Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DR0Xsp9Yaqq8w5d2xBcCxAkiHBU.roa
File: DR0Xsp9Yaqq8w5d2xBcCxAkiHBU.roa (raw, json)
Hash identifier: uR4Mqtl+5KSSF5IhVzM0302dqdm7eg9QnnU7czOJ/9o=
Subject key identifier: 0D:1D:17:B2:9F:58:6A:AA:BC:C3:97:76:C4:17:02:C4:09:22:1C:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959348B2554F758119337ACC1227ADC7F1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DR0Xsp9Yaqq8w5d2xBcCxAkiHBU.roa
Signing time: Fri 14 Mar 2025 06:12:49 +0000
ROA not before: Fri 14 Mar 2025 06:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:48:b2:55:4f:75:81:19:33:7a:cc:12:27:ad:c7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 06:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d1d17b29f586aaabcc39776c41702c409221c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:98:81:93:8c:df:f4:44:e2:98:0c:7c:cc:c1:
6d:94:39:36:1a:0a:ec:b3:54:e2:0b:a2:77:ad:67:
03:68:03:2f:f4:27:c7:7c:51:76:4a:38:d4:2c:e2:
3e:d2:3a:23:49:2f:1f:e7:e2:ae:30:2b:6f:4e:9f:
1e:5a:89:be:8d:12:e7:47:d8:13:98:24:3d:6e:a5:
9a:0b:56:eb:ad:b5:46:19:4c:b6:89:fa:67:8f:0a:
5a:3d:17:20:09:ba:70:e2:83:5f:82:51:c6:e8:92:
72:89:81:86:f7:f8:b6:e0:dc:cf:4d:23:38:62:b3:
2f:ef:b7:a7:55:06:07:b3:31:e1:dc:8d:79:58:db:
16:fa:5f:24:a1:c4:3c:e4:a3:ad:58:c9:ea:6a:f7:
56:e1:df:8f:7c:a3:ea:dc:b7:d1:bb:ac:bf:3d:c6:
d5:4e:9f:26:30:5d:fa:f0:94:87:bd:7e:46:9f:35:
90:0e:f9:1f:be:ce:8d:b8:48:3d:b6:be:39:10:85:
58:52:a0:45:29:25:e2:88:3b:5a:41:ec:f8:56:81:
62:9d:d2:9a:fe:c4:0e:aa:7e:dc:17:e0:bb:28:dd:
ea:d2:d0:95:a9:bc:ef:05:4f:cf:4a:d8:17:23:d5:
e2:aa:1f:c5:a1:b4:23:c4:48:be:38:64:64:92:4b:
7c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1D:17:B2:9F:58:6A:AA:BC:C3:97:76:C4:17:02:C4:09:22:1C:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DR0Xsp9Yaqq8w5d2xBcCxAkiHBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
62:8b:aa:80:92:dd:97:40:2e:d1:5d:69:2a:27:3c:75:9e:0d:
e7:9b:69:38:6d:ae:69:24:45:38:73:47:01:e6:e7:bd:a6:6f:
53:a4:a0:cc:79:5f:19:29:76:f5:63:cf:c9:46:91:6a:36:ae:
f8:7e:4f:df:6f:05:4b:02:73:0d:e7:35:e7:c0:0c:d3:a8:5f:
4a:ff:eb:5e:39:c9:ec:9c:57:39:9e:b0:ab:eb:49:4e:10:6c:
31:ff:15:40:84:21:ca:b4:8a:f1:a2:23:94:96:de:c8:95:72:
cc:9d:46:c4:78:d1:56:62:8e:e4:ff:76:c1:99:32:59:c7:e5:
11:d3:7e:f2:8b:1b:97:49:2b:c6:e3:72:bc:0c:60:15:ff:e7:
33:a4:dd:08:62:31:47:c1:8e:e3:9f:5f:9d:fd:2f:47:2c:ed:
4e:9a:51:9b:46:fa:ca:8f:43:39:fe:28:41:63:12:6d:3d:e5:
80:ef:26:73:fb:37:7e:fd:29:0e:9b:6a:72:24:f6:03:7f:4a:
f6:36:12:9d:58:0e:cc:ae:29:74:8e:84:9c:ac:b9:45:ac:00:
e1:b9:c7:a7:cd:c0:ec:71:ef:da:f8:20:8a:fd:0c:67:7e:00:
48:f5:07:d6:77:77:81:6a:a7:62:a6:9b:ff:65:e5:19:55:73:
7f:af:17:28
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWTSLJVT3WBGTN6zBInrcfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MDYxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDFkMTdiMjlmNTg2YWFhYmNjMzk3NzZjNDE3MDJjNDA5MjIxYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JiBk4zf9ETimAx8zMFtlDk2Ggrs
s1TiC6J3rWcDaAMv9CfHfFF2SjjULOI+0jojSS8f5+KuMCtvTp8eWom+jRLnR9gT
mCQ9bqWaC1brrbVGGUy2ifpnjwpaPRcgCbpw4oNfglHG6JJyiYGG9/i24NzPTSM4
YrMv77enVQYHszHh3I15WNsW+l8kocQ85KOtWMnqavdW4d+PfKPq3LfRu6y/PcbV
Tp8mMF368JSHvX5GnzWQDvkfvs6NuEg9tr45EIVYUqBFKSXiiDtaQez4VoFindKa
/sQOqn7cF+C7KN3q0tCVqbzvBU/PStgXI9Xiqh/FobQjxEi+OGRkkkt8PwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA0dF7KfWGqqvMOXdsQXAsQJIhwVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRFIwWHNwOVlhcXE4dzVkMnhCY0N4QWtpSEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAYouqgJLdl0Au0V1pKic8dZ4N
55tpOG2uaSRFOHNHAebnvaZvU6SgzHlfGSl29WPPyUaRajau+H5P328FSwJzDec1
58AM06hfSv/rXjnJ7JxXOZ6wq+tJThBsMf8VQIQhyrSK8aIjlJbeyJVyzJ1GxHjR
VmKO5P92wZkyWcflEdN+8osbl0krxuNyvAxgFf/nM6TdCGIxR8GO459fnf0vRyzt
TppRm0b6yo9DOf4oQWMSbT3lgO8mc/s3fv0pDptqciT2A39K9jYSnVgOzK4pdI6E
nKy5RawA4bnHp83A7HHv2vggiv0MZ34ASPUH1nd3gWqnYqab/2XlGVVzf68XKA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:00:58 2025 by rpki-client