Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/iU6o8UX2fMqdnVT4GPBZLMHQUVk.roa
File: iU6o8UX2fMqdnVT4GPBZLMHQUVk.roa (raw, json)
Hash identifier: L7qS2Pktcg+3MFOhFw0UCguQbXdIgIfJZ4PXXKIQFAI=
Subject key identifier: 89:4E:A8:F1:45:F6:7C:CA:9D:9D:54:F8:18:F0:59:2C:C1:D0:51:59
Certificate issuer: /CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Certificate serial: 0194228E093BADB448A8C496392B7F2E6B4A
Authority key identifier: BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/iU6o8UX2fMqdnVT4GPBZLMHQUVk.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25466
IP address blocks: 62.101.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:09:3b:ad:b4:48:a8:c4:96:39:2b:7f:2e:6b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=894ea8f145f67cca9d9d54f818f0592cc1d05159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:6e:62:b7:57:41:40:f1:e0:62:19:33:8e:
53:08:ac:37:5d:0c:ae:92:7c:32:92:9b:39:c2:d3:
4e:4c:54:3b:83:82:5e:53:ca:c9:bd:12:5a:33:a0:
5c:55:46:97:1c:d6:c2:81:58:4f:17:e5:a2:f1:29:
7b:e2:65:7a:4c:0c:ed:a8:4e:b1:3c:ec:e1:66:52:
8e:e6:21:a4:3a:a6:1d:85:07:94:03:cd:d8:6d:38:
59:a3:40:b7:e7:35:b7:51:59:64:47:a1:ab:08:9a:
e5:58:4a:ae:19:c8:95:62:ec:db:fb:6b:46:f2:a5:
0a:44:10:de:43:ba:67:0d:d2:dc:f1:22:0f:e7:57:
3f:c6:d7:66:45:9c:00:1a:3f:d6:9e:6f:59:e6:e5:
98:eb:d5:f9:b0:cf:87:55:f6:c8:b2:5f:00:f8:d9:
1b:02:14:05:61:29:2b:79:c7:26:e7:ee:88:d7:e8:
79:bf:4b:82:e3:30:28:fb:5e:48:af:19:15:fd:a0:
04:50:35:19:82:14:32:8f:e6:89:e1:62:6b:4a:41:
e8:d1:f7:0c:3e:b1:cd:9e:78:af:54:7f:c4:d0:e9:
d4:38:36:2f:a5:79:f4:11:6e:5d:81:54:5d:41:8a:
69:1e:10:27:46:19:72:2d:13:0e:0e:fe:da:d1:4d:
a9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4E:A8:F1:45:F6:7C:CA:9D:9D:54:F8:18:F0:59:2C:C1:D0:51:59
X509v3 Authority Key Identifier:
keyid:BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/iU6o8UX2fMqdnVT4GPBZLMHQUVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.101.52.0/22
Signature Algorithm: sha256WithRSAEncryption
00:ae:b2:90:29:06:ed:64:82:ca:b3:3e:9a:18:71:4f:96:77:
f5:f8:6e:6b:ac:41:ee:88:b1:d4:d8:7a:4b:b4:ae:5c:c7:43:
0d:0c:93:47:c3:fc:b2:04:23:c5:12:d2:7b:e9:0d:d0:33:c9:
33:25:0a:85:e5:11:f2:cb:50:a6:8a:9c:af:f7:f0:e5:26:da:
da:98:51:74:79:dc:0b:32:89:ff:6d:82:4f:93:1c:ed:15:08:
07:e3:cb:61:4b:f1:80:6f:41:5a:f8:8d:00:41:ea:c6:33:13:
b4:3d:cf:8f:fd:97:44:2b:ed:4e:28:4a:8c:76:b6:ed:18:13:
08:b8:64:5e:54:ab:80:60:30:1d:06:4b:37:3b:e3:9d:15:fb:
00:8c:82:4a:30:83:a5:aa:4e:e7:a4:3f:72:88:0f:64:88:c2:
cb:49:ff:a9:2b:cb:78:99:85:70:ba:48:d4:2a:cc:30:f1:36:
39:35:de:b6:a9:d8:8d:79:ce:f4:bf:d4:0a:3e:d5:94:6a:16:
10:ba:05:ff:0d:64:55:fc:fc:69:c3:32:88:72:4e:14:70:a4:
ee:56:a8:a6:2c:c4:d3:a0:2d:d1:bb:71:9e:bf:97:40:67:7b:
ab:cb:65:93:cd:c4:1d:5d:be:eb:30:62:44:81:c6:4f:2c:90:
83:e0:1c:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgk7rbRIqMSWOSt/LmtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMjgwNTk5MmU2NTMxZDNkYTMxZWUxYWY2YmNkNWMwNmQw
MmI2Y2EwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRlYThmMTQ1ZjY3Y2NhOWQ5ZDU0ZjgxOGYwNTkyY2MxZDA1MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszBuYrdXQUDx4GIZM45TCKw3XQyu
knwykps5wtNOTFQ7g4JeU8rJvRJaM6BcVUaXHNbCgVhPF+Wi8Sl74mV6TAztqE6x
POzhZlKO5iGkOqYdhQeUA83YbThZo0C35zW3UVlkR6GrCJrlWEquGciVYuzb+2tG
8qUKRBDeQ7pnDdLc8SIP51c/xtdmRZwAGj/Wnm9Z5uWY69X5sM+HVfbIsl8A+Nkb
AhQFYSkreccm5+6I1+h5v0uC4zAo+15IrxkV/aAEUDUZghQyj+aJ4WJrSkHo0fcM
PrHNnnivVH/E0OnUODYvpXn0EW5dgVRdQYppHhAnRhlyLRMODv7a0U2prQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlOqPFF9nzKnZ1U+BjwWSzB0FFZMB8GA1UdIwQY
MBaAFL8oBZkuZTHT2jHuGva81cBtArbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEt
NWQ4Mzg2NjhiZWJlLzEvaVU2bzhVWDJmTXFkblZUNEdQQlpMTUhRVVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEtNWQ4Mzg2NjhiZWJl
LzEvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPmU0MA0G
CSqGSIb3DQEBCwUAA4IBAQAArrKQKQbtZILKsz6aGHFPlnf1+G5rrEHuiLHU2HpL
tK5cx0MNDJNHw/yyBCPFEtJ76Q3QM8kzJQqF5RHyy1Cmipyv9/DlJtramFF0edwL
Mon/bYJPkxztFQgH48thS/GAb0Fa+I0AQerGMxO0Pc+P/ZdEK+1OKEqMdrbtGBMI
uGReVKuAYDAdBks3O+OdFfsAjIJKMIOlqk7npD9yiA9kiMLLSf+pK8t4mYVwukjU
Ksww8TY5Nd62qdiNec70v9QKPtWUahYQugX/DWRV/PxpwzKIck4UcKTuVqimLMTT
oC3Ru3Gev5dAZ3ury2WTzcQdXb7rMGJEgcZPLJCD4By4
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:00:39 2025 by rpki-client