Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DreULnV-qEFtJ2fkEf1X6Am45zI.roa
File: DreULnV-qEFtJ2fkEf1X6Am45zI.roa (raw, json)
Hash identifier: y98lkpeXP/YD6Pk4Eqrijo2T/HxQlaS8+yKy2p8YuZY=
Subject key identifier: 0E:B7:94:2E:75:7E:A8:41:6D:27:67:E4:11:FD:57:E8:09:B8:E7:32
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01947EB126BC681EB6292D769BFCD3CA633A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DreULnV-qEFtJ2fkEf1X6Am45zI.roa
Signing time: Sun 19 Jan 2025 13:12:06 +0000
ROA not before: Sun 19 Jan 2025 13:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7e:b1:26:bc:68:1e:b6:29:2d:76:9b:fc:d3:ca:63:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 19 13:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb7942e757ea8416d2767e411fd57e809b8e732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:8a:b8:8f:25:69:0d:9e:bd:d3:b3:8b:4d:
31:51:fe:8f:11:55:d7:63:d3:1a:d6:e1:bb:90:98:
d1:7b:85:e9:5b:65:72:ea:2f:63:c5:46:ad:aa:38:
ef:44:b9:6e:54:6f:0c:05:48:c4:73:19:e8:30:53:
2e:a9:75:78:07:1e:97:18:4f:3e:d8:17:0d:7a:a2:
fc:f0:54:23:a5:d6:f9:3c:9a:d0:95:99:d9:66:fa:
c9:d2:43:f7:6f:cc:26:d8:5f:14:88:c6:55:16:4e:
96:28:2d:cf:af:7b:9f:c6:8b:54:16:35:65:9c:26:
09:68:ac:f4:8b:d3:da:ca:4a:47:cc:6f:9a:d0:a4:
30:17:ac:a3:a3:58:db:62:c2:1a:7f:1c:63:33:3b:
a9:cf:1b:5a:32:e6:4e:f8:04:43:34:e4:d0:3a:4d:
2a:2c:f4:ec:ae:8d:03:86:f3:13:5b:d4:8a:76:b0:
79:19:ed:43:29:29:36:06:02:2a:ec:11:3f:d2:6b:
5b:41:dd:4f:b5:be:a2:7d:7b:54:2e:4b:bb:9f:3e:
c9:90:17:aa:97:b4:78:e5:02:e0:e9:b3:07:db:55:
de:b0:dd:f5:ec:cd:fc:26:6e:11:70:f8:33:a6:f5:
3f:b0:9a:bf:d2:27:d8:25:48:c0:e2:03:5c:e6:60:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B7:94:2E:75:7E:A8:41:6D:27:67:E4:11:FD:57:E8:09:B8:E7:32
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DreULnV-qEFtJ2fkEf1X6Am45zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
83:ac:5c:62:a4:53:3f:5c:9a:9d:a6:fd:e3:20:0c:ea:bd:c7:
f8:34:41:c3:84:97:ad:66:97:f1:04:ef:de:29:8a:5e:a8:43:
8d:bc:51:42:71:04:01:a9:7a:e8:09:2b:5e:fd:0b:9a:ea:af:
50:69:0b:28:a8:96:d5:98:66:6d:89:06:76:de:10:b4:ad:19:
71:78:04:d4:f6:60:5e:99:af:8d:0d:ed:e2:ff:da:38:3c:01:
db:09:cf:74:b0:9d:92:12:6e:8a:e2:7c:c3:be:6d:0f:a0:d5:
88:fd:43:cf:ee:81:50:5e:66:d7:fa:d1:4a:b0:11:9e:b0:7a:
ec:5d:40:6e:00:d1:f1:05:7c:39:55:e4:f1:98:fc:35:87:57:
62:1e:af:4c:d9:cb:54:e7:6b:d0:be:2c:80:63:8b:0a:db:68:
00:21:2e:9e:e7:87:42:d4:20:2c:cf:a4:23:fb:41:5c:2b:25:
f5:ba:26:ce:f3:eb:25:6b:a1:3d:a5:a4:92:44:d6:89:84:77:
ed:3d:cd:57:b3:9e:14:8f:45:a0:fd:33:16:4f:09:7a:21:9a:
23:1a:16:6e:a9:23:ce:6b:05:54:19:ba:64:3c:82:45:84:58:
d2:e1:6d:bd:46:e8:a3:ac:7d:80:1d:62:59:75:7e:f2:6f:d3:
b0:78:99:2b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZR+sSa8aB62KS12m/zTymM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE5MTMxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWI3OTQyZTc1N2VhODQxNmQyNzY3ZTQxMWZkNTdlODA5YjhlNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPqKuI8laQ2evdOzi00xUf6PEVXX
Y9Ma1uG7kJjRe4XpW2Vy6i9jxUatqjjvRLluVG8MBUjEcxnoMFMuqXV4Bx6XGE8+
2BcNeqL88FQjpdb5PJrQlZnZZvrJ0kP3b8wm2F8UiMZVFk6WKC3Pr3ufxotUFjVl
nCYJaKz0i9PaykpHzG+a0KQwF6yjo1jbYsIafxxjMzupzxtaMuZO+ARDNOTQOk0q
LPTsro0DhvMTW9SKdrB5Ge1DKSk2BgIq7BE/0mtbQd1Ptb6ifXtULku7nz7JkBeq
l7R45QLg6bMH21XesN317M38Jm4RcPgzpvU/sJq/0ifYJUjA4gNc5mDOmQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFA63lC51fqhBbSdn5BH9V+gJuOcyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRHJlVUxuVi1xRUZ0SjJma0VmMVg2QW00NXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAg6xcYqRTP1yanab94yAM6r3H
+DRBw4SXrWaX8QTv3imKXqhDjbxRQnEEAal66AkrXv0LmuqvUGkLKKiW1ZhmbYkG
dt4QtK0ZcXgE1PZgXpmvjQ3t4v/aODwB2wnPdLCdkhJuiuJ8w75tD6DViP1Dz+6B
UF5m1/rRSrARnrB67F1AbgDR8QV8OVXk8Zj8NYdXYh6vTNnLVOdr0L4sgGOLCtto
ACEunueHQtQgLM+kI/tBXCsl9bomzvPrJWuhPaWkkkTWiYR37T3NV7OeFI9FoP0z
Fk8JeiGaIxoWbqkjzmsFVBm6ZDyCRYRY0uFtvUboo6x9gB1iWXV+8m/TsHiZKw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:03:19 2025 by rpki-client