Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-zIP4j78YvKe2bYzbUQugeVY7k.roa
File: 1-zIP4j78YvKe2bYzbUQugeVY7k.roa (raw, json)
Hash identifier: Yl5LQO1KWzC2SS5plS8bZu6DS88KDXfQioxQHKKw0YQ=
Subject key identifier: D7:EC:C8:3F:88:FB:F1:8B:CA:7B:66:D8:CD:B5:10:BA:07:95:63:B9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019579811E80F5E739CE624A0EB686BD6050
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-zIP4j78YvKe2bYzbUQugeVY7k.roa
Signing time: Sun 09 Mar 2025 06:04:19 +0000
ROA not before: Sun 09 Mar 2025 06:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:7981:16ea/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:81:1e:80:f5:e7:39:ce:62:4a:0e:b6:86:bd:60:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 9 06:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7ecc83f88fbf18bca7b66d8cdb510ba079563b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:79:af:c3:6f:0e:3f:f9:08:89:02:5c:db:fd:
e9:0b:20:ae:7f:28:cd:ea:59:a0:35:12:74:c6:e2:
fa:e7:63:08:6e:22:c2:b3:f3:cf:9a:17:cc:8e:81:
37:54:2f:69:d3:b3:4c:0c:cb:80:bb:cf:8e:7f:81:
04:8d:63:94:f1:5f:c5:e5:6b:81:a6:3a:1c:b6:32:
34:24:54:b2:1e:f8:3e:f4:ad:9a:d9:ee:8f:9f:e2:
43:63:1f:44:f0:00:e5:44:24:b3:f2:8b:77:7c:b2:
e6:46:fb:75:47:82:83:08:01:33:b3:de:31:fa:36:
e8:9b:ce:20:bb:ff:f1:de:2a:22:5e:64:00:07:25:
56:56:30:a6:3a:ba:f7:6d:7b:cb:2b:f3:e7:42:91:
5e:e0:1e:c3:cf:65:59:65:a0:17:79:88:b2:9f:89:
e7:c1:a4:95:99:8b:91:a5:97:c7:2d:33:87:61:eb:
42:b4:e4:fe:64:91:4f:3a:10:30:88:50:14:29:74:
47:2c:2f:fc:d3:eb:c8:0e:57:59:0b:f2:e4:3b:c9:
27:33:d3:ef:a6:7d:74:84:75:58:5c:d5:d4:fa:38:
71:f0:43:94:58:b8:16:66:45:9d:2a:04:5c:f2:fa:
86:6e:63:a4:52:60:da:23:94:26:5d:b9:c4:11:f3:
af:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EC:C8:3F:88:FB:F1:8B:CA:7B:66:D8:CD:B5:10:BA:07:95:63:B9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-zIP4j78YvKe2bYzbUQugeVY7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:7981:16ea/128
Signature Algorithm: sha256WithRSAEncryption
06:0d:56:8b:18:88:0a:8d:81:a6:4f:3d:f1:28:18:c0:7c:a4:
0f:c7:f5:18:e2:30:8a:d1:e6:af:3b:a5:6e:ff:9c:d1:b4:9b:
cd:bc:88:87:a9:fd:10:fc:99:7f:c3:f6:90:e4:b3:8a:13:c4:
d0:41:9a:74:62:72:57:b1:d1:ca:21:bc:15:16:d7:a8:83:6c:
ba:26:e4:da:56:6e:a2:74:f1:1c:d2:e5:9e:4d:04:05:8a:49:
4c:d3:2d:04:ec:1a:8a:ce:a0:6c:85:27:86:c2:cf:19:65:e4:
f8:7e:28:d2:94:8a:5b:a7:05:87:64:34:9e:40:98:50:cc:be:
0d:12:62:3d:d9:f9:e1:8e:b8:47:99:a3:24:4b:a1:97:89:eb:
fc:0d:49:68:92:ff:cb:c2:62:ff:9d:24:b7:93:22:fb:e6:a6:
56:5a:35:ce:4d:6e:f6:f4:59:67:98:e5:9e:be:54:10:6f:1f:
d2:dd:c0:d8:4e:79:47:d6:10:ae:81:0a:26:5f:64:b0:6d:0b:
68:ed:bc:6e:26:c2:db:03:67:12:fe:fc:a9:87:96:d1:35:28:
52:fc:18:12:9d:c5:1f:6b:1a:b4:91:93:35:76:f5:29:39:b3:
03:b2:8a:7a:8d:77:8f:f4:59:15:80:1e:91:26:e1:bb:91:8a:
3f:bf:d4:b9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZV5gR6A9ec5zmJKDraGvWBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA5MDYwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VjYzgzZjg4ZmJmMThiY2E3YjY2ZDhjZGI1MTBiYTA3OTU2M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXmvw28OP/kIiQJc2/3pCyCufyjN
6lmgNRJ0xuL652MIbiLCs/PPmhfMjoE3VC9p07NMDMuAu8+Of4EEjWOU8V/F5WuB
pjoctjI0JFSyHvg+9K2a2e6Pn+JDYx9E8ADlRCSz8ot3fLLmRvt1R4KDCAEzs94x
+jbom84gu//x3ioiXmQAByVWVjCmOrr3bXvLK/PnQpFe4B7Dz2VZZaAXeYiyn4nn
waSVmYuRpZfHLTOHYetCtOT+ZJFPOhAwiFAUKXRHLC/80+vIDldZC/LkO8knM9Pv
pn10hHVYXNXU+jhx8EOUWLgWZkWdKgRc8vqGbmOkUmDaI5QmXbnEEfOvgQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNfsyD+I+/GLyntm2M21ELoHlWO5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS16SVA0ajc4WXZLZTJiWXpiVVF1Z2VWWTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVeYEW6jANBgkqhkiG9w0BAQsFAAOCAQEABg1WixiICo2Bpk898SgYwHyk
D8f1GOIwitHmrzulbv+c0bSbzbyIh6n9EPyZf8P2kOSzihPE0EGadGJyV7HRyiG8
FRbXqINsuibk2lZuonTxHNLlnk0EBYpJTNMtBOwais6gbIUnhsLPGWXk+H4o0pSK
W6cFh2Q0nkCYUMy+DRJiPdn54Y64R5mjJEuhl4nr/A1JaJL/y8Ji/50kt5Mi++am
Vlo1zk1u9vRZZ5jlnr5UEG8f0t3A2E55R9YQroEKJl9ksG0LaO28bibC2wNnEv78
qYeW0TUoUvwYEp3FH2satJGTNXb1KTmzA7KKeo13j/RZFYAekSbhu5GKP7/UuQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:30 2025 by rpki-client