Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gb8wHzqDDr0h8d4IVqQ0rJdzU0g.roa
File: Gb8wHzqDDr0h8d4IVqQ0rJdzU0g.roa (raw, json)
Hash identifier: lmfSKDigNPnXr4WKzRIexUAXnVhoXaUDQMwfeaO/Ib0=
Subject key identifier: 19:BF:30:1F:3A:83:0E:BD:21:F1:DE:08:56:A4:34:AC:97:73:53:48
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958D0EC32B7D9271FF0119F6CCB3A85EB8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gb8wHzqDDr0h8d4IVqQ0rJdzU0g.roa
Signing time: Thu 13 Mar 2025 01:11:49 +0000
ROA not before: Thu 13 Mar 2025 01:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8d:0e:c3:2b:7d:92:71:ff:01:19:f6:cc:b3:a8:5e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 13 01:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19bf301f3a830ebd21f1de0856a434ac97735348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:3c:ab:78:de:5a:17:90:ba:ed:07:d8:06:
19:49:e2:d0:93:f4:cf:ff:db:b7:d2:a9:dd:24:0e:
7b:05:36:42:79:65:65:ae:7e:77:b8:ee:c9:db:01:
31:21:16:df:bc:a9:a4:16:c5:d9:fb:83:94:bc:cb:
79:ed:f3:36:bb:b9:29:66:be:22:6e:60:e5:f8:26:
ec:ee:f3:9e:1e:4e:8e:ba:c9:fa:03:6a:e6:4a:5a:
02:72:db:c7:24:6d:dc:7d:19:28:4f:44:23:ca:4d:
0e:89:93:9d:31:00:78:14:09:1b:22:91:c9:47:9a:
9a:fa:5b:5d:0c:f1:3a:a2:6a:47:88:e0:e2:50:03:
2b:91:f6:6f:13:51:c3:49:b5:6c:eb:d9:22:89:31:
bd:78:1b:55:d6:56:d1:88:a8:0f:a5:48:4f:1c:de:
a8:0d:12:7a:dc:b4:95:c7:45:50:31:71:10:2e:70:
bf:97:c9:44:e0:8d:e7:98:82:50:70:8e:06:0e:ef:
09:e5:99:37:ea:9d:3f:89:33:a3:7b:a3:9f:4d:28:
64:a5:10:d7:75:27:dd:67:fe:e2:00:88:35:40:31:
38:5a:e1:55:95:33:e8:95:46:6d:b1:50:ce:54:c9:
b1:15:13:53:4c:ae:6c:7a:94:71:99:ba:56:2d:27:
ec:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BF:30:1F:3A:83:0E:BD:21:F1:DE:08:56:A4:34:AC:97:73:53:48
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Gb8wHzqDDr0h8d4IVqQ0rJdzU0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
7a:17:09:75:8b:8f:5c:64:d3:d1:e5:98:f6:83:b9:c4:4d:6e:
ba:5c:39:d8:c7:fa:9b:7b:2a:7a:fc:65:06:05:4e:4a:8b:b4:
e1:f6:01:4b:e0:b9:39:6e:44:78:00:97:16:30:ce:69:99:2e:
aa:ef:68:ea:ec:4b:7d:7e:be:0f:c5:a6:7b:0d:23:c4:87:b0:
bd:a3:a7:37:9b:fb:d0:d6:34:6a:33:70:5c:fa:df:d3:48:bc:
72:68:b7:1c:28:77:1b:b9:a8:62:11:78:4a:90:8d:ca:af:0b:
59:44:0f:5b:50:e7:72:fe:25:77:44:09:a5:28:84:19:8e:62:
ab:88:74:07:48:7b:98:e8:ae:92:47:b6:26:ff:87:55:0f:3c:
5e:38:db:06:fc:8a:0a:71:d3:63:61:2a:ef:43:89:08:e9:23:
35:b0:a1:92:57:55:f0:1c:6c:ef:4b:1c:d9:c0:d8:8e:7c:8a:
1b:03:9e:91:7a:c7:24:c5:84:50:b1:7d:e4:ad:53:8f:e2:24:
e4:4b:ff:44:4e:2c:b1:a1:a5:d4:e5:8c:bf:b2:19:0c:13:3e:
7c:48:d7:89:c7:94:10:7f:87:07:fb:36:d7:bb:13:2c:5e:c3:
9b:08:ca:51:9d:a7:f6:bd:b6:9c:45:d0:36:fd:5c:fc:88:71:
c2:41:7a:52
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWNDsMrfZJx/wEZ9syzqF64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEzMDExMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWJmMzAxZjNhODMwZWJkMjFmMWRlMDg1NmE0MzRhYzk3NzM1MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNM8q3jeWheQuu0H2AYZSeLQk/TP
/9u30qndJA57BTZCeWVlrn53uO7J2wExIRbfvKmkFsXZ+4OUvMt57fM2u7kpZr4i
bmDl+Cbs7vOeHk6Ousn6A2rmSloCctvHJG3cfRkoT0Qjyk0OiZOdMQB4FAkbIpHJ
R5qa+ltdDPE6ompHiODiUAMrkfZvE1HDSbVs69kiiTG9eBtV1lbRiKgPpUhPHN6o
DRJ63LSVx0VQMXEQLnC/l8lE4I3nmIJQcI4GDu8J5Zk36p0/iTOje6OfTShkpRDX
dSfdZ/7iAIg1QDE4WuFVlTPolUZtsVDOVMmxFRNTTK5sepRxmbpWLSfsBQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBm/MB86gw69IfHeCFakNKyXc1NIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvR2I4d0h6cUREcjBoOGQ0SVZxUTBySmR6VTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAehcJdYuPXGTT0eWY9oO5xE1u
ulw52Mf6m3sqevxlBgVOSou04fYBS+C5OW5EeACXFjDOaZkuqu9o6uxLfX6+D8Wm
ew0jxIewvaOnN5v70NY0ajNwXPrf00i8cmi3HCh3G7moYhF4SpCNyq8LWUQPW1Dn
cv4ld0QJpSiEGY5iq4h0B0h7mOiukke2Jv+HVQ88XjjbBvyKCnHTY2Eq70OJCOkj
NbChkldV8Bxs70sc2cDYjnyKGwOekXrHJMWEULF95K1Tj+Ik5Ev/RE4ssaGl1OWM
v7IZDBM+fEjXiceUEH+HB/s217sTLF7DmwjKUZ2n9r22nEXQNv1c/IhxwkF6Ug==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:53:06 2025 by rpki-client