Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xDfEOh7lgKuBcj2u8FQFP8Uc9J8.roa
File: xDfEOh7lgKuBcj2u8FQFP8Uc9J8.roa (raw, json)
Hash identifier: GBky+EGETMku7VvQ7bfnhc7Snyj3GyJNJRF2Bmwcqbs=
Subject key identifier: C4:37:C4:3A:1E:E5:80:AB:81:72:3D:AE:F0:54:05:3F:C5:1C:F4:9F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195997FE1E81DC31332B66B6FE8990A99B8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xDfEOh7lgKuBcj2u8FQFP8Uc9J8.roa
Signing time: Sat 15 Mar 2025 11:10:49 +0000
ROA not before: Sat 15 Mar 2025 11:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:7f:e1:e8:1d:c3:13:32:b6:6b:6f:e8:99:0a:99:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 11:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c437c43a1ee580ab81723daef054053fc51cf49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:79:2f:f1:bd:18:ae:f9:00:47:59:1a:0b:
db:42:1a:4a:bd:cd:3d:e2:ca:e3:29:35:6d:f5:b9:
0d:02:43:a7:79:f8:77:be:37:a3:ff:f0:d4:be:40:
12:ba:06:f1:14:78:0c:90:5f:67:8d:92:12:29:fc:
bb:ea:0b:7f:8c:ef:2b:68:f5:13:46:5e:3a:09:44:
ea:f3:28:bb:b1:ca:05:8a:c8:2f:d6:1e:a7:47:70:
5e:ff:35:8d:a4:bd:dc:43:30:9c:86:7e:c8:79:42:
59:8d:d9:9d:e9:0d:1d:f3:73:0a:89:f5:f1:b3:61:
26:68:ea:3d:e9:67:4d:73:f6:95:a8:8f:3d:57:16:
5a:96:c3:74:e3:36:d7:69:0f:70:4b:9d:90:b7:4c:
87:83:94:ee:75:e4:04:9e:cb:fd:12:41:fb:b6:ea:
6a:30:56:f5:02:bc:b2:2e:cc:1c:db:ee:36:1d:a0:
e7:f2:45:80:f0:a9:cf:1b:6e:ae:26:21:e1:13:0b:
16:78:27:44:1a:53:5d:05:3e:ba:2a:04:00:f9:32:
94:77:52:b6:dc:8b:cd:cb:c2:a9:04:c7:f0:85:1b:
f8:54:13:40:67:45:72:c5:79:96:14:5c:29:f3:6f:
57:10:85:5d:b5:0c:c8:8f:44:a5:16:8a:cb:59:f1:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:37:C4:3A:1E:E5:80:AB:81:72:3D:AE:F0:54:05:3F:C5:1C:F4:9F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xDfEOh7lgKuBcj2u8FQFP8Uc9J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
06:f9:5d:c1:8c:83:67:d6:83:3c:f4:15:ff:93:4f:ce:d4:28:
33:a3:ad:5b:95:c0:09:8e:5d:49:b8:2e:a8:d9:70:90:99:1a:
78:6d:8f:9c:ea:6d:8d:21:21:7e:be:0e:ab:e5:ec:a9:26:88:
a8:2e:87:d6:73:b9:27:de:e8:7a:83:56:96:f0:c1:74:78:76:
0d:f7:cf:1c:68:04:29:75:c0:74:a1:10:32:5f:6a:69:c1:fa:
68:d7:3a:ab:02:4a:e6:b8:a3:6c:f4:7f:c7:4c:5a:31:d4:5e:
f6:a8:01:ce:e9:a1:f9:25:0a:71:51:8d:24:f4:dd:d5:59:85:
ae:ce:a0:ff:18:99:ff:89:c3:aa:0b:28:c0:78:df:b2:50:41:
5d:fa:02:9b:cf:fd:bd:31:e3:53:d3:ea:ca:b7:26:26:be:e6:
15:4f:8f:d0:6d:ef:4d:db:a6:31:b4:29:37:fe:44:05:f8:a5:
3b:4b:20:82:e6:50:01:e9:bd:d1:ee:fd:68:c3:8c:f1:e2:9f:
cf:24:69:5a:e5:ed:04:eb:46:2c:2e:49:6e:36:ee:f9:49:4e:
b5:e2:71:18:31:d7:76:e9:de:62:06:dd:10:2e:8f:1a:cc:92:
15:62:c1:07:5b:2d:b3:5f:e3:53:14:7a:06:42:4e:25:45:4b:
f6:6a:b3:57
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWZf+HoHcMTMrZrb+iZCpm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MTExMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDM3YzQzYTFlZTU4MGFiODE3MjNkYWVmMDU0MDUzZmM1MWNmNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbR5L/G9GK75AEdZGgvbQhpKvc09
4srjKTVt9bkNAkOnefh3vjej//DUvkASugbxFHgMkF9njZISKfy76gt/jO8raPUT
Rl46CUTq8yi7scoFisgv1h6nR3Be/zWNpL3cQzCchn7IeUJZjdmd6Q0d83MKifXx
s2EmaOo96WdNc/aVqI89VxZalsN04zbXaQ9wS52Qt0yHg5TudeQEnsv9EkH7tupq
MFb1AryyLswc2+42HaDn8kWA8KnPG26uJiHhEwsWeCdEGlNdBT66KgQA+TKUd1K2
3IvNy8KpBMfwhRv4VBNAZ0VyxXmWFFwp829XEIVdtQzIj0SlForLWfHywQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMQ3xDoe5YCrgXI9rvBUBT/FHPSfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveERmRU9oN2xnS3VCY2oydThGUUZQOFVjOUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEABvldwYyDZ9aDPPQV/5NPztQo
M6OtW5XACY5dSbguqNlwkJkaeG2PnOptjSEhfr4Oq+XsqSaIqC6H1nO5J97oeoNW
lvDBdHh2DffPHGgEKXXAdKEQMl9qacH6aNc6qwJK5rijbPR/x0xaMdRe9qgBzumh
+SUKcVGNJPTd1VmFrs6g/xiZ/4nDqgsowHjfslBBXfoCm8/9vTHjU9PqyrcmJr7m
FU+P0G3vTdumMbQpN/5EBfilO0sgguZQAem90e79aMOM8eKfzyRpWuXtBOtGLC5J
bjbu+UlOteJxGDHXduneYgbdEC6PGsySFWLBB1sts1/jUxR6BkJOJUVL9mqzVw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:04:39 2025 by rpki-client