Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Co8CFDuUqtLtvaVGYVp5x-tEcME.roa
File: Co8CFDuUqtLtvaVGYVp5x-tEcME.roa (raw, json)
Hash identifier: IXIUvZktBONgyFSh4uiN/MK2M/07ufNnILT2l+Q7fUk=
Subject key identifier: 0A:8F:02:14:3B:94:AA:D2:ED:BD:A5:46:61:5A:79:C7:EB:44:70:C1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958EC80BE7B983711C55E6823F24419890
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Co8CFDuUqtLtvaVGYVp5x-tEcME.roa
Signing time: Thu 13 Mar 2025 09:13:49 +0000
ROA not before: Thu 13 Mar 2025 09:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:c8:0b:e7:b9:83:71:1c:55:e6:82:3f:24:41:98:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 13 09:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a8f02143b94aad2edbda546615a79c7eb4470c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:43:88:02:23:ff:8e:6d:33:1a:35:74:3f:
c3:ba:7a:23:41:8e:80:95:c3:d4:fe:7d:bf:d6:64:
fe:02:83:74:78:4c:9c:2d:ef:28:1d:94:47:fc:83:
ea:d5:13:c0:0d:59:34:ba:e8:48:28:1d:3e:0f:ac:
76:7f:74:2a:a6:04:fd:11:94:d1:9e:28:52:4c:20:
b4:b3:07:73:eb:11:9b:70:47:3e:98:3d:2e:3e:a5:
08:f1:f8:3a:8c:82:de:36:46:43:ae:f1:d0:c8:89:
f1:d9:a6:c2:15:90:5a:2d:df:6c:8a:8b:2f:bd:5f:
6a:33:e9:38:47:61:2b:fe:66:76:8c:b8:a7:e4:63:
a7:77:91:9e:c9:5c:bd:96:72:f6:36:f2:b8:5a:1c:
f6:ee:8d:c3:0e:37:6b:3e:59:14:69:83:fc:9c:c9:
6f:e2:01:bf:88:0b:5b:f5:21:a9:47:92:de:86:39:
e7:d5:d3:38:fc:7c:24:7a:4c:ca:41:d1:9b:af:e7:
8f:60:84:07:58:17:3c:94:b7:1a:8a:c1:de:a2:ea:
d0:6e:ea:2f:e8:79:c5:32:12:ae:2a:1e:38:19:e3:
c6:b6:05:0d:a1:bd:0c:86:00:36:56:50:55:84:e4:
17:ae:8e:5c:b2:e5:e9:08:42:f2:97:00:a5:69:c8:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8F:02:14:3B:94:AA:D2:ED:BD:A5:46:61:5A:79:C7:EB:44:70:C1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Co8CFDuUqtLtvaVGYVp5x-tEcME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
08:46:b6:d3:0a:54:c8:25:f7:76:74:b6:56:9c:3c:ed:75:b8:
8a:12:12:06:e3:87:c4:23:cb:99:f3:45:16:34:97:cb:87:ff:
71:b2:88:e5:7f:15:49:2a:71:43:b7:4b:62:6b:93:e9:4c:bc:
7d:35:10:5f:a1:9f:49:c2:31:92:48:9a:e0:c6:53:34:42:5c:
cd:f4:ab:14:04:37:3f:cd:b2:8d:20:7c:1d:5a:d6:ce:dc:48:
f6:9e:e2:3d:6b:86:7c:84:c7:ac:e1:e0:05:20:03:4a:4e:c2:
a2:a9:b6:d3:2a:61:72:bc:40:4f:ac:c7:43:75:73:d0:f6:62:
81:98:d5:b8:31:5c:86:eb:23:7b:04:c9:12:54:65:2b:2f:b8:
4b:ed:da:7f:fa:43:6e:67:bb:74:b8:bb:da:73:dc:81:47:d6:
f6:60:cc:9a:ce:31:4d:07:68:28:66:f6:6b:8f:1f:92:30:18:
ee:b4:90:fe:b4:f0:bb:21:45:0c:73:66:aa:53:09:76:56:7f:
6c:7c:e6:3e:04:03:51:b1:78:f7:d9:63:23:e0:f3:07:69:ec:
7e:9e:18:c6:85:ea:ee:22:0b:58:e3:6f:4f:ad:ff:5f:5f:3f:
37:52:e0:b4:66:8d:00:bd:24:51:99:b3:4b:a3:d6:e2:af:e0:
cf:2b:1f:1f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWOyAvnuYNxHFXmgj8kQZiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEzMDkxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYThmMDIxNDNiOTRhYWQyZWRiZGE1NDY2MTVhNzljN2ViNDQ3MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPtDiAIj/45tMxo1dD/DunojQY6A
lcPU/n2/1mT+AoN0eEycLe8oHZRH/IPq1RPADVk0uuhIKB0+D6x2f3QqpgT9EZTR
nihSTCC0swdz6xGbcEc+mD0uPqUI8fg6jILeNkZDrvHQyInx2abCFZBaLd9siosv
vV9qM+k4R2Er/mZ2jLin5GOnd5GeyVy9lnL2NvK4Whz27o3DDjdrPlkUaYP8nMlv
4gG/iAtb9SGpR5Lehjnn1dM4/HwkekzKQdGbr+ePYIQHWBc8lLcaisHeourQbuov
6HnFMhKuKh44GePGtgUNob0MhgA2VlBVhOQXro5csuXpCELylwClacjj4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAqPAhQ7lKrS7b2lRmFaecfrRHDBMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ284Q0ZEdVVxdEx0dmFWR1lWcDV4LXRFY01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEACEa20wpUyCX3dnS2Vpw87XW4
ihISBuOHxCPLmfNFFjSXy4f/cbKI5X8VSSpxQ7dLYmuT6Uy8fTUQX6GfScIxkkia
4MZTNEJczfSrFAQ3P82yjSB8HVrWztxI9p7iPWuGfITHrOHgBSADSk7Coqm20yph
crxAT6zHQ3Vz0PZigZjVuDFchusjewTJElRlKy+4S+3af/pDbme7dLi72nPcgUfW
9mDMms4xTQdoKGb2a48fkjAY7rSQ/rTwuyFFDHNmqlMJdlZ/bHzmPgQDUbF499lj
I+DzB2nsfp4YxoXq7iILWONvT63/X18/N1LgtGaNAL0kUZmzS6PW4q/gzysfHw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:11:14 2025 by rpki-client