Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/C0DLd8PhKBsP-lO1bSIA0qXoTD8.roa
File: C0DLd8PhKBsP-lO1bSIA0qXoTD8.roa (raw, json)
Hash identifier: VHrO+WZbrstdZhzh/Dtn7ycJZjl4K89nqWzaxjwXT+Y=
Subject key identifier: 0B:40:CB:77:C3:E1:28:1B:0F:FA:53:B5:6D:22:00:D2:A5:E8:4C:3F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019579B8F6F34E770435EB5BB98DC5365E49
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/C0DLd8PhKBsP-lO1bSIA0qXoTD8.roa
Signing time: Sun 09 Mar 2025 07:05:19 +0000
ROA not before: Sun 09 Mar 2025 07:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:79b8:3226/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:b8:f6:f3:4e:77:04:35:eb:5b:b9:8d:c5:36:5e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 9 07:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b40cb77c3e1281b0ffa53b56d2200d2a5e84c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b0:eb:f8:e7:df:0f:35:ff:8a:26:de:24:87:
65:56:c5:47:94:c9:93:86:98:47:ef:32:29:0b:67:
5e:15:6c:b2:1d:f4:35:48:b9:b9:35:d1:c7:0e:de:
c1:4c:c4:ef:fb:69:34:14:ee:a5:07:f5:33:de:64:
ec:09:02:67:e4:47:0d:b9:3d:ee:a2:19:81:03:12:
d3:45:43:98:52:e8:16:83:26:8a:bc:3d:d4:5f:9a:
3a:e3:2f:52:57:08:8f:05:13:77:ee:4c:25:79:91:
b4:52:16:1a:56:69:29:5a:89:d6:20:06:6b:48:3b:
4e:eb:b2:da:42:71:d4:01:10:6a:49:62:e0:08:fd:
c1:4f:4c:99:99:4f:0e:e8:13:d5:22:25:41:c5:46:
29:12:4c:6a:68:a0:f8:9c:e0:0b:cd:08:d3:c5:bb:
7f:24:ad:93:19:b2:97:02:a3:2c:ab:53:8b:90:58:
10:47:77:45:de:b4:f7:f4:ff:4f:c6:0a:1e:96:83:
58:d8:64:7f:a5:19:95:19:4d:34:e3:49:e2:42:41:
76:11:f3:d6:b7:7f:e0:3f:c0:e8:30:48:44:28:05:
62:97:8d:19:79:ec:72:0b:18:d4:67:eb:07:c9:53:
32:cd:07:0f:86:5f:11:f3:a9:79:da:1c:2c:3d:25:
c1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:40:CB:77:C3:E1:28:1B:0F:FA:53:B5:6D:22:00:D2:A5:E8:4C:3F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/C0DLd8PhKBsP-lO1bSIA0qXoTD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:79b8:3226/128
Signature Algorithm: sha256WithRSAEncryption
26:5d:e9:43:47:4a:3c:20:e5:97:36:b8:76:47:1a:a4:9e:48:
27:42:4e:0e:13:60:16:f8:d3:7e:5d:85:b4:18:7d:ba:c0:56:
86:03:94:a2:2d:bb:cc:9e:4c:e0:48:14:f3:e0:db:47:cb:ac:
a6:91:e4:ad:84:48:a4:b7:6f:2f:5c:77:0c:7f:5b:49:40:a1:
ad:8b:d3:ac:b8:ce:40:6e:c7:a5:11:64:81:1c:01:6a:36:d7:
fc:81:7d:3e:8e:2d:4c:4e:ee:1c:24:5b:61:96:fb:39:da:0a:
da:85:50:fb:7f:96:a2:bc:e4:c3:9c:1f:38:a1:c7:ce:14:02:
cc:ba:c8:9d:af:a4:45:bc:0b:a7:d3:3d:08:df:5f:b7:69:ea:
bf:03:19:76:bf:14:79:38:ac:fe:06:76:99:c6:f3:3b:a7:1b:
78:ec:3d:23:6c:3c:73:23:a1:55:29:99:2a:8a:80:ba:a8:5a:
aa:ef:8d:7c:62:55:bf:c8:c9:36:42:7a:3e:80:87:d6:83:5a:
05:53:82:b7:7b:e2:d8:0a:95:93:84:00:80:8f:76:9a:89:de:
54:14:15:51:71:c6:eb:6b:10:c7:68:2b:a1:d0:62:a0:1c:aa:
a4:7d:44:c4:2f:40:bb:1a:ce:2b:ad:d7:3c:1c:d3:4d:cc:e4:
a0:d9:68:f4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZV5uPbzTncENetbuY3FNl5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA5MDcwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQwY2I3N2MzZTEyODFiMGZmYTUzYjU2ZDIyMDBkMmE1ZTg0YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLDr+OffDzX/iibeJIdlVsVHlMmT
hphH7zIpC2deFWyyHfQ1SLm5NdHHDt7BTMTv+2k0FO6lB/Uz3mTsCQJn5EcNuT3u
ohmBAxLTRUOYUugWgyaKvD3UX5o64y9SVwiPBRN37kwleZG0UhYaVmkpWonWIAZr
SDtO67LaQnHUARBqSWLgCP3BT0yZmU8O6BPVIiVBxUYpEkxqaKD4nOALzQjTxbt/
JK2TGbKXAqMsq1OLkFgQR3dF3rT39P9PxgoeloNY2GR/pRmVGU0040niQkF2EfPW
t3/gP8DoMEhEKAVil40ZeexyCxjUZ+sHyVMyzQcPhl8R86l52hwsPSXB8QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAtAy3fD4SgbD/pTtW0iANKl6Ew/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQzBETGQ4UGhLQnNQLWxPMWJTSUEwcVhvVEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVebgyJjANBgkqhkiG9w0BAQsFAAOCAQEAJl3pQ0dKPCDllza4dkcapJ5I
J0JODhNgFvjTfl2FtBh9usBWhgOUoi27zJ5M4EgU8+DbR8usppHkrYRIpLdvL1x3
DH9bSUChrYvTrLjOQG7HpRFkgRwBajbX/IF9Po4tTE7uHCRbYZb7OdoK2oVQ+3+W
orzkw5wfOKHHzhQCzLrIna+kRbwLp9M9CN9ft2nqvwMZdr8UeTis/gZ2mcbzO6cb
eOw9I2w8cyOhVSmZKoqAuqhaqu+NfGJVv8jJNkJ6PoCH1oNaBVOCt3vi2AqVk4QA
gI92moneVBQVUXHG62sQx2grodBioByqpH1ExC9AuxrOK63XPBzTTczkoNlo9A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:52 2025 by rpki-client