Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xW0en1GzkvK6okSsOQs_7lJmNfs.roa
File: xW0en1GzkvK6okSsOQs_7lJmNfs.roa (raw, json)
Hash identifier: 7rwapt5fsj2390gBS180ggYjaSecMWGw48nJsWDPzE4=
Subject key identifier: C5:6D:1E:9F:51:B3:92:F2:BA:A2:44:AC:39:0B:3F:EE:52:66:35:FB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01944604FA93E714972FA9516D623952B04A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xW0en1GzkvK6okSsOQs_7lJmNfs.roa
Signing time: Wed 08 Jan 2025 13:05:18 +0000
ROA not before: Wed 08 Jan 2025 13:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:4604:3351/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:04:fa:93:e7:14:97:2f:a9:51:6d:62:39:52:b0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 8 13:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c56d1e9f51b392f2baa244ac390b3fee526635fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:49:96:35:de:11:a8:44:ad:ef:41:79:91:c1:
f7:80:0f:00:31:31:8c:c5:5d:41:51:6f:52:89:0f:
e1:bd:83:33:11:96:82:44:b0:39:be:ae:9c:69:6d:
02:1b:52:ce:33:94:2f:d1:29:fa:70:f6:7c:bd:a0:
ff:72:c8:57:a3:89:a1:f4:2c:1a:53:3c:b7:27:80:
77:bc:75:b9:ba:19:ba:f0:30:dc:da:ec:a1:b7:85:
e1:d5:cf:8a:cc:03:50:35:76:5b:cf:09:9d:a5:88:
03:99:76:45:44:19:64:3e:07:c6:9c:43:94:eb:de:
53:b8:96:a5:54:98:65:4b:e8:85:b3:b2:67:4a:44:
e1:5d:34:0d:95:eb:a0:ad:39:f0:19:ad:b0:56:c3:
94:94:f5:c6:0d:34:a5:0a:22:b9:96:23:93:88:80:
e9:5f:16:ae:73:ec:eb:00:3b:b9:15:10:1d:8c:52:
f4:70:44:aa:1e:34:fb:cc:e7:b2:f4:24:ea:0f:3f:
c0:93:1a:c5:d0:32:25:bd:02:a9:91:fe:4d:0d:11:
42:3a:5d:b5:c2:2b:cd:9a:31:4b:34:78:02:2f:1b:
95:88:04:4f:4a:3a:b0:d5:b8:b0:b5:c2:18:60:44:
04:e9:ad:fe:a5:60:37:78:67:11:bc:0f:28:3a:6b:
7c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6D:1E:9F:51:B3:92:F2:BA:A2:44:AC:39:0B:3F:EE:52:66:35:FB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xW0en1GzkvK6okSsOQs_7lJmNfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:4604:3351/128
Signature Algorithm: sha256WithRSAEncryption
70:ae:d6:06:81:43:28:13:9a:e4:29:59:f4:80:59:f3:19:e6:
fa:ce:03:65:82:68:3a:d8:26:84:6d:6e:96:55:b8:7a:b4:ae:
eb:33:cb:a3:1f:92:4e:ba:18:4d:01:75:3a:ad:91:57:3b:8f:
84:6d:ee:c9:e9:04:1b:7a:7f:7e:f0:d4:8e:9d:c1:f4:c3:2e:
d6:d9:5d:45:22:36:27:79:02:29:87:bf:4b:1f:25:9d:ff:39:
54:f3:98:79:4d:2b:87:b2:c9:fa:31:9d:49:ca:76:11:f6:19:
7a:4b:c3:16:19:40:49:b2:af:9b:9d:72:a7:3b:55:4c:49:a2:
48:a4:77:78:69:4a:42:d4:fb:ec:0b:6e:91:1b:20:a7:29:a2:
00:72:36:a4:6d:a7:00:0a:ea:84:39:a1:e8:6d:ce:ae:26:d5:
92:57:04:25:5e:71:ad:af:67:d0:26:4e:af:c4:4e:17:cb:fb:
02:aa:22:0d:4f:8e:69:f4:e7:65:6a:d8:1f:71:54:5e:60:1c:
c3:95:0c:56:80:a0:02:ff:6e:2e:24:e2:bf:85:03:7f:90:2f:
53:3d:cd:94:b2:05:89:19:41:1c:3e:57:b8:7c:b8:f8:28:35:
98:e9:b5:dc:20:5e:d4:53:94:7c:86:3f:b8:dd:6f:38:72:0a:
3c:92:c9:09
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRGBPqT5xSXL6lRbWI5UrBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA4MTMwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZkMWU5ZjUxYjM5MmYyYmFhMjQ0YWMzOTBiM2ZlZTUyNjYzNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkmWNd4RqESt70F5kcH3gA8AMTGM
xV1BUW9SiQ/hvYMzEZaCRLA5vq6caW0CG1LOM5Qv0Sn6cPZ8vaD/cshXo4mh9Cwa
Uzy3J4B3vHW5uhm68DDc2uyht4Xh1c+KzANQNXZbzwmdpYgDmXZFRBlkPgfGnEOU
695TuJalVJhlS+iFs7JnSkThXTQNleugrTnwGa2wVsOUlPXGDTSlCiK5liOTiIDp
Xxauc+zrADu5FRAdjFL0cESqHjT7zOey9CTqDz/AkxrF0DIlvQKpkf5NDRFCOl21
wivNmjFLNHgCLxuViARPSjqw1biwtcIYYEQE6a3+pWA3eGcRvA8oOmt8UwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMVtHp9Rs5LyuqJErDkLP+5SZjX7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveFcwZW4xR3prdks2b2tTc09Rc183bEptTmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlEYEM1EwDQYJKoZIhvcNAQELBQADggEB
AHCu1gaBQygTmuQpWfSAWfMZ5vrOA2WCaDrYJoRtbpZVuHq0ruszy6Mfkk66GE0B
dTqtkVc7j4Rt7snpBBt6f37w1I6dwfTDLtbZXUUiNid5AimHv0sfJZ3/OVTzmHlN
K4eyyfoxnUnKdhH2GXpLwxYZQEmyr5udcqc7VUxJokikd3hpSkLU++wLbpEbIKcp
ogByNqRtpwAK6oQ5oehtzq4m1ZJXBCVeca2vZ9AmTq/EThfL+wKqIg1Pjmn052Vq
2B9xVF5gHMOVDFaAoAL/bi4k4r+FA3+QL1M9zZSyBYkZQRw+V7h8uPgoNZjptdwg
XtRTlHyGP7jdbzhyCjySyQk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:09 2025 by rpki-client