Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uxdXp7q5bJ9597hU-162_4vx3hw.roa
File: uxdXp7q5bJ9597hU-162_4vx3hw.roa (raw, json)
Hash identifier: edcRN5gpsoztzzZbWFdTiOpjKUbcLDoU+LuGIQbINMc=
Subject key identifier: BB:17:57:A7:BA:B9:6C:9F:79:F7:B8:54:FB:5E:B6:FF:8B:F1:DE:1C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019463DDDC4ABDDDE644F5AAC60CC49F28AA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uxdXp7q5bJ9597hU-162_4vx3hw.roa
Signing time: Tue 14 Jan 2025 08:11:11 +0000
ROA not before: Tue 14 Jan 2025 08:11:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:63:dd:dc:4a:bd:dd:e6:44:f5:aa:c6:0c:c4:9f:28:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 14 08:11:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb1757a7bab96c9f79f7b854fb5eb6ff8bf1de1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e3:79:73:74:25:4b:8b:24:d9:73:ff:aa:4a:
ca:9b:b0:b9:93:7a:0c:4f:14:d6:13:ed:d0:6d:c9:
38:3c:46:13:14:19:08:a1:ba:23:fb:91:5e:c5:ef:
02:1b:46:52:ef:cd:9a:4c:68:e9:69:62:a3:17:95:
4a:a8:f8:36:ab:9a:5f:c6:11:c0:f2:22:d9:5d:64:
93:b3:8c:a1:e0:16:ff:9f:d8:b0:aa:ba:fa:35:61:
91:18:7c:81:3e:1c:f6:38:1e:2b:41:70:3f:b2:b4:
c9:8e:a0:70:32:63:f0:41:7b:3b:65:8f:c7:1d:e2:
1f:72:e9:aa:e2:77:4d:4a:b5:6f:d9:e2:fc:50:7f:
72:a0:c9:ae:ee:ca:18:a7:27:ba:b1:10:65:00:93:
02:47:13:68:3b:20:b1:ca:76:89:e9:5f:f7:3b:d5:
1b:83:e5:fe:86:d4:29:c9:46:46:59:4f:9e:d7:41:
8d:31:4b:fd:2c:04:ba:2a:f3:bb:d9:74:b6:60:dd:
68:9b:36:56:19:98:88:0d:cf:01:1f:96:71:2d:1d:
a2:ee:32:c8:e7:5e:32:79:8f:6a:a7:14:cf:6c:83:
d7:a3:ed:02:04:33:03:1c:bb:57:14:b4:dc:35:f4:
ef:ff:72:00:4a:fd:d5:d6:cb:4b:eb:22:2e:ff:36:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:17:57:A7:BA:B9:6C:9F:79:F7:B8:54:FB:5E:B6:FF:8B:F1:DE:1C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uxdXp7q5bJ9597hU-162_4vx3hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
42:9b:2d:df:2b:ca:79:cb:9d:b1:c0:0d:d2:9d:f9:f2:b8:c9:
9d:91:be:8b:39:85:25:d3:44:02:4d:67:ec:85:a1:7b:ad:68:
a6:e5:75:5b:2b:39:9b:dd:c2:ac:76:1a:d2:43:f8:56:5b:ac:
8a:f2:1f:a1:ca:70:55:06:65:32:28:ca:63:b8:e0:bd:94:5d:
a4:32:7d:35:fa:06:b1:ae:a9:a4:15:e5:b8:57:b8:55:76:95:
26:d6:5e:be:1c:4b:8f:e3:14:02:d9:d7:41:b1:cc:ab:a6:20:
9b:71:4b:17:4e:0f:cb:4a:0c:80:1a:ea:e5:6c:81:30:7e:e7:
b7:7d:bf:52:4e:e5:6a:13:70:90:3e:78:d2:4e:b7:12:41:d8:
a2:f6:13:05:bd:33:0c:99:d3:1b:b1:e2:eb:c0:c3:8a:d4:b5:
c6:b3:85:33:01:79:2f:19:47:f6:27:c4:0a:47:eb:bd:e8:16:
da:87:2e:58:d5:57:cb:2e:16:6a:24:f6:34:9e:04:3f:65:0b:
62:e3:3e:4e:ad:47:52:1e:be:91:4c:24:c4:3b:1a:ea:cd:70:
0a:de:78:39:a9:26:05:97:9e:31:fb:15:c4:cd:ff:cf:98:b7:
ce:8c:89:7f:7b:c6:7f:78:31:f7:e8:b5:ce:27:30:a6:eb:c3:
e9:10:b9:cf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRj3dxKvd3mRPWqxgzEnyiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE0MDgxMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjE3NTdhN2JhYjk2YzlmNzlmN2I4NTRmYjVlYjZmZjhiZjFkZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouN5c3QlS4sk2XP/qkrKm7C5k3oM
TxTWE+3Qbck4PEYTFBkIoboj+5Fexe8CG0ZS782aTGjpaWKjF5VKqPg2q5pfxhHA
8iLZXWSTs4yh4Bb/n9iwqrr6NWGRGHyBPhz2OB4rQXA/srTJjqBwMmPwQXs7ZY/H
HeIfcumq4ndNSrVv2eL8UH9yoMmu7soYpye6sRBlAJMCRxNoOyCxynaJ6V/3O9Ub
g+X+htQpyUZGWU+e10GNMUv9LAS6KvO72XS2YN1omzZWGZiIDc8BH5ZxLR2i7jLI
514yeY9qpxTPbIPXo+0CBDMDHLtXFLTcNfTv/3IASv3V1stL6yIu/zYDEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLsXV6e6uWyfefe4VPtetv+L8d4cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdXhkWHA3cTViSjk1OTdoVS0xNjJfNHZ4M2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAQpst3yvKecudscAN0p358rjJ
nZG+izmFJdNEAk1n7IWhe61opuV1Wys5m93CrHYa0kP4VlusivIfocpwVQZlMijK
Y7jgvZRdpDJ9NfoGsa6ppBXluFe4VXaVJtZevhxLj+MUAtnXQbHMq6Ygm3FLF04P
y0oMgBrq5WyBMH7nt32/Uk7lahNwkD540k63EkHYovYTBb0zDJnTG7Hi68DDitS1
xrOFMwF5LxlH9ifECkfrvegW2ocuWNVXyy4WaiT2NJ4EP2ULYuM+Tq1HUh6+kUwk
xDsa6s1wCt54OakmBZeeMfsVxM3/z5i3zoyJf3vGf3gx9+i1zicwpuvD6RC5zw==
-----END CERTIFICATE-----
Generated at Tue Jun 17 10:35:24 2025 by rpki-client