Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1yTu3UzWqLdzhs_3y82Oy2plZEM.roa
File: 1yTu3UzWqLdzhs_3y82Oy2plZEM.roa (raw, json)
Hash identifier: H13z8S2rGSF1USUq6bOWU5QycEwIjm2TLPCzc0V8VBU=
Subject key identifier: D7:24:EE:DD:4C:D6:A8:B7:73:86:CF:F7:CB:CD:8E:CB:6A:65:64:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019584ACB88597B597226FF7FB4E9323F63F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1yTu3UzWqLdzhs_3y82Oy2plZEM.roa
Signing time: Tue 11 Mar 2025 10:07:46 +0000
ROA not before: Tue 11 Mar 2025 10:07:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:84ac:1185/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:ac:b8:85:97:b5:97:22:6f:f7:fb:4e:93:23:f6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 11 10:07:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d724eedd4cd6a8b77386cff7cbcd8ecb6a656443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7e:4b:3a:ec:63:a2:7d:56:ff:30:b1:3c:c5:
51:22:d9:5a:e2:c7:46:ae:9e:f9:43:9f:90:4b:e4:
a5:e1:0b:d6:11:68:62:e1:87:7e:3e:6a:ba:d9:0d:
06:8e:32:1b:33:3a:dc:81:a1:57:db:fb:ef:3f:e6:
64:a3:14:e4:a2:d0:14:6f:56:0d:40:7e:16:19:27:
d9:0b:7f:4c:f4:40:4d:51:46:cb:b7:6c:3c:f0:89:
7c:7b:0f:a8:28:2d:ee:89:66:b7:98:0a:4d:a5:b7:
0e:61:41:a1:f5:aa:4b:20:9b:8a:62:c0:02:a5:0a:
35:5f:d8:24:f7:ed:67:03:c8:66:2b:35:2c:d0:4b:
c2:86:46:17:3c:7f:be:27:86:06:7c:43:c5:7f:41:
91:d9:25:6b:31:02:d8:1a:2c:43:34:c7:4c:a8:00:
a3:6d:86:8a:3c:a2:40:d7:24:87:47:a4:5f:52:34:
58:9d:64:2b:e9:d7:12:21:33:e1:bf:c1:3d:92:ec:
cc:3f:f4:f4:ef:7e:b3:17:73:c9:42:69:40:ec:15:
93:d1:ae:c6:a7:7e:39:32:c7:2d:97:ea:a2:09:7e:
96:14:3f:9d:4a:60:e6:6e:60:0f:25:a0:ff:b6:c0:
b5:9f:ce:ea:bc:ba:bc:ff:f3:af:aa:1e:e4:0f:07:
9a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:24:EE:DD:4C:D6:A8:B7:73:86:CF:F7:CB:CD:8E:CB:6A:65:64:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1yTu3UzWqLdzhs_3y82Oy2plZEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:84ac:1185/128
Signature Algorithm: sha256WithRSAEncryption
04:86:d1:4e:51:e7:c9:4c:d8:ba:ab:ad:7a:76:ac:1f:a4:d5:
27:87:a4:bf:aa:87:ec:09:a3:df:90:cb:52:cf:f7:d7:ea:ab:
24:40:fc:df:1d:c8:b3:c4:d8:9c:a8:8b:f9:78:a3:55:2a:07:
6a:dc:26:b9:7b:50:26:66:e3:0f:3b:e1:2f:0c:01:dd:08:95:
6e:6f:4a:2a:d6:bd:00:41:4c:09:10:dc:9c:d4:b5:71:63:0a:
8f:d5:99:ae:60:1f:81:7a:0a:17:e4:2a:94:6c:87:75:32:eb:
e9:cc:2b:3e:4f:9d:c6:73:80:10:28:46:a3:82:03:e1:25:2f:
c5:4d:cd:35:ab:57:50:71:bf:0a:ad:0d:cb:a1:4d:eb:f9:c0:
1a:84:5d:8f:54:dd:5f:62:77:4b:df:29:d8:ae:f4:f5:3b:38:
21:05:82:67:87:df:22:fa:43:b0:0a:ac:ee:09:29:0a:5c:45:
6e:17:15:0e:7e:7b:36:bb:bf:69:15:fb:44:34:af:55:76:27:
39:4d:66:9c:81:15:a3:b4:ee:3b:13:b1:d1:21:c0:f3:36:d3:
5c:9c:fd:51:0e:7d:a5:16:0c:c8:72:c3:22:69:0c:9c:ce:91:
d3:61:40:da:25:3f:13:7b:0c:15:ad:b0:61:fc:8a:24:dc:cd:
c7:6a:fb:60
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWErLiFl7WXIm/3+06TI/Y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzExMTAwNzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI0ZWVkZDRjZDZhOGI3NzM4NmNmZjdjYmNkOGVjYjZhNjU2NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs35LOuxjon1W/zCxPMVRItla4sdG
rp75Q5+QS+Sl4QvWEWhi4Yd+Pmq62Q0GjjIbMzrcgaFX2/vvP+ZkoxTkotAUb1YN
QH4WGSfZC39M9EBNUUbLt2w88Il8ew+oKC3uiWa3mApNpbcOYUGh9apLIJuKYsAC
pQo1X9gk9+1nA8hmKzUs0EvChkYXPH++J4YGfEPFf0GR2SVrMQLYGixDNMdMqACj
bYaKPKJA1ySHR6RfUjRYnWQr6dcSITPhv8E9kuzMP/T0736zF3PJQmlA7BWT0a7G
p345Msctl+qiCX6WFD+dSmDmbmAPJaD/tsC1n87qvLq8//Ovqh7kDwealQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNck7t1M1qi3c4bP98vNjstqZWRDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMXlUdTNVeldxTGR6aHNfM3k4Mk95MnBsWkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhKwRhTANBgkqhkiG9w0BAQsFAAOCAQEABIbRTlHnyUzYuqutenasH6TV
J4ekv6qH7Amj35DLUs/31+qrJED83x3Is8TYnKiL+XijVSoHatwmuXtQJmbjDzvh
LwwB3QiVbm9KKta9AEFMCRDcnNS1cWMKj9WZrmAfgXoKF+QqlGyHdTLr6cwrPk+d
xnOAEChGo4ID4SUvxU3NNatXUHG/Cq0Ny6FN6/nAGoRdj1TdX2J3S98p2K709Ts4
IQWCZ4ffIvpDsAqs7gkpClxFbhcVDn57Nru/aRX7RDSvVXYnOU1mnIEVo7TuOxOx
0SHA8zbTXJz9UQ59pRYMyHLDImkMnM6R02FA2iU/E3sMFa2wYfyKJNzNx2r7YA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:33 2025 by rpki-client