Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1je5KUhpHZmwhSFxQgge2_vslrY.roa
File: 1je5KUhpHZmwhSFxQgge2_vslrY.roa (raw, json)
Hash identifier: 9eNIZLUHVfhqmKtS4PV63uKJr6tPBut1fQ++6yANib4=
Subject key identifier: D6:37:B9:29:48:69:1D:99:B0:85:21:71:42:08:1E:DB:FB:EC:96:B6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A965667B261AEC5AA4253CC34068A78E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1je5KUhpHZmwhSFxQgge2_vslrY.roa
Signing time: Tue 18 Mar 2025 13:15:49 +0000
ROA not before: Tue 18 Mar 2025 13:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:65:66:7b:26:1a:ec:5a:a4:25:3c:c3:40:68:a7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 18 13:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d637b92948691d99b085217142081edbfbec96b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ec:a0:98:72:c3:a9:e7:24:fb:23:f9:22:24:
5a:9d:23:c7:fe:23:a1:08:9b:cc:f7:47:8a:4e:b2:
56:93:89:91:79:0b:07:16:da:95:01:1b:6d:12:b8:
3b:0a:87:68:89:1d:79:17:bc:f3:66:78:cc:8b:c7:
e0:07:29:2f:ed:f0:42:57:8a:a7:fc:0a:e9:b3:64:
54:08:4b:ff:69:84:48:73:9d:ca:d9:15:d9:d4:ff:
a9:6c:c8:34:05:81:97:97:f6:af:a6:9c:83:76:8e:
b2:8e:f4:c9:d9:ac:6f:69:d9:4c:7e:d3:94:68:67:
2c:be:c6:e8:00:3a:95:46:f1:73:4e:9d:33:5d:a0:
bc:99:1a:31:1a:d3:8e:99:fb:39:fc:f1:27:f7:cf:
e1:17:13:26:56:49:2f:d8:5f:60:f8:f6:c6:63:24:
3b:08:b2:87:74:7d:1d:5c:4b:7d:79:5c:43:71:62:
1e:67:3b:05:7d:e9:ac:2d:38:8d:94:ab:db:7f:88:
8a:98:4a:f8:43:70:72:f0:1f:53:13:6b:7f:11:6f:
0b:01:e1:c4:ef:48:52:69:47:cb:f6:e1:39:54:68:
f9:29:14:3f:5c:86:ee:ce:47:17:0d:a5:6b:f5:2f:
dc:72:c0:3c:2a:d5:79:69:ae:2c:a0:06:42:58:2e:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:37:B9:29:48:69:1D:99:B0:85:21:71:42:08:1E:DB:FB:EC:96:B6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1je5KUhpHZmwhSFxQgge2_vslrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
78:ec:dc:06:c8:09:23:05:b3:d6:52:4d:84:d2:d1:92:fe:bd:
7a:19:75:0b:17:43:6a:94:cc:ae:56:20:73:50:27:4c:4d:f2:
a4:0e:9a:7d:c4:b4:6a:61:6c:f3:bc:6a:64:b5:c9:c8:5f:38:
be:7f:61:09:75:87:c4:2f:d6:f9:97:03:33:ae:29:d1:3e:d5:
ab:70:52:34:0d:3f:bd:60:79:86:20:c5:72:36:a3:c5:90:b6:
d7:39:3e:f1:6e:33:a1:ad:cc:a3:40:84:4d:0f:e1:61:e9:28:
a9:64:01:fa:33:64:37:54:0c:31:17:04:f0:2a:9b:92:36:f6:
eb:1d:43:15:26:07:10:91:6f:e8:78:65:e9:d5:02:7a:c2:2e:
5a:cc:1a:d2:74:ad:2e:01:db:0b:9c:4c:f6:b7:68:24:96:bf:
d2:72:cb:44:df:e0:69:14:49:0d:62:18:53:1a:f3:91:a6:08:
89:f0:5d:0e:ee:32:09:03:1f:64:fc:b2:ec:bc:a8:6b:cd:db:
63:fe:43:85:75:50:ed:0b:68:62:40:5d:0b:32:84:57:da:46:
eb:d1:72:c2:c3:fc:76:74:09:1e:7f:ca:dc:8b:e4:5f:4b:03:
8b:42:8c:d7:07:3b:e2:f7:5b:e5:68:9b:82:8d:1b:a4:9f:a0:
60:40:8f:40
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWpZWZ7JhrsWqQlPMNAaKeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE4MTMxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM3YjkyOTQ4NjkxZDk5YjA4NTIxNzE0MjA4MWVkYmZiZWM5NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuygmHLDqeck+yP5IiRanSPH/iOh
CJvM90eKTrJWk4mReQsHFtqVARttErg7CodoiR15F7zzZnjMi8fgBykv7fBCV4qn
/Arps2RUCEv/aYRIc53K2RXZ1P+pbMg0BYGXl/avppyDdo6yjvTJ2axvadlMftOU
aGcsvsboADqVRvFzTp0zXaC8mRoxGtOOmfs5/PEn98/hFxMmVkkv2F9g+PbGYyQ7
CLKHdH0dXEt9eVxDcWIeZzsFfemsLTiNlKvbf4iKmEr4Q3By8B9TE2t/EW8LAeHE
70hSaUfL9uE5VGj5KRQ/XIbuzkcXDaVr9S/ccsA8KtV5aa4soAZCWC6uJwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNY3uSlIaR2ZsIUhcUIIHtv77Ja2MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMWplNUtVaHBIWm13aFNGeFFnZ2UyX3ZzbHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAeOzcBsgJIwWz1lJNhNLRkv69
ehl1CxdDapTMrlYgc1AnTE3ypA6afcS0amFs87xqZLXJyF84vn9hCXWHxC/W+ZcD
M64p0T7Vq3BSNA0/vWB5hiDFcjajxZC21zk+8W4zoa3Mo0CETQ/hYekoqWQB+jNk
N1QMMRcE8Cqbkjb26x1DFSYHEJFv6Hhl6dUCesIuWswa0nStLgHbC5xM9rdoJJa/
0nLLRN/gaRRJDWIYUxrzkaYIifBdDu4yCQMfZPyy7Lyoa83bY/5DhXVQ7QtoYkBd
CzKEV9pG69FywsP8dnQJHn/K3IvkX0sDi0KM1wc74vdb5Wibgo0bpJ+gYECPQA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:24:05 2025 by rpki-client