Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6P8x41U1eRJoNW3zKzEfht7k40w.roa
File: 6P8x41U1eRJoNW3zKzEfht7k40w.roa (raw, json)
Hash identifier: LRypmZl3IEPjXGU1RJHaskGpWMqLFseazYqEoY4MqWQ=
Subject key identifier: E8:FF:31:E3:55:35:79:12:68:35:6D:F3:2B:31:1F:86:DE:E4:E3:4C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0194688FF1BDA5EFEC8DCE25DCC03CC1E79C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6P8x41U1eRJoNW3zKzEfht7k40w.roa
Signing time: Wed 15 Jan 2025 06:04:11 +0000
ROA not before: Wed 15 Jan 2025 06:04:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:688f:ed9c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:8f:f1:bd:a5:ef:ec:8d:ce:25:dc:c0:3c:c1:e7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 15 06:04:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8ff31e35535791268356df32b311f86dee4e34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:09:3f:0b:64:81:58:4d:df:29:ed:8b:e2:
6c:d8:44:0c:51:e8:b8:61:ae:82:8c:76:f1:ee:ea:
aa:55:10:c2:e4:79:c7:7e:e2:8a:d2:a5:78:38:26:
35:48:e9:2e:ff:48:10:a1:9c:3c:f0:44:a5:27:0b:
ac:ec:01:f7:a0:46:c3:6b:42:08:9d:26:1d:cb:7d:
97:4c:c9:02:cd:92:7c:9e:93:3d:d0:bd:19:77:a3:
fc:2a:91:02:f4:bc:aa:07:9a:16:b4:c9:fe:49:41:
e4:08:9b:48:0d:55:0b:d9:77:a2:c4:c6:ec:90:6b:
d2:7a:d3:70:3d:8d:cb:cb:91:9d:aa:e7:7e:4f:45:
64:3a:96:bc:2e:c1:38:bc:71:f8:df:c8:05:ff:37:
0f:4e:5d:4d:38:33:cb:b7:50:52:05:da:2d:71:6e:
7a:6e:e6:18:ba:af:5e:ec:ab:fe:69:74:81:27:c5:
c4:53:bb:54:be:81:8d:b1:24:b6:2b:77:34:e9:85:
ed:b5:78:04:d5:ff:eb:d8:6b:53:36:98:c7:3c:b1:
77:f9:9f:2c:af:2a:94:ae:84:ce:ea:e4:ab:35:6a:
44:6e:0e:37:cb:29:37:6d:88:f2:26:ed:f6:1c:5d:
07:0a:72:2b:64:23:cb:72:b5:df:eb:5b:4b:72:74:
a7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FF:31:E3:55:35:79:12:68:35:6D:F3:2B:31:1F:86:DE:E4:E3:4C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/6P8x41U1eRJoNW3zKzEfht7k40w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:688f:ed9c/128
Signature Algorithm: sha256WithRSAEncryption
38:4c:4d:d0:5b:c5:aa:90:07:ad:de:e2:9e:51:a5:85:93:2f:
eb:f2:0c:3e:e3:23:23:4f:0c:51:8b:4d:c8:28:79:2b:ab:1b:
11:65:9e:7f:18:0c:0c:d3:a5:5c:be:0b:d4:7b:70:38:6b:da:
d6:17:93:fe:1c:5d:59:68:33:96:bc:47:73:09:79:9a:73:ee:
3d:ba:2f:46:dc:ba:bd:38:b9:05:e1:81:8b:fd:af:1c:21:fa:
0e:27:5b:83:56:e1:f5:96:dc:96:fb:d0:56:14:36:7c:74:66:
27:5e:6d:f8:cf:d8:95:d6:9b:05:e2:a3:75:75:1e:ff:0c:4d:
a9:f8:91:fd:05:11:f6:cc:9c:cb:ce:d3:de:85:2b:d5:74:b6:
e4:8b:d1:05:cf:ab:db:d9:4d:b9:a0:48:e9:0b:9b:8f:7f:4c:
42:4c:b2:cc:55:b1:43:ec:ad:a3:d1:22:bc:ec:fc:4c:1c:d0:
b5:23:14:6d:0d:d0:69:c1:4c:82:bd:d5:46:13:d4:b6:41:25:
ad:95:2d:5d:f3:ec:13:66:1d:37:bd:e4:71:56:2a:d8:f0:80:
47:14:92:d8:fb:73:d5:32:1d:51:83:57:dd:e7:78:b5:c3:d0:
38:15:eb:11:5e:cd:c3:b8:09:34:1b:32:1b:61:49:47:7f:80:
ee:87:86:20
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRoj/G9pe/sjc4l3MA8weecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE1MDYwNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGZmMzFlMzU1MzU3OTEyNjgzNTZkZjMyYjMxMWY4NmRlZTRlMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kwJPwtkgVhN3ynti+Js2EQMUei4
Ya6CjHbx7uqqVRDC5HnHfuKK0qV4OCY1SOku/0gQoZw88ESlJwus7AH3oEbDa0II
nSYdy32XTMkCzZJ8npM90L0Zd6P8KpEC9LyqB5oWtMn+SUHkCJtIDVUL2XeixMbs
kGvSetNwPY3Ly5Gdqud+T0VkOpa8LsE4vHH438gF/zcPTl1NODPLt1BSBdotcW56
buYYuq9e7Kv+aXSBJ8XEU7tUvoGNsSS2K3c06YXttXgE1f/r2GtTNpjHPLF3+Z8s
ryqUroTO6uSrNWpEbg43yyk3bYjyJu32HF0HCnIrZCPLcrXf61tLcnSndQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOj/MeNVNXkSaDVt8ysxH4be5ONMMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNlA4eDQxVTFlUkpvTlczekt6RWZodDdrNDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlGiP7ZwwDQYJKoZIhvcNAQELBQADggEB
ADhMTdBbxaqQB63e4p5RpYWTL+vyDD7jIyNPDFGLTcgoeSurGxFlnn8YDAzTpVy+
C9R7cDhr2tYXk/4cXVloM5a8R3MJeZpz7j26L0bcur04uQXhgYv9rxwh+g4nW4NW
4fWW3Jb70FYUNnx0ZidebfjP2JXWmwXio3V1Hv8MTan4kf0FEfbMnMvO096FK9V0
tuSL0QXPq9vZTbmgSOkLm49/TEJMssxVsUPsraPRIrzs/Ewc0LUjFG0N0GnBTIK9
1UYT1LZBJa2VLV3z7BNmHTe95HFWKtjwgEcUktj7c9UyHVGDV93neLXD0DgV6xFe
zcO4CTQbMhthSUd/gO6HhiA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:18:09 2025 by rpki-client