Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f2fc0e-bbb9-4924-a89c-7620db279962/1/lVJpe260qGX3e6stTFn772vx8lk.roa
File: lVJpe260qGX3e6stTFn772vx8lk.roa (raw, json)
Hash identifier: yoxYAKlvQPYmMi4Wc+00BZ6o5xl5cSxpwL5SfaGUG28=
Subject key identifier: 95:52:69:7B:6E:B4:A8:65:F7:7B:AB:2D:4C:59:FB:EF:6B:F1:F2:59
Certificate issuer: /CN=aa85e9da2227345c18abd7e75272f81c29b30d1b
Certificate serial: 01942745DA4E0BD800E233E4DB62E936588A
Authority key identifier: AA:85:E9:DA:22:27:34:5C:18:AB:D7:E7:52:72:F8:1C:29:B3:0D:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoXp2iInNFwYq9fnUnL4HCmzDRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f2fc0e-bbb9-4924-a89c-7620db279962/1/lVJpe260qGX3e6stTFn772vx8lk.roa
Signing time: Thu 02 Jan 2025 13:47:56 +0000
ROA not before: Thu 02 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 2001:67c:198::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:da:4e:0b:d8:00:e2:33:e4:db:62:e9:36:58:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa85e9da2227345c18abd7e75272f81c29b30d1b
Validity
Not Before: Jan 2 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9552697b6eb4a865f77bab2d4c59fbef6bf1f259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:df:b4:62:68:fa:dd:63:7a:68:c1:17:8b:
2e:4d:d6:d4:4b:7b:63:3d:b7:20:a4:29:37:0a:c8:
a4:81:a3:4e:92:82:0f:0a:de:27:dd:f7:ce:f3:17:
e8:3a:8d:87:47:15:19:cd:79:bf:57:da:9e:13:32:
d1:3c:a6:8b:8c:93:6a:a3:73:e1:28:46:79:1c:dc:
0e:02:3b:99:bf:64:85:c2:d5:3d:b8:ef:69:79:ab:
d4:64:d3:e4:b3:6a:67:c2:8a:d3:f1:73:27:06:af:
33:3e:60:b0:b8:fc:61:3a:00:ca:96:76:0f:de:63:
68:ba:6a:26:bd:83:3b:83:e0:05:03:df:99:7b:7b:
6a:2e:13:98:1b:39:b6:20:50:90:1a:70:b2:df:c2:
25:bd:d1:3e:28:75:6e:d2:22:98:5a:a7:e5:d9:4a:
a7:96:80:92:40:5d:1e:97:3e:04:4e:59:71:3f:fd:
a6:75:db:05:9c:01:d5:ad:17:c4:d8:96:f0:6f:22:
e9:86:c5:94:cf:a1:77:7e:33:bd:37:fe:5b:29:f9:
b9:ea:d3:5a:76:af:fa:e4:97:27:01:73:16:ff:82:
45:e1:a3:0e:8c:ef:9a:40:be:fb:2c:ad:68:db:ac:
a2:07:8c:0a:50:84:b7:65:b8:d2:e8:2e:38:89:fa:
2d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:52:69:7B:6E:B4:A8:65:F7:7B:AB:2D:4C:59:FB:EF:6B:F1:F2:59
X509v3 Authority Key Identifier:
keyid:AA:85:E9:DA:22:27:34:5C:18:AB:D7:E7:52:72:F8:1C:29:B3:0D:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoXp2iInNFwYq9fnUnL4HCmzDRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f2fc0e-bbb9-4924-a89c-7620db279962/1/lVJpe260qGX3e6stTFn772vx8lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f2fc0e-bbb9-4924-a89c-7620db279962/1/qoXp2iInNFwYq9fnUnL4HCmzDRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:198::/48
Signature Algorithm: sha256WithRSAEncryption
2f:b4:2f:d5:bf:df:79:b7:79:a1:2c:54:73:6c:75:24:6f:41:
3b:90:e9:e6:15:66:ac:50:a1:40:76:98:df:b2:a9:38:06:7f:
0d:6b:d3:48:9b:54:39:13:ee:7f:e8:ae:10:2e:fd:dc:fd:a9:
d6:7f:fa:72:b3:ed:3c:74:2e:6b:1e:8c:71:f6:00:06:71:8b:
54:25:5b:c1:7d:d9:35:eb:7a:ea:90:a5:e1:54:78:0e:14:05:
32:92:98:0a:30:5c:e3:15:25:3a:72:21:b2:d6:37:9e:14:75:
3d:15:ed:f6:66:fc:1b:a7:36:0c:87:9b:b7:26:98:23:14:fc:
ee:e5:60:ea:d8:af:f6:89:e5:ff:81:4e:43:d5:7d:bc:2a:26:
a9:28:b4:9a:a2:96:81:ed:f4:d4:4d:84:a1:f3:99:a6:86:b8:
85:d1:28:45:ab:ed:57:fc:60:f4:02:96:68:c8:a5:e6:87:49:
b2:78:2f:e7:94:5a:e0:d0:3e:c5:7b:27:40:9b:ca:c2:81:72:
76:2b:82:68:98:6d:33:f1:5e:b4:ee:4b:40:90:d1:e4:8d:35:
47:77:43:99:7d:40:65:4f:bb:67:e6:17:e9:6d:44:a1:73:94:
d3:b4:d0:88:5e:fb:b9:d3:41:c6:e4:64:63:00:9d:f1:65:58:
3a:16:a7:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRdpOC9gA4jPk22LpNliKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODVlOWRhMjIyNzM0NWMxOGFiZDdlNzUyNzJmODFjMjli
MzBkMWIwHhcNMjUwMTAyMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTUyNjk3YjZlYjRhODY1Zjc3YmFiMmQ0YzU5ZmJlZjZiZjFmMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWPftGJo+t1jemjBF4suTdbUS3tj
PbcgpCk3CsikgaNOkoIPCt4n3ffO8xfoOo2HRxUZzXm/V9qeEzLRPKaLjJNqo3Ph
KEZ5HNwOAjuZv2SFwtU9uO9peavUZNPks2pnworT8XMnBq8zPmCwuPxhOgDKlnYP
3mNoumomvYM7g+AFA9+Ze3tqLhOYGzm2IFCQGnCy38IlvdE+KHVu0iKYWqfl2Uqn
loCSQF0elz4ETllxP/2mddsFnAHVrRfE2JbwbyLphsWUz6F3fjO9N/5bKfm56tNa
dq/65JcnAXMW/4JF4aMOjO+aQL77LK1o26yiB4wKUIS3ZbjS6C44ifotQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJVSaXtutKhl93urLUxZ++9r8fJZMB8GA1UdIwQY
MBaAFKqF6doiJzRcGKvX51Jy+Bwpsw0bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9YcDJpSW5ORndZcTlmblVuTDRIQ216RFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mMmZjMGUtYmJiOS00OTI0LWE4OWMt
NzYyMGRiMjc5OTYyLzEvbFZKcGUyNjBxR1gzZTZzdFRGbjc3MnZ4OGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mMmZjMGUtYmJiOS00OTI0LWE4OWMtNzYyMGRiMjc5OTYy
LzEvcW9YcDJpSW5ORndZcTlmblVuTDRIQ216RFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAGY
MA0GCSqGSIb3DQEBCwUAA4IBAQAvtC/Vv995t3mhLFRzbHUkb0E7kOnmFWasUKFA
dpjfsqk4Bn8Na9NIm1Q5E+5/6K4QLv3c/anWf/pys+08dC5rHoxx9gAGcYtUJVvB
fdk163rqkKXhVHgOFAUykpgKMFzjFSU6ciGy1jeeFHU9Fe32ZvwbpzYMh5u3Jpgj
FPzu5WDq2K/2ieX/gU5D1X28KiapKLSaopaB7fTUTYSh85mmhriF0ShFq+1X/GD0
ApZoyKXmh0myeC/nlFrg0D7FeydAm8rCgXJ2K4JomG0z8V607ktAkNHkjTVHd0OZ
fUBlT7tn5hfpbUShc5TTtNCIXvu500HG5GRjAJ3xZVg6FqcU
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:15:25 2025 by rpki-client