Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xh43F0zkIwdgmTlAzqj1LygTQvM.roa
File: xh43F0zkIwdgmTlAzqj1LygTQvM.roa (raw, json)
Hash identifier: VAbrBXA4tEsr82X7Tr4cLQcOBba72gATqILRWXrz/HY=
Subject key identifier: C6:1E:37:17:4C:E4:23:07:60:99:39:40:CE:A8:F5:2F:28:13:42:F3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019439CF5E7F2A65C1A9C91E54B24EBA8055
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xh43F0zkIwdgmTlAzqj1LygTQvM.roa
Signing time: Mon 06 Jan 2025 04:11:18 +0000
ROA not before: Mon 06 Jan 2025 04:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:39:cf:5e:7f:2a:65:c1:a9:c9:1e:54:b2:4e:ba:80:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 6 04:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c61e37174ce4230760993940cea8f52f281342f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:a6:a1:2a:7c:cf:78:e9:f9:d1:fb:dc:da:
a6:3f:14:7c:dd:36:be:a7:88:f5:33:3f:a8:bc:dd:
48:56:5d:47:7a:52:35:a9:79:03:8e:ed:4c:6a:81:
a0:bf:41:b3:2d:66:ed:15:f8:32:72:68:4e:8c:c6:
d5:db:94:cb:cd:8c:2c:8b:77:82:82:3c:5a:2a:95:
78:af:64:15:b3:e9:fa:b7:41:6d:84:06:e3:10:24:
d0:20:8d:b6:2c:cf:d8:46:8d:89:6e:5d:59:f1:2e:
99:7d:4e:b1:b2:15:b1:e3:2a:60:42:32:16:fe:79:
38:8b:88:63:45:26:c6:f9:47:18:13:f9:1b:bd:06:
b0:fc:7b:23:77:80:8b:3a:d6:70:5e:70:fa:e5:74:
f0:17:8e:51:7a:2a:f1:8b:1e:f7:8b:3e:f9:79:a1:
45:57:91:af:87:09:45:76:5d:0b:c1:c8:f2:bc:1d:
07:f2:65:9d:76:a2:db:09:b0:da:78:37:09:92:0d:
e3:fc:db:c4:37:d0:7e:58:f9:d1:8a:6f:c4:05:df:
d3:57:48:77:dd:49:51:1c:ad:46:3f:f2:d3:7d:d3:
ae:2f:90:d9:83:9a:df:d9:a2:d0:96:da:24:8b:31:
8f:12:2a:18:fa:eb:59:a2:44:c7:73:41:43:84:d5:
ca:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1E:37:17:4C:E4:23:07:60:99:39:40:CE:A8:F5:2F:28:13:42:F3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xh43F0zkIwdgmTlAzqj1LygTQvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
26:12:03:26:bb:60:5d:18:20:8a:c4:49:bb:01:4b:95:9e:96:
92:17:0e:cb:24:8e:58:e8:44:7e:01:50:95:b7:c0:a8:fc:f7:
0e:bc:4d:40:f9:b8:5c:00:69:6e:54:fe:c3:6a:a3:75:b0:a2:
fc:c2:66:40:87:60:8e:bf:42:c0:bc:c1:f7:db:f3:57:17:f0:
5b:8f:9c:ac:05:05:0a:01:67:01:9c:71:5b:97:50:8e:98:c1:
93:87:ad:39:4c:a9:94:92:5b:59:72:05:3e:9e:54:f9:14:0f:
1f:e2:c8:6b:df:2e:60:2a:c7:e9:e2:2d:fd:fd:92:62:2a:60:
2c:e9:df:25:b6:17:a4:15:68:16:c0:97:74:d8:cc:c6:e1:8a:
20:db:12:d8:19:ff:c7:2b:4f:fc:7d:59:f7:80:19:13:32:e5:
ed:8b:99:af:4e:10:29:40:a1:8a:ce:85:81:ae:44:ee:11:ac:
41:d9:e3:c4:74:fb:64:7d:94:a3:52:71:40:1c:7f:e1:45:64:
db:da:5a:ed:e6:86:ca:37:04:b9:28:5a:17:dc:1a:f3:fe:99:
18:95:de:7e:38:e9:44:18:40:61:0a:dd:d4:78:c9:71:17:4b:
35:b3:1b:3a:9c:69:3e:82:c0:93:15:6b:7b:36:ea:4e:68:ae:
b4:79:6c:a5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ5z15/KmXBqckeVLJOuoBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA2MDQxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFlMzcxNzRjZTQyMzA3NjA5OTM5NDBjZWE4ZjUyZjI4MTM0MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXymoSp8z3jp+dH73NqmPxR83Ta+
p4j1Mz+ovN1IVl1HelI1qXkDju1MaoGgv0GzLWbtFfgycmhOjMbV25TLzYwsi3eC
gjxaKpV4r2QVs+n6t0FthAbjECTQII22LM/YRo2Jbl1Z8S6ZfU6xshWx4ypgQjIW
/nk4i4hjRSbG+UcYE/kbvQaw/Hsjd4CLOtZwXnD65XTwF45Reirxix73iz75eaFF
V5GvhwlFdl0LwcjyvB0H8mWddqLbCbDaeDcJkg3j/NvEN9B+WPnRim/EBd/TV0h3
3UlRHK1GP/LTfdOuL5DZg5rf2aLQltokizGPEioY+utZokTHc0FDhNXK+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMYeNxdM5CMHYJk5QM6o9S8oE0LzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveGg0M0YwemtJd2RnbVRsQXpxajFMeWdUUXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAJhIDJrtgXRggisRJuwFLlZ6W
khcOyySOWOhEfgFQlbfAqPz3DrxNQPm4XABpblT+w2qjdbCi/MJmQIdgjr9CwLzB
99vzVxfwW4+crAUFCgFnAZxxW5dQjpjBk4etOUyplJJbWXIFPp5U+RQPH+LIa98u
YCrH6eIt/f2SYipgLOnfJbYXpBVoFsCXdNjMxuGKINsS2Bn/xytP/H1Z94AZEzLl
7YuZr04QKUChis6Fga5E7hGsQdnjxHT7ZH2Uo1JxQBx/4UVk29pa7eaGyjcEuSha
F9wa8/6ZGJXefjjpRBhAYQrd1HjJcRdLNbMbOpxpPoLAkxVrezbqTmiutHlspQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:27:56 2025 by rpki-client