Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CwCO0cDuVr5QRlVLNAXyA2DAWH8.roa
File: CwCO0cDuVr5QRlVLNAXyA2DAWH8.roa (raw, json)
Hash identifier: D0BCEj9fBX50jVAfqYpaodQXSk/UEdKmZ+cb02NyCm0=
Subject key identifier: 0B:00:8E:D1:C0:EE:56:BE:50:46:55:4B:34:05:F2:03:60:C0:58:7F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019587E77E0F4E62EE9C3F12F8279D3B3E06
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CwCO0cDuVr5QRlVLNAXyA2DAWH8.roa
Signing time: Wed 12 Mar 2025 01:10:50 +0000
ROA not before: Wed 12 Mar 2025 01:10:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:87:e7:7e:0f:4e:62:ee:9c:3f:12:f8:27:9d:3b:3e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 01:10:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b008ed1c0ee56be5046554b3405f20360c0587f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:54:d5:72:6f:51:82:80:ec:ce:de:27:d3:
d4:61:a5:71:15:71:7d:a7:47:40:d1:7a:44:d9:5c:
d6:7d:2e:98:5b:50:10:95:c0:80:bb:6f:b2:cb:cc:
a8:7c:7b:50:a5:a2:07:5f:2c:f5:0a:4f:51:f5:e7:
2f:2b:c4:c9:93:70:48:7f:ad:f6:4a:c8:ee:02:b0:
0c:8c:67:bb:e6:d9:09:b4:1b:fa:b5:b3:2d:20:95:
d6:f8:cf:2a:af:cf:87:f0:9c:3b:79:83:d1:e3:a5:
c9:e1:54:cb:62:4e:6a:29:18:87:2f:4b:0f:3f:97:
b0:c9:e1:63:c2:72:e3:88:4a:03:92:a7:ba:b5:8b:
58:bd:90:a4:2d:04:8e:ab:ac:27:c7:f8:10:ed:18:
c3:8f:95:23:15:0a:6b:70:99:37:8d:5e:07:d1:a6:
a5:89:3f:cf:1a:1d:4e:ce:00:a5:10:8a:c6:c1:44:
ee:4a:95:42:fe:3f:12:fb:d1:87:43:f0:66:23:78:
c4:37:be:6b:23:96:f4:35:2d:f9:a0:ae:4c:e7:3c:
76:1e:eb:1e:20:6e:48:37:7a:3b:0c:d8:da:4b:53:
7f:3d:29:e4:2f:f1:f3:fb:cd:8c:2f:ba:5d:b3:d8:
f8:9c:93:be:84:47:7c:b0:ea:97:12:ee:c2:25:2f:
31:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:00:8E:D1:C0:EE:56:BE:50:46:55:4B:34:05:F2:03:60:C0:58:7F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CwCO0cDuVr5QRlVLNAXyA2DAWH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
53:46:9c:b6:e1:ed:4c:b4:0c:95:86:57:8b:6a:ff:82:23:e3:
f0:e5:22:eb:88:e3:c7:a6:a3:92:6f:f6:e3:e5:53:c8:6c:26:
98:e3:3d:22:1d:e2:38:b1:7b:1b:27:69:3b:94:d9:f3:f5:2c:
7c:a9:b0:0c:e8:96:96:95:68:81:96:bd:19:4f:d6:b2:34:c8:
bd:e9:54:dc:72:e5:95:11:01:28:18:70:1c:49:b2:08:4a:dd:
5f:28:3a:86:d1:41:73:b0:96:ca:a9:5c:12:53:7e:d2:92:7b:
6b:14:83:b6:08:14:e4:94:07:d8:59:fd:1b:79:71:70:a8:ad:
08:14:21:e7:0e:16:a2:8e:ea:2c:68:c8:ab:b7:aa:22:19:6c:
9c:ef:f6:af:87:2f:3f:3a:19:16:ab:d5:7f:fb:2b:19:f2:e2:
ac:65:fc:dd:28:37:30:e8:93:9e:20:d4:9b:8d:55:9a:a6:c4:
a8:3e:64:9f:33:f1:f3:ab:3c:29:3e:76:33:8b:86:81:92:97:
70:19:7b:8c:31:4d:97:13:92:b4:64:10:ba:c2:b6:a7:ec:6d:
b2:c1:06:4f:c0:fe:87:4d:3b:3c:6b:db:02:0d:c2:5a:e0:6f:
d3:b4:05:90:bb:74:3f:cd:2e:eb:6c:4d:3f:ed:04:6e:cc:66:
15:2b:5e:cb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWH534PTmLunD8S+CedOz4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMDExMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAwOGVkMWMwZWU1NmJlNTA0NjU1NGIzNDA1ZjIwMzYwYzA1ODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaJU1XJvUYKA7M7eJ9PUYaVxFXF9
p0dA0XpE2VzWfS6YW1AQlcCAu2+yy8yofHtQpaIHXyz1Ck9R9ecvK8TJk3BIf632
SsjuArAMjGe75tkJtBv6tbMtIJXW+M8qr8+H8Jw7eYPR46XJ4VTLYk5qKRiHL0sP
P5ewyeFjwnLjiEoDkqe6tYtYvZCkLQSOq6wnx/gQ7RjDj5UjFQprcJk3jV4H0aal
iT/PGh1OzgClEIrGwUTuSpVC/j8S+9GHQ/BmI3jEN75rI5b0NS35oK5M5zx2Huse
IG5IN3o7DNjaS1N/PSnkL/Hz+82ML7pds9j4nJO+hEd8sOqXEu7CJS8xhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAsAjtHA7la+UEZVSzQF8gNgwFh/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ3dDTzBjRHVWcjVRUmxWTE5BWHlBMkRBV0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAU0actuHtTLQMlYZXi2r/giPj
8OUi64jjx6ajkm/24+VTyGwmmOM9Ih3iOLF7GydpO5TZ8/UsfKmwDOiWlpVogZa9
GU/WsjTIvelU3HLllREBKBhwHEmyCErdXyg6htFBc7CWyqlcElN+0pJ7axSDtggU
5JQH2Fn9G3lxcKitCBQh5w4Woo7qLGjIq7eqIhlsnO/2r4cvPzoZFqvVf/srGfLi
rGX83Sg3MOiTniDUm41VmqbEqD5knzPx86s8KT52M4uGgZKXcBl7jDFNlxOStGQQ
usK2p+xtssEGT8D+h007PGvbAg3CWuBv07QFkLt0P80u62xNP+0EbsxmFSteyw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:15:46 2025 by rpki-client