Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/D5qpyNehIddhm-tJEYBX061xqbE.roa
File: D5qpyNehIddhm-tJEYBX061xqbE.roa (raw, json)
Hash identifier: Bi+PkOPP3kqKGB/EL5PaNHQcRTaYJNujSsppYEzFfyA=
Subject key identifier: 0F:9A:A9:C8:D7:A1:21:D7:61:9B:EB:49:11:80:57:D3:AD:71:A9:B1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958B8D53807F8F1C091BA0A5B2081890D7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/D5qpyNehIddhm-tJEYBX061xqbE.roa
Signing time: Wed 12 Mar 2025 18:10:49 +0000
ROA not before: Wed 12 Mar 2025 18:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:8d:53:80:7f:8f:1c:09:1b:a0:a5:b2:08:18:90:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 18:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f9aa9c8d7a121d7619beb49118057d3ad71a9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d3:79:11:86:78:50:01:5d:f4:f3:f3:36:83:
92:81:10:04:a7:48:75:c0:91:b7:51:f8:6c:0a:8e:
4e:6a:1a:af:4a:46:55:5f:3e:22:39:7c:65:56:08:
e1:a7:bc:69:29:b6:89:d1:a8:25:73:b8:27:f5:4a:
46:46:0d:2a:ec:41:79:8f:93:21:aa:45:bd:c6:6f:
b1:ee:3a:a9:cf:1b:58:f7:28:47:0c:d9:51:a7:11:
13:98:17:2f:56:3d:01:02:02:6e:83:4c:4f:71:14:
8a:25:12:f5:be:f9:5b:c7:5b:fb:7f:6f:75:17:b8:
c4:5b:f6:25:c9:83:9e:01:7f:c9:15:09:22:a1:6e:
6c:c3:e8:c1:56:c1:85:14:9f:e4:57:3a:cf:11:66:
90:8c:5a:83:49:9f:78:f5:c4:ad:3f:13:2f:64:28:
81:c6:ef:d6:25:ea:a5:28:8e:04:a0:79:c4:8b:84:
14:03:35:6b:7f:d5:be:a1:de:d0:83:89:34:d9:2b:
e6:ee:0e:d3:c2:11:45:eb:27:ac:ee:c4:dd:52:8c:
a3:aa:4b:79:48:57:4c:07:0e:b4:f7:5b:e8:ba:c6:
1c:0d:b9:6c:7c:74:41:f4:b9:c4:29:c3:ff:31:d4:
b6:1b:27:15:28:32:35:c1:5d:72:c0:34:cd:0e:0f:
d9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9A:A9:C8:D7:A1:21:D7:61:9B:EB:49:11:80:57:D3:AD:71:A9:B1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/D5qpyNehIddhm-tJEYBX061xqbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
5f:33:8c:77:25:f5:79:58:a4:54:b2:f4:d4:8b:49:0f:6c:5f:
fe:46:66:54:46:13:f8:fd:81:69:5b:c6:1e:0d:6f:d4:08:f3:
fb:01:74:f8:28:71:4d:ca:4b:85:6d:89:82:ae:71:26:5f:97:
00:47:38:ba:79:9d:9d:b1:6e:12:f8:6e:78:16:68:5c:24:e0:
04:e5:80:72:d6:ea:ae:bc:15:fe:1a:f3:1c:83:a5:be:55:99:
91:ec:92:12:f0:3f:65:ba:28:34:7b:0b:32:f2:60:37:a5:3c:
d5:67:24:f4:f9:da:3a:a6:af:76:13:32:ec:8e:55:e8:1a:59:
ed:ce:0d:a6:43:6c:77:ac:5a:67:c7:87:db:38:eb:90:06:f6:
9a:33:8d:19:bb:ef:93:32:18:8a:e9:f3:e4:02:82:b9:00:19:
64:03:48:45:b5:70:aa:2f:8e:fc:12:cd:24:50:db:c7:26:d4:
d5:17:f7:01:c9:12:d5:df:1c:db:2d:eb:19:40:0f:0b:6d:68:
bd:82:96:e5:f0:2d:47:97:57:5c:9b:cf:f5:44:f4:e7:a4:a9:
fa:b8:ee:ea:f4:54:35:27:3a:ba:d3:a6:9f:4c:29:56:5a:a3:
a3:35:29:bb:08:a7:fa:ce:37:4a:0f:24:b9:26:b1:e4:ec:b3:
68:d7:93:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWLjVOAf48cCRugpbIIGJDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMTgxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjlhYTljOGQ3YTEyMWQ3NjE5YmViNDkxMTgwNTdkM2FkNzFhOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9N5EYZ4UAFd9PPzNoOSgRAEp0h1
wJG3UfhsCo5OahqvSkZVXz4iOXxlVgjhp7xpKbaJ0aglc7gn9UpGRg0q7EF5j5Mh
qkW9xm+x7jqpzxtY9yhHDNlRpxETmBcvVj0BAgJug0xPcRSKJRL1vvlbx1v7f291
F7jEW/YlyYOeAX/JFQkioW5sw+jBVsGFFJ/kVzrPEWaQjFqDSZ949cStPxMvZCiB
xu/WJeqlKI4EoHnEi4QUAzVrf9W+od7Qg4k02Svm7g7TwhFF6yes7sTdUoyjqkt5
SFdMBw6091vousYcDblsfHRB9LnEKcP/MdS2GycVKDI1wV1ywDTNDg/ZowIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA+aqcjXoSHXYZvrSRGAV9OtcamxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRDVxcHlOZWhJZGRobS10SkVZQlgwNjF4cWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAXzOMdyX1eVikVLL01ItJD2xf
/kZmVEYT+P2BaVvGHg1v1Ajz+wF0+ChxTcpLhW2Jgq5xJl+XAEc4unmdnbFuEvhu
eBZoXCTgBOWActbqrrwV/hrzHIOlvlWZkeySEvA/ZbooNHsLMvJgN6U81Wck9Pna
OqavdhMy7I5V6BpZ7c4NpkNsd6xaZ8eH2zjrkAb2mjONGbvvkzIYiunz5AKCuQAZ
ZANIRbVwqi+O/BLNJFDbxybU1Rf3AckS1d8c2y3rGUAPC21ovYKW5fAtR5dXXJvP
9UT056Sp+rju6vRUNSc6utOmn0wpVlqjozUpuwin+s43Sg8kuSax5OyzaNeTmA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:38:28 2025 by rpki-client