Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BUjby_9aUiYA0nf2tfr1nd-mMwo.roa
File: BUjby_9aUiYA0nf2tfr1nd-mMwo.roa (raw, json)
Hash identifier: 5SqxI63Ox8s6bm3qp23KDgSsoO8KwwS4Q1XD+IMU62k=
Subject key identifier: 05:48:DB:CB:FF:5A:52:26:00:D2:77:F6:B5:FA:F5:9D:DF:A6:33:0A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195775BCCF551B6B862880AB20DAB497F84
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BUjby_9aUiYA0nf2tfr1nd-mMwo.roa
Signing time: Sat 08 Mar 2025 20:04:19 +0000
ROA not before: Sat 08 Mar 2025 20:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:775b:c27e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:77:5b:cc:f5:51:b6:b8:62:88:0a:b2:0d:ab:49:7f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 8 20:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0548dbcbff5a522600d277f6b5faf59ddfa6330a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:00:95:0f:b9:b1:d0:e7:ec:a8:2d:49:a4:63:
b3:24:b1:3e:34:5f:f1:66:4c:1e:eb:df:e1:9e:95:
65:aa:42:08:0b:18:69:76:f9:b4:94:28:ce:5c:fe:
15:dc:e7:3b:d3:23:e6:89:14:d8:f3:1b:78:92:05:
6a:d1:54:cb:5b:1d:04:25:fa:54:b1:b4:9f:08:eb:
94:64:c7:af:59:f2:d9:de:bb:95:94:f8:9c:81:a0:
1f:2c:b8:d5:59:48:4b:27:e4:a8:6e:46:fe:28:1b:
28:05:65:10:64:4f:8a:9d:e2:7c:ba:21:26:3d:71:
cd:8c:f3:21:7d:60:28:f7:9a:18:a7:45:ff:08:a8:
2e:e0:29:f3:7e:ab:bb:9e:a2:5c:ab:50:fc:5d:b3:
35:7d:07:1d:9e:e6:b4:c5:a2:a3:a6:30:6e:b3:23:
86:61:0f:c7:b9:ef:f8:4e:44:54:c7:d6:d7:7d:c5:
52:a2:37:ce:52:55:7b:0f:05:16:29:51:d1:09:07:
ea:da:0f:fe:2c:71:28:dd:fc:3a:f8:02:a3:2c:65:
29:b4:32:e8:e5:61:0b:07:75:a4:c2:76:51:cf:b9:
25:9a:ec:e4:57:60:e1:4c:5a:98:84:35:38:a6:18:
d7:55:d0:68:6d:2d:65:1e:f2:e0:c8:fe:35:eb:72:
c2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:48:DB:CB:FF:5A:52:26:00:D2:77:F6:B5:FA:F5:9D:DF:A6:33:0A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BUjby_9aUiYA0nf2tfr1nd-mMwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:775b:c27e/128
Signature Algorithm: sha256WithRSAEncryption
3d:33:c6:68:27:59:a9:8a:eb:f2:2b:b9:0c:d7:e6:44:c9:be:
96:d3:81:6d:18:b7:da:cd:58:51:a6:2a:a2:af:46:5f:13:5e:
5f:48:d4:50:7c:40:56:bd:5b:87:b8:bb:b5:22:7b:69:86:0a:
3f:93:6e:fe:95:13:61:f2:fc:84:2c:ff:33:f1:68:e4:a6:5e:
cf:4e:16:e8:61:35:38:91:89:85:a4:fa:70:ca:96:52:6a:3c:
c1:2a:3e:fd:5c:37:a5:72:86:07:31:00:bf:92:71:5a:a6:df:
c2:68:23:76:b2:a6:15:bf:74:94:eb:bb:5d:c2:8d:26:a2:2d:
ab:de:0a:03:a4:29:02:04:e4:da:59:96:54:85:f8:74:7e:d2:
74:33:4b:d0:05:96:26:c9:d7:b2:9d:0a:96:75:60:19:bf:f0:
a8:83:49:3c:c5:30:57:62:6a:3b:09:09:43:62:2f:25:5d:cf:
4d:8d:cc:18:75:04:67:1e:85:bd:a1:d2:18:4e:98:90:82:c2:
7f:96:96:5e:6e:34:06:0c:61:2d:60:f5:b8:8c:3c:d4:94:4c:
b8:af:3c:5a:fb:8a:98:3f:98:10:64:51:6b:72:d9:a9:a3:56:
dc:d8:7a:cf:0e:a2:5a:a5:c9:7a:1c:80:9d:ee:a4:4d:b1:c3:
de:41:74:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZV3W8z1Uba4YogKsg2rSX+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA4MjAwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ4ZGJjYmZmNWE1MjI2MDBkMjc3ZjZiNWZhZjU5ZGRmYTYzMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwCVD7mx0OfsqC1JpGOzJLE+NF/x
Zkwe69/hnpVlqkIICxhpdvm0lCjOXP4V3Oc70yPmiRTY8xt4kgVq0VTLWx0EJfpU
sbSfCOuUZMevWfLZ3ruVlPicgaAfLLjVWUhLJ+Sobkb+KBsoBWUQZE+KneJ8uiEm
PXHNjPMhfWAo95oYp0X/CKgu4Cnzfqu7nqJcq1D8XbM1fQcdnua0xaKjpjBusyOG
YQ/Hue/4TkRUx9bXfcVSojfOUlV7DwUWKVHRCQfq2g/+LHEo3fw6+AKjLGUptDLo
5WELB3WkwnZRz7klmuzkV2DhTFqYhDU4phjXVdBobS1lHvLgyP4163LC1wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAVI28v/WlImANJ39rX69Z3fpjMKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQlVqYnlfOWFVaVlBMG5mMnRmcjFuZC1tTXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVd1vCfjANBgkqhkiG9w0BAQsFAAOCAQEAPTPGaCdZqYrr8iu5DNfmRMm+
ltOBbRi32s1YUaYqoq9GXxNeX0jUUHxAVr1bh7i7tSJ7aYYKP5Nu/pUTYfL8hCz/
M/Fo5KZez04W6GE1OJGJhaT6cMqWUmo8wSo+/Vw3pXKGBzEAv5JxWqbfwmgjdrKm
Fb90lOu7XcKNJqItq94KA6QpAgTk2lmWVIX4dH7SdDNL0AWWJsnXsp0KlnVgGb/w
qINJPMUwV2JqOwkJQ2IvJV3PTY3MGHUEZx6FvaHSGE6YkILCf5aWXm40BgxhLWD1
uIw81JRMuK88WvuKmD+YEGRRa3LZqaNW3Nh6zw6iWqXJehyAne6kTbHD3kF0kA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:14 2025 by rpki-client