Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8xWmdWYCkbQNYWACvYqcfE4ElXA.roa
File: 8xWmdWYCkbQNYWACvYqcfE4ElXA.roa (raw, json)
Hash identifier: KBhelwCglxnv7QBxNnYaCkUsP7c2BggosYlaTOmw4TU=
Subject key identifier: F3:15:A6:75:66:02:91:B4:0D:61:60:02:BD:8A:9C:7C:4E:04:95:70
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A7E4E1EAE7D143AF59559306C48FF31B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8xWmdWYCkbQNYWACvYqcfE4ElXA.roa
Signing time: Tue 18 Mar 2025 06:15:49 +0000
ROA not before: Tue 18 Mar 2025 06:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a7:e4:e1:ea:e7:d1:43:af:59:55:93:06:c4:8f:f3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 18 06:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f315a675660291b40d616002bd8a9c7c4e049570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:7e:a3:fb:cc:0c:2b:cf:66:a0:60:e3:e2:
ac:ba:9a:d7:bd:51:f2:a0:11:30:21:e4:29:24:1c:
46:01:8c:55:56:36:0b:25:2a:f7:b4:ef:38:6f:fe:
6c:8e:78:6e:8b:32:55:d6:88:4b:a4:ae:ea:3a:1d:
ec:41:3b:ca:37:3c:fa:d5:fa:9a:3d:43:22:67:6a:
2d:bc:fe:40:d5:3b:98:de:59:dd:41:45:2b:40:0e:
86:c8:dc:74:1c:70:8b:96:36:21:56:af:f1:1d:3d:
8c:2b:6f:06:90:5a:0d:10:1c:31:2b:8d:62:ad:69:
0d:6f:62:68:8d:23:60:14:1f:1b:c6:7a:a0:95:8a:
cb:21:d6:02:4e:4b:5e:c1:0f:4a:ee:70:ed:f1:f0:
ab:31:64:4a:bb:30:ee:4f:f8:45:d2:ba:6b:f8:29:
2b:9c:ad:d9:26:c3:26:f1:de:ce:3f:93:8a:4a:ee:
4e:a8:ee:e7:1f:85:e3:2f:3e:0e:ac:d9:1d:ad:c0:
78:61:af:ee:e1:0d:01:6c:69:81:cd:6d:ea:6a:a4:
a8:75:b5:04:8d:38:56:05:f8:56:88:3e:4d:3c:4a:
07:8e:b4:e0:b5:ef:96:bc:e8:33:ed:5b:4c:90:58:
ac:91:10:30:90:02:df:3d:27:08:fd:cc:1b:62:78:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:15:A6:75:66:02:91:B4:0D:61:60:02:BD:8A:9C:7C:4E:04:95:70
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8xWmdWYCkbQNYWACvYqcfE4ElXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
69:76:77:7f:2d:63:9e:69:6f:c2:d7:4d:c7:36:ca:bd:4e:f2:
bc:2a:fd:a9:9a:64:c8:6a:42:1a:eb:35:d5:ab:a3:7d:f7:a2:
cf:ec:b7:81:e0:5f:0e:eb:dc:60:16:e0:ea:d4:5d:07:26:23:
c9:16:dd:d4:33:89:d4:e0:91:ba:b0:99:12:0a:6e:5f:e5:1e:
6c:db:4a:54:8a:22:fd:82:24:98:46:83:6c:54:9e:a7:a0:83:
12:2a:25:ee:83:fb:67:ec:b2:c8:94:6e:34:15:2b:32:ac:d1:
ec:37:c6:97:c7:16:0a:7e:1b:09:dd:d8:33:42:50:56:7c:87:
dd:79:69:ef:11:cc:d0:84:7b:04:97:a1:98:c4:91:54:23:7f:
46:a9:97:46:e7:9e:50:6c:00:0b:3b:6d:5e:37:29:cf:6c:8d:
86:82:52:81:01:12:c9:72:9d:44:29:ea:8b:d0:ee:dc:74:83:
24:ef:2a:02:34:96:7d:52:cb:cf:59:4f:aa:28:0c:ae:af:94:
8d:3f:32:7b:1b:13:bd:ac:ed:b6:2c:74:4f:c6:cc:db:d6:e0:
82:34:c0:b6:a1:58:90:9c:ad:f6:cf:06:7a:a8:10:d2:69:51:
eb:2a:7f:ba:08:3a:a3:e1:31:b8:02:1a:af:76:e7:73:5c:be:
85:49:ad:e4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWn5OHq59FDr1lVkwbEj/MbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE4MDYxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE1YTY3NTY2MDI5MWI0MGQ2MTYwMDJiZDhhOWM3YzRlMDQ5NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhx+o/vMDCvPZqBg4+KsuprXvVHy
oBEwIeQpJBxGAYxVVjYLJSr3tO84b/5sjnhuizJV1ohLpK7qOh3sQTvKNzz61fqa
PUMiZ2otvP5A1TuY3lndQUUrQA6GyNx0HHCLljYhVq/xHT2MK28GkFoNEBwxK41i
rWkNb2JojSNgFB8bxnqglYrLIdYCTktewQ9K7nDt8fCrMWRKuzDuT/hF0rpr+Ckr
nK3ZJsMm8d7OP5OKSu5OqO7nH4XjLz4OrNkdrcB4Ya/u4Q0BbGmBzW3qaqSodbUE
jThWBfhWiD5NPEoHjrTgte+WvOgz7VtMkFiskRAwkALfPScI/cwbYnjLqwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPMVpnVmApG0DWFgAr2KnHxOBJVwMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOHhXbWRXWUNrYlFOWVdBQ3ZZcWNmRTRFbFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAaXZ3fy1jnmlvwtdNxzbKvU7y
vCr9qZpkyGpCGus11aujffeiz+y3geBfDuvcYBbg6tRdByYjyRbd1DOJ1OCRurCZ
EgpuX+UebNtKVIoi/YIkmEaDbFSep6CDEiol7oP7Z+yyyJRuNBUrMqzR7DfGl8cW
Cn4bCd3YM0JQVnyH3Xlp7xHM0IR7BJehmMSRVCN/RqmXRueeUGwACzttXjcpz2yN
hoJSgQESyXKdRCnqi9Du3HSDJO8qAjSWfVLLz1lPqigMrq+UjT8yexsTvazttix0
T8bM29bggjTAtqFYkJyt9s8GeqgQ0mlR6yp/ugg6o+ExuAIar3bnc1y+hUmt5A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:27 2025 by rpki-client