Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/968WLDqduqnSTJxzhXitY4XfH58.roa
File: 968WLDqduqnSTJxzhXitY4XfH58.roa (raw, json)
Hash identifier: R9CNfmMxQadmrovSHt4CJF+D9cT0xGD06uyEy/e0UVk=
Subject key identifier: F7:AF:16:2C:3A:9D:BA:A9:D2:4C:9C:73:85:78:AD:63:85:DF:1F:9F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019587742181DBEED05AC61FA66D69869382
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/968WLDqduqnSTJxzhXitY4XfH58.roa
Signing time: Tue 11 Mar 2025 23:04:49 +0000
ROA not before: Tue 11 Mar 2025 23:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
2001:67c:64:ffff:0:195:8773:e950/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:87:74:21:81:db:ee:d0:5a:c6:1f:a6:6d:69:86:93:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 11 23:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7af162c3a9dbaa9d24c9c738578ad6385df1f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:aa:d7:98:de:63:25:1f:32:19:a1:fb:cb:b4:
02:38:95:43:3a:12:32:fb:b5:d4:3c:4f:51:43:0f:
a8:5b:34:0e:e1:cd:0b:ad:03:24:98:6f:f4:8f:8f:
e2:b3:38:3c:03:a4:56:10:07:8d:12:bd:e2:e1:83:
81:b9:23:56:1c:87:2f:eb:ae:a4:63:8d:43:34:d3:
0f:73:92:8d:29:a5:47:a9:dd:19:d1:9e:dd:4c:89:
40:60:e8:9c:0a:71:f6:6b:81:dd:4b:61:ce:89:1d:
d3:f6:c2:63:28:47:f2:fb:f6:76:03:fd:bc:49:d1:
8b:2d:d1:1e:52:8f:25:28:a3:59:fa:01:e5:57:4c:
ca:49:5a:c0:01:99:4d:41:6e:0e:4d:ea:61:f2:92:
07:33:bf:f5:59:e8:93:ea:54:49:5f:7d:6b:0c:7d:
42:e5:3f:9e:36:e2:72:9d:09:6e:68:29:b0:f4:da:
bc:1b:9b:3a:4d:d6:0e:98:0f:c7:9a:db:b8:96:e7:
8b:1b:df:80:7a:1d:07:14:a3:12:d5:16:05:31:69:
26:bf:0f:26:3b:e0:d8:1c:cf:f6:88:bc:26:85:68:
40:21:6b:ce:ea:34:36:ba:1e:3b:c9:0d:2e:4b:37:
a7:0f:a0:86:5e:62:87:63:2a:3b:fe:b2:ce:26:e0:
1b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AF:16:2C:3A:9D:BA:A9:D2:4C:9C:73:85:78:AD:63:85:DF:1F:9F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/968WLDqduqnSTJxzhXitY4XfH58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
2001:67c:64:ffff:0:195:8773:e950/128
Signature Algorithm: sha256WithRSAEncryption
54:92:6f:8b:bb:54:e3:3a:b0:7b:4a:65:07:08:56:59:d8:9a:
43:d9:01:32:73:a3:4a:bc:a5:c4:a0:7c:b4:ca:ac:69:2b:1d:
de:d5:47:ef:9b:63:13:8e:ed:34:a5:15:a0:79:33:0c:2e:5f:
4b:88:5b:da:7e:3a:b3:cf:07:6b:12:fc:bf:b2:44:a6:31:a5:
99:47:0e:50:96:9c:53:d1:a7:6f:6e:1e:98:25:f8:05:05:c0:
79:b9:b0:a2:39:ea:6b:2d:d6:a8:d3:e1:38:c0:6e:f4:e4:28:
b2:c7:86:a9:fa:9e:2b:0a:50:f0:03:d2:10:fe:db:17:69:49:
0c:0d:fd:59:9f:7b:4c:55:09:e1:e2:a5:95:e2:b7:39:55:07:
45:db:83:73:37:fb:46:af:74:21:a5:9a:48:b2:0c:b4:c7:79:
7c:f6:eb:1a:1c:98:18:97:72:79:d2:5f:be:9f:1f:6b:c0:71:
9a:f4:58:45:f2:a0:51:af:e5:76:67:ea:d7:ec:6e:e5:ac:a0:
79:f6:5f:44:e2:5f:2a:eb:2e:ee:ab:a9:b1:2d:b7:d6:d3:b0:
8d:9a:76:e9:9a:0f:ba:9e:99:2d:5e:e9:59:26:62:c8:07:e5:
d8:e2:e8:c8:28:1d:a9:10:0f:81:61:ec:ad:c3:52:15:a0:e6:
5b:30:88:c7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWHdCGB2+7QWsYfpm1phpOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzExMjMwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FmMTYyYzNhOWRiYWE5ZDI0YzljNzM4NTc4YWQ2Mzg1ZGYxZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6rXmN5jJR8yGaH7y7QCOJVDOhIy
+7XUPE9RQw+oWzQO4c0LrQMkmG/0j4/iszg8A6RWEAeNEr3i4YOBuSNWHIcv666k
Y41DNNMPc5KNKaVHqd0Z0Z7dTIlAYOicCnH2a4HdS2HOiR3T9sJjKEfy+/Z2A/28
SdGLLdEeUo8lKKNZ+gHlV0zKSVrAAZlNQW4OTeph8pIHM7/1WeiT6lRJX31rDH1C
5T+eNuJynQluaCmw9Nq8G5s6TdYOmA/Hmtu4lueLG9+Aeh0HFKMS1RYFMWkmvw8m
O+DYHM/2iLwmhWhAIWvO6jQ2uh47yQ0uSzenD6CGXmKHYyo7/rLOJuAbkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPevFiw6nbqp0kycc4V4rWOF3x+fMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOTY4V0xEcWR1cW5TVEp4emhYaXRZNFhmSDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGVhs9jDAMRACABBnwAZP//AAABlYdz6VAwDQYJKoZIhvcNAQELBQADggEB
AFSSb4u7VOM6sHtKZQcIVlnYmkPZATJzo0q8pcSgfLTKrGkrHd7VR++bYxOO7TSl
FaB5MwwuX0uIW9p+OrPPB2sS/L+yRKYxpZlHDlCWnFPRp29uHpgl+AUFwHm5sKI5
6mst1qjT4TjAbvTkKLLHhqn6nisKUPAD0hD+2xdpSQwN/Vmfe0xVCeHipZXitzlV
B0Xbg3M3+0avdCGlmkiyDLTHeXz26xocmBiXcnnSX76fH2vAcZr0WEXyoFGv5XZn
6tfsbuWsoHn2X0TiXyrrLu6rqbEtt9bTsI2adumaD7qemS1e6VkmYsgH5dji6Mgo
HakQD4Fh7K3DUhWg5lswiMc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:15:08 2025 by rpki-client