Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GfpsMdaQFVcrIomGIyuCGy-4eRE.roa
File: GfpsMdaQFVcrIomGIyuCGy-4eRE.roa (raw, json)
Hash identifier: Lg3jEsueP/ltmeYDgjNhHUQaswClS1u74193EUMZYlM=
Subject key identifier: 19:FA:6C:31:D6:90:15:57:2B:22:89:86:23:2B:82:1B:2F:B8:79:11
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195956D18A096D264C066C5D235C7F2E70D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GfpsMdaQFVcrIomGIyuCGy-4eRE.roa
Signing time: Fri 14 Mar 2025 16:11:49 +0000
ROA not before: Fri 14 Mar 2025 16:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:6d:18:a0:96:d2:64:c0:66:c5:d2:35:c7:f2:e7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 16:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19fa6c31d69015572b228986232b821b2fb87911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:63:9b:0b:c9:f7:15:c4:db:2f:c2:61:cb:
1f:3d:1b:50:f6:60:2a:ed:c4:e0:25:02:bd:7c:39:
d3:d3:44:fd:eb:76:11:f8:1b:b6:e0:20:24:95:1f:
05:e2:fb:2b:cf:88:10:b2:41:27:5c:bd:c2:c6:7f:
62:bc:09:29:d0:ff:a6:b7:b4:76:5c:fd:bf:0d:43:
a6:35:42:5d:f4:d6:f6:2e:88:c7:76:a1:75:09:86:
d0:e9:02:eb:34:96:46:c1:d2:9f:69:fe:4c:e0:d1:
05:6d:47:63:d2:b4:8a:bc:16:c8:aa:f1:6a:e5:9b:
a1:77:de:71:e1:e4:f0:e1:3e:0d:3c:30:bb:48:19:
58:dd:b8:d2:ea:b1:1c:11:a4:40:b9:be:c2:25:10:
8b:7c:31:e1:94:b0:57:c9:28:4a:41:a1:8a:c9:d8:
c1:10:5a:7a:bd:41:7e:d1:15:e6:99:8e:7b:9c:93:
bb:8c:0f:17:4b:fd:cc:35:1b:a1:8b:51:5b:0a:f9:
52:28:4b:6b:97:0b:2c:a6:96:70:d0:ce:1d:3e:6b:
ea:9c:0e:c6:0e:a8:e4:05:74:52:51:5c:ce:fe:91:
8c:bb:1e:cb:34:c6:44:f2:5a:0c:77:0b:e2:83:d9:
92:10:f7:a1:d5:3c:a1:70:8e:c5:d8:22:67:fc:03:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FA:6C:31:D6:90:15:57:2B:22:89:86:23:2B:82:1B:2F:B8:79:11
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/GfpsMdaQFVcrIomGIyuCGy-4eRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
88:4d:69:9c:83:d7:a0:c3:2b:a6:01:9b:b0:11:80:3c:cb:38:
73:2b:1e:38:e7:30:b0:59:00:af:93:60:d6:4c:ff:9b:7d:51:
dd:22:bd:8f:93:76:ea:0a:72:e1:b5:8a:75:12:d4:4e:f6:08:
b9:5d:14:5b:1e:48:fd:e9:07:ed:9f:2b:96:a1:d3:68:1d:cc:
e2:51:ad:c6:00:aa:fe:87:a4:c8:78:3f:a1:b6:cb:a2:9a:43:
ec:a7:89:0a:17:0c:e4:3b:5d:9e:f4:a1:02:ef:f8:f7:8b:87:
b9:b9:e0:22:d0:fe:3e:e0:bd:0c:6a:d6:91:23:bb:c8:43:ad:
3a:57:aa:e1:5f:d5:d0:d3:c0:e9:d8:f5:fc:70:dd:b1:2a:7a:
d7:17:c1:af:4f:82:4a:24:da:1e:a8:5a:55:6a:ba:c1:d8:ad:
0e:c8:57:b1:e5:1a:78:fe:cc:81:03:d7:ae:12:80:63:5b:b9:
a5:a7:09:47:c4:e1:00:8b:d6:6b:7b:36:02:42:64:e5:35:ea:
fa:41:08:48:86:4c:e0:15:39:1a:dd:73:6e:a4:6e:3d:6d:3f:
0e:ae:da:11:89:3f:e9:48:4f:f0:cc:80:3a:3b:86:37:86:78:
47:66:35:b8:e7:2f:e1:c4:c2:f7:78:3e:9d:c2:4c:df:68:18:
4c:5a:4e:3e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWVbRigltJkwGbF0jXH8ucNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MTYxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZhNmMzMWQ2OTAxNTU3MmIyMjg5ODYyMzJiODIxYjJmYjg3OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArINjmwvJ9xXE2y/CYcsfPRtQ9mAq
7cTgJQK9fDnT00T963YR+Bu24CAklR8F4vsrz4gQskEnXL3Cxn9ivAkp0P+mt7R2
XP2/DUOmNUJd9Nb2LojHdqF1CYbQ6QLrNJZGwdKfaf5M4NEFbUdj0rSKvBbIqvFq
5Zuhd95x4eTw4T4NPDC7SBlY3bjS6rEcEaRAub7CJRCLfDHhlLBXyShKQaGKydjB
EFp6vUF+0RXmmY57nJO7jA8XS/3MNRuhi1FbCvlSKEtrlwssppZw0M4dPmvqnA7G
DqjkBXRSUVzO/pGMux7LNMZE8loMdwvig9mSEPeh1TyhcI7F2CJn/APbZQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBn6bDHWkBVXKyKJhiMrghsvuHkRMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvR2Zwc01kYVFGVmNySW9tR0l5dUNHeS00ZVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAiE1pnIPXoMMrpgGbsBGAPMs4
cyseOOcwsFkAr5Ng1kz/m31R3SK9j5N26gpy4bWKdRLUTvYIuV0UWx5I/ekH7Z8r
lqHTaB3M4lGtxgCq/oekyHg/obbLoppD7KeJChcM5DtdnvShAu/494uHubngItD+
PuC9DGrWkSO7yEOtOleq4V/V0NPA6dj1/HDdsSp61xfBr0+CSiTaHqhaVWq6wdit
DshXseUaeP7MgQPXrhKAY1u5pacJR8ThAIvWa3s2AkJk5TXq+kEISIZM4BU5Gt1z
bqRuPW0/Dq7aEYk/6UhP8MyAOjuGN4Z4R2Y1uOcv4cTC93g+ncJM32gYTFpOPg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:28 2025 by rpki-client