Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EHN3LOJj4n6LPz_b3RW0RyUJw4g.roa
File: EHN3LOJj4n6LPz_b3RW0RyUJw4g.roa (raw, json)
Hash identifier: kuJuhrutOlpFdaZAa4oU+8j+kEmAAPAVeECbEPUKBi4=
Subject key identifier: 10:73:77:2C:E2:63:E2:7E:8B:3F:3F:DB:DD:15:B4:47:25:09:C3:88
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019558AD7E5F8FDD229ABAA1028335B8F2F9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EHN3LOJj4n6LPz_b3RW0RyUJw4g.roa
Signing time: Sun 02 Mar 2025 21:05:19 +0000
ROA not before: Sun 02 Mar 2025 21:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:58ac:9ce1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:58:ad:7e:5f:8f:dd:22:9a:ba:a1:02:83:35:b8:f2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 2 21:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1073772ce263e27e8b3f3fdbdd15b4472509c388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:46:a8:0e:29:86:75:e6:17:c3:da:e0:9f:a9:
98:d3:f9:13:25:43:2d:6b:9f:03:9e:29:18:ba:fe:
fa:5a:45:81:c4:cb:90:2c:8d:3a:fc:16:b2:ba:c4:
0e:47:14:14:a5:ef:0e:80:75:dd:b2:9e:b4:c9:c3:
05:c7:5a:5c:c8:55:38:e8:ac:b5:e1:c6:28:3c:fe:
30:bf:98:c4:2c:2c:30:94:86:c5:db:d9:ff:fc:69:
7f:5a:1d:39:36:9a:ff:90:80:19:52:32:96:de:43:
ca:90:24:d5:4a:04:c2:87:7c:5a:eb:61:ab:54:70:
1d:85:f9:7b:11:47:62:a8:59:01:07:e3:a3:59:c0:
94:77:9f:14:1c:ee:ec:b6:7c:a0:60:9b:56:24:bd:
96:aa:a9:e4:2e:14:68:22:9d:04:c0:4c:69:dd:5d:
eb:3f:88:14:11:e9:e0:aa:b6:9c:73:12:a8:e4:4c:
68:cd:ae:fb:0e:5d:ca:57:8e:4e:66:aa:c2:5d:33:
6a:8d:10:0b:2b:b2:2a:49:4b:db:96:b1:38:4c:4c:
82:19:c4:c9:31:0b:ed:59:85:0d:c4:39:74:52:b6:
7b:6b:ee:ac:6f:bd:e9:99:af:29:76:40:2e:f8:7c:
d3:05:22:0c:82:67:33:dd:92:02:ee:09:86:01:1d:
ba:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:73:77:2C:E2:63:E2:7E:8B:3F:3F:DB:DD:15:B4:47:25:09:C3:88
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EHN3LOJj4n6LPz_b3RW0RyUJw4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:58ac:9ce1/128
Signature Algorithm: sha256WithRSAEncryption
64:bc:55:aa:5e:00:db:2a:b5:2b:7e:78:2f:95:6f:e8:a5:ef:
59:48:1a:12:c9:07:ae:47:8a:0b:c0:6a:22:06:9c:93:c3:0a:
4d:32:8d:6b:a6:0c:65:8c:6c:b5:c9:0f:24:db:56:13:d2:68:
40:02:32:72:f6:7d:9c:e8:72:79:74:02:54:f2:ce:f7:0a:6f:
09:34:40:f9:a2:52:6d:bd:55:7d:7d:4e:5d:0f:43:f8:9a:0f:
49:55:f0:d5:c3:40:ba:ee:9e:c4:5a:15:a0:60:ac:fb:b9:b1:
b3:1f:2c:7e:02:6f:fc:f5:cc:2e:c8:0b:bc:60:5f:63:41:43:
1e:0c:bb:bd:85:83:68:31:fe:c6:a3:47:3a:bc:af:b2:c5:10:
a4:59:d9:64:70:85:ae:ad:62:b3:ce:de:21:91:cd:29:28:c5:
bc:34:02:41:04:2b:1e:cb:3a:2b:1b:00:6c:aa:7a:15:1a:eb:
e4:75:36:54:3c:76:fb:ff:f2:de:a9:62:1f:6a:08:a9:5f:f3:
78:c8:40:17:f6:5e:af:7f:20:5b:5f:98:69:65:11:34:57:dd:
f8:68:08:a0:be:53:29:de:ea:d4:16:22:4c:51:19:ab:81:8b:
6e:c2:60:82:82:88:82:47:9d:73:0f:eb:c9:4b:e5:59:b1:a7:
a1:f5:86:1b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVYrX5fj90imrqhAoM1uPL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzAyMjEwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDczNzcyY2UyNjNlMjdlOGIzZjNmZGJkZDE1YjQ0NzI1MDljMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUaoDimGdeYXw9rgn6mY0/kTJUMt
a58DnikYuv76WkWBxMuQLI06/BayusQORxQUpe8OgHXdsp60ycMFx1pcyFU46Ky1
4cYoPP4wv5jELCwwlIbF29n//Gl/Wh05Npr/kIAZUjKW3kPKkCTVSgTCh3xa62Gr
VHAdhfl7EUdiqFkBB+OjWcCUd58UHO7stnygYJtWJL2WqqnkLhRoIp0EwExp3V3r
P4gUEengqraccxKo5Exoza77Dl3KV45OZqrCXTNqjRALK7IqSUvblrE4TEyCGcTJ
MQvtWYUNxDl0UrZ7a+6sb73pma8pdkAu+HzTBSIMgmcz3ZIC7gmGAR265wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBBzdyziY+J+iz8/290VtEclCcOIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRUhOM0xPSmo0bjZMUHpfYjNSVzBSeVVKdzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVWKyc4TANBgkqhkiG9w0BAQsFAAOCAQEAZLxVql4A2yq1K354L5Vv6KXv
WUgaEskHrkeKC8BqIgack8MKTTKNa6YMZYxstckPJNtWE9JoQAIycvZ9nOhyeXQC
VPLO9wpvCTRA+aJSbb1VfX1OXQ9D+JoPSVXw1cNAuu6exFoVoGCs+7mxsx8sfgJv
/PXMLsgLvGBfY0FDHgy7vYWDaDH+xqNHOryvssUQpFnZZHCFrq1is87eIZHNKSjF
vDQCQQQrHss6KxsAbKp6FRrr5HU2VDx2+//y3qliH2oIqV/zeMhAF/Zer38gW1+Y
aWURNFfd+GgIoL5TKd7q1BYiTFEZq4GLbsJggoKIgkedcw/ryUvlWbGnofWGGw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:30:45 2025 by rpki-client