Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3Kz_7lP1T8ITO5wp4zahQTbTFaA.roa
File: 3Kz_7lP1T8ITO5wp4zahQTbTFaA.roa (raw, json)
Hash identifier: FAlNextTtahuAJz6IQYiK2Fw5rgILtsraR5ver7pF+4=
Subject key identifier: DC:AC:FF:EE:53:F5:4F:C2:13:3B:9C:29:E3:36:A1:41:36:D3:15:A0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195907F8056E090C7A1720E951DD9576F6D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3Kz_7lP1T8ITO5wp4zahQTbTFaA.roa
Signing time: Thu 13 Mar 2025 17:13:49 +0000
ROA not before: Thu 13 Mar 2025 17:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:7f:80:56:e0:90:c7:a1:72:0e:95:1d:d9:57:6f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 13 17:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcacffee53f54fc2133b9c29e336a14136d315a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:04:d5:99:a1:81:8b:d2:07:63:c9:0e:ba:
29:a9:98:60:fe:7a:ba:5f:92:bc:f7:a5:39:84:ca:
4f:12:d4:56:0b:97:6c:17:da:78:0f:0c:c1:14:2c:
c5:1f:8c:ab:bc:48:c5:66:de:f7:0e:1d:b0:5b:59:
b6:d0:21:0b:62:e1:9f:b6:2f:d4:39:99:98:3c:44:
a1:ba:85:0d:ff:33:eb:9d:6b:91:ae:77:19:3e:77:
28:f3:9c:f4:a4:2c:94:7b:a8:71:bc:ee:f4:de:a3:
22:a8:07:2f:31:ca:e2:2e:59:73:f8:d7:09:16:75:
d9:05:98:5a:37:9e:60:ef:7f:8e:bf:31:54:a0:14:
02:05:cc:24:2b:b2:54:64:43:41:47:4a:f8:37:d5:
b5:39:30:84:d4:2a:44:f8:b4:14:16:c8:ab:b4:40:
a1:cb:7a:f1:f1:3e:62:f2:a6:e2:0d:85:35:72:fd:
70:1f:44:9d:d8:b4:27:ea:b4:cb:43:ab:f9:f9:22:
5c:48:d7:46:c2:92:70:6b:0d:6c:ff:24:9f:5e:9e:
d2:4d:cc:e6:8a:dc:61:5a:81:3a:54:66:55:43:47:
56:69:57:77:7e:ca:93:0c:f7:68:9d:3e:1b:f6:8c:
9a:ee:81:6c:64:17:8e:56:0a:b8:9b:75:75:00:3e:
1a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AC:FF:EE:53:F5:4F:C2:13:3B:9C:29:E3:36:A1:41:36:D3:15:A0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3Kz_7lP1T8ITO5wp4zahQTbTFaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
58:8f:00:5c:71:e3:f6:aa:a6:24:72:e8:23:41:14:51:71:f2:
97:99:7e:35:16:b4:c3:3d:58:da:73:00:03:59:40:ab:4d:c5:
93:81:94:0c:86:af:41:8a:8e:f4:50:8b:86:6f:2d:07:bc:df:
e3:19:fd:4f:2e:76:5c:61:fb:b8:d5:2d:74:c8:52:08:d2:b5:
70:4d:8c:fd:a3:6b:ec:a4:fd:ce:23:3b:68:68:5c:80:04:c0:
c2:8e:71:71:1b:15:83:e0:33:aa:e0:48:00:50:b9:94:82:c2:
dc:29:5b:43:3f:f7:7b:f4:60:a9:50:ec:b6:8f:8d:59:db:ef:
65:cd:9b:56:fc:94:74:24:a5:c3:8e:38:12:25:59:e6:4a:43:
99:ef:5a:fd:f2:5c:f0:b2:d4:57:17:2a:1e:f4:8f:ad:3e:99:
fb:ae:78:41:dd:c2:46:4f:d6:6a:42:92:38:e9:80:f3:f1:ae:
25:a4:aa:68:77:e8:9d:c7:98:2f:8e:5e:c0:ae:39:93:e8:f5:
75:52:da:f9:f3:c9:69:07:fd:a9:74:8f:55:04:80:d6:95:14:
f5:ea:4c:40:4f:2d:da:cf:d8:01:83:9a:31:b9:24:ac:fb:8d:
41:86:02:29:ac:fc:6e:fb:5c:2a:40:3d:04:c0:5d:44:44:e6:
86:40:89:77
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWQf4BW4JDHoXIOlR3ZV29tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEzMTcxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FjZmZlZTUzZjU0ZmMyMTMzYjljMjllMzM2YTE0MTM2ZDMxNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudgE1ZmhgYvSB2PJDropqZhg/nq6
X5K896U5hMpPEtRWC5dsF9p4DwzBFCzFH4yrvEjFZt73Dh2wW1m20CELYuGfti/U
OZmYPEShuoUN/zPrnWuRrncZPnco85z0pCyUe6hxvO703qMiqAcvMcriLllz+NcJ
FnXZBZhaN55g73+OvzFUoBQCBcwkK7JUZENBR0r4N9W1OTCE1CpE+LQUFsirtECh
y3rx8T5i8qbiDYU1cv1wH0Sd2LQn6rTLQ6v5+SJcSNdGwpJwaw1s/ySfXp7STczm
itxhWoE6VGZVQ0dWaVd3fsqTDPdonT4b9oya7oFsZBeOVgq4m3V1AD4ayQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNys/+5T9U/CEzucKeM2oUE20xWgMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM0t6XzdsUDFUOElUTzV3cDR6YWhRVGJURmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAWI8AXHHj9qqmJHLoI0EUUXHy
l5l+NRa0wz1Y2nMAA1lAq03Fk4GUDIavQYqO9FCLhm8tB7zf4xn9Ty52XGH7uNUt
dMhSCNK1cE2M/aNr7KT9ziM7aGhcgATAwo5xcRsVg+AzquBIAFC5lILC3ClbQz/3
e/RgqVDsto+NWdvvZc2bVvyUdCSlw444EiVZ5kpDme9a/fJc8LLUVxcqHvSPrT6Z
+654Qd3CRk/WakKSOOmA8/GuJaSqaHfonceYL45ewK45k+j1dVLa+fPJaQf9qXSP
VQSA1pUU9epMQE8t2s/YAYOaMbkkrPuNQYYCKaz8bvtcKkA9BMBdRETmhkCJdw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:48 2025 by rpki-client