Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4OTIG9RhKqKnSaeE5Wzv-e_mkkQ.roa
File: 4OTIG9RhKqKnSaeE5Wzv-e_mkkQ.roa (raw, json)
Hash identifier: PYvWo+PzA+IbFOJ11/z6NOkMborKAEmdJfMB9DQJ3Z0=
Subject key identifier: E0:E4:C8:1B:D4:61:2A:A2:A7:49:A7:84:E5:6C:EF:F9:EF:E6:92:44
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958932002E7C5CD02A5D562804E08D4597
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4OTIG9RhKqKnSaeE5Wzv-e_mkkQ.roa
Signing time: Wed 12 Mar 2025 07:11:50 +0000
ROA not before: Wed 12 Mar 2025 07:11:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:32:00:2e:7c:5c:d0:2a:5d:56:28:04:e0:8d:45:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 07:11:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0e4c81bd4612aa2a749a784e56ceff9efe69244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:4d:67:ff:36:b2:58:0d:cc:9a:33:1c:5d:
82:ab:06:db:24:c2:2c:ef:86:25:76:86:51:d9:44:
1d:4d:df:83:a4:17:2f:0e:fc:89:8a:e3:6b:d8:82:
23:b4:7c:dc:c4:e4:56:ee:06:c6:f7:f3:19:e2:74:
e1:65:7e:7f:23:90:41:cb:b8:7b:21:05:8c:24:3a:
8c:ca:81:80:73:95:26:46:d7:ab:d3:fe:9c:98:49:
45:ed:ba:bf:e1:f9:78:22:1e:7c:16:2d:51:41:c5:
18:43:07:7d:53:58:e8:26:d5:34:5e:2c:46:ff:8e:
c8:91:74:69:0f:52:0d:b7:f1:6c:8d:85:37:de:1c:
e8:96:55:cf:06:5a:b6:70:bf:5f:74:31:9a:71:a9:
b4:16:ac:79:6a:fb:04:fe:08:d4:0e:0d:35:4b:16:
92:0c:d6:d0:4e:39:c3:45:e7:46:9e:e2:fc:81:46:
a2:82:17:b3:03:e0:8a:71:97:75:6f:3f:dd:ef:5b:
73:48:12:99:42:42:e7:cd:6c:e7:c0:f9:1e:9d:00:
ed:1b:9b:93:4d:cf:8b:3d:57:20:09:fb:3b:ea:1a:
1c:af:f7:aa:2b:ee:b0:34:d1:fd:12:da:8e:bc:bd:
67:f4:ca:5a:41:57:61:43:0b:9f:da:fc:12:3f:5c:
61:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E4:C8:1B:D4:61:2A:A2:A7:49:A7:84:E5:6C:EF:F9:EF:E6:92:44
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4OTIG9RhKqKnSaeE5Wzv-e_mkkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
3c:9b:82:c6:f9:f1:5e:b5:27:60:f5:31:9b:e3:18:d9:7a:71:
6d:a0:52:7b:8b:90:78:18:a0:c8:d3:36:fd:94:ab:1b:07:bb:
e1:00:f1:f5:95:07:f0:b5:34:30:05:10:7a:66:a6:98:77:65:
e4:aa:b9:6c:68:2c:ee:86:8e:38:e1:18:6d:5e:90:b7:ec:28:
3f:6f:24:82:49:8f:bd:65:d3:46:c0:2b:5b:31:09:f7:04:70:
47:e2:e6:ae:f0:1b:0a:4c:56:14:3e:71:ee:55:a3:ea:0b:7c:
cf:81:56:0f:e5:f5:d5:ab:ec:75:27:82:31:32:d1:6a:4e:4d:
c8:d3:ee:7b:db:8a:57:d3:8a:f4:cd:56:63:c5:82:8b:0f:41:
74:18:64:f9:ee:f4:e5:5b:1d:5c:ae:ee:43:e2:ce:f6:b3:7a:
05:23:2c:38:95:5f:e8:c3:27:f1:77:fe:e8:14:28:c2:8d:22:
14:6c:6b:cb:bf:71:68:7e:ee:d2:06:e1:d2:8b:12:67:de:8a:
c9:47:9d:06:6d:72:56:b1:82:1b:72:f5:b0:3d:d2:83:51:5c:
10:dc:b3:d5:a2:5d:b0:e4:b3:9f:09:8c:d9:20:50:43:22:b8:
6d:c4:d9:59:87:a6:3a:fd:db:92:1b:8d:38:1b:c0:f1:76:0b:
6d:92:2d:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWJMgAufFzQKl1WKATgjUWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMDcxMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU0YzgxYmQ0NjEyYWEyYTc0OWE3ODRlNTZjZWZmOWVmZTY5MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdJNZ/82slgNzJozHF2CqwbbJMIs
74YldoZR2UQdTd+DpBcvDvyJiuNr2IIjtHzcxORW7gbG9/MZ4nThZX5/I5BBy7h7
IQWMJDqMyoGAc5UmRter0/6cmElF7bq/4fl4Ih58Fi1RQcUYQwd9U1joJtU0XixG
/47IkXRpD1INt/FsjYU33hzollXPBlq2cL9fdDGacam0Fqx5avsE/gjUDg01SxaS
DNbQTjnDRedGnuL8gUaighezA+CKcZd1bz/d71tzSBKZQkLnzWznwPkenQDtG5uT
Tc+LPVcgCfs76hocr/eqK+6wNNH9EtqOvL1n9MpaQVdhQwuf2vwSP1xh/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFODkyBvUYSqip0mnhOVs7/nv5pJEMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNE9USUc5UmhLcUtuU2FlRTVXenYtZV9ta2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAPJuCxvnxXrUnYPUxm+MY2Xpx
baBSe4uQeBigyNM2/ZSrGwe74QDx9ZUH8LU0MAUQemammHdl5Kq5bGgs7oaOOOEY
bV6Qt+woP28kgkmPvWXTRsArWzEJ9wRwR+LmrvAbCkxWFD5x7lWj6gt8z4FWD+X1
1avsdSeCMTLRak5NyNPue9uKV9OK9M1WY8WCiw9BdBhk+e705VsdXK7uQ+LO9rN6
BSMsOJVf6MMn8Xf+6BQowo0iFGxry79xaH7u0gbh0osSZ96KyUedBm1yVrGCG3L1
sD3Sg1FcENyz1aJdsOSznwmM2SBQQyK4bcTZWYemOv3bkhuNOBvA8XYLbZItmA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:50:01 2025 by rpki-client