyxQF9GRMeeUGF6gIhEqRs4HY2K6VluhJHYD
Avhb8QyZboS4BYH+JD+K3m1HGO+QgvMNj/PX7+EN5JUkt7VKiEVzWNurEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMO0kymqiiX9/f/14EpUkN17riiaMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdzdTVEthcUtKZjM5X19YZ1NsU1EzWHV1S0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGVhs9jDAMRACABBnwAZP//AAABlZfCgmAwDQYJKoZIhvcNAQELBQADggEB
AGLuIikWJ8MpmEoNG0x/AmkpPp7iieTUSYnMbISIrpdnHphcKn4+/doiJfVfYSak
CUi3ijNCYWn/O55LB3nlBmsjc/CErABLlseOXRqyKoiD9C5zRY+BGuXEOV9/yZcU
AKr+ZqtgCMhmRrIiL6/iSmAZu6VXRh7lfNcAE3ZVCFxTmfzd4ExSO4vn3aKPd1Wx
zygaYRoox3cyjhNuDEanYF3PSuRiVUYUoy3148/ai1xdsFlReGlMRsH3efulloJX
ALqkkR366bsmnKCCz6QBD5qUME2OEilB75zoIrkwZkLmGtIE0R27HT0+6+F37xUx
Ygvg1Dok2gSuM7yXl3EkQRA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:01:16 2025 by rpki-client