Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IThs1o3A95pi5ICAVAdH3VKFGZk.roa
File: IThs1o3A95pi5ICAVAdH3VKFGZk.roa (raw, json)
Hash identifier: gDhc6EXa0c5rwmr0GR93F175v9+W6T7ILwyDLOBynd8=
Subject key identifier: 21:38:6C:D6:8D:C0:F7:9A:62:E4:80:80:54:07:47:DD:52:85:19:99
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195737FF3A1AA4316CE0510588C8C95253D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IThs1o3A95pi5ICAVAdH3VKFGZk.roa
Signing time: Sat 08 Mar 2025 02:05:19 +0000
ROA not before: Sat 08 Mar 2025 02:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:737f:9d80/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:73:7f:f3:a1:aa:43:16:ce:05:10:58:8c:8c:95:25:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 8 02:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21386cd68dc0f79a62e48080540747dd52851999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:28:99:d0:68:7c:c7:48:72:06:de:e0:fc:d8:
f3:56:64:6f:be:99:2f:f9:3e:c3:66:76:ce:af:54:
fe:28:af:92:54:ca:f5:de:ae:d6:35:52:11:98:d4:
77:1e:da:a9:5a:ce:13:35:c8:84:8a:11:24:1b:3a:
bd:ec:c9:ff:0f:4d:7d:3c:24:ce:8c:6c:fc:bf:5f:
2e:0a:55:6a:08:94:ea:a9:4a:48:3a:c5:a8:9f:23:
11:54:40:76:3d:6f:cb:b0:20:cd:a0:01:6d:92:08:
d0:07:9c:8d:5f:5d:96:6b:73:2c:d2:a4:53:cc:2b:
47:3a:0a:ca:8e:1a:76:28:06:fd:48:64:e1:99:7f:
98:9f:ab:f8:46:a3:86:78:43:96:6c:ef:90:13:b1:
82:06:6e:a1:74:81:fb:8a:62:48:26:58:78:d8:f6:
79:3d:b5:cf:92:c8:0a:55:ae:9c:c7:c5:40:3a:5e:
c4:07:ca:86:aa:a6:22:43:69:e8:d9:42:ff:6e:40:
bc:27:7e:8a:a6:50:a6:02:6f:4b:7b:2f:bb:63:77:
f7:0b:75:b1:7e:ff:0d:a7:31:05:0d:ed:c7:34:c2:
b4:69:30:8b:0f:37:2d:40:4a:8e:a3:61:2e:c4:ac:
39:0e:5c:ba:63:99:00:07:fc:52:c2:22:fb:5d:6d:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:6C:D6:8D:C0:F7:9A:62:E4:80:80:54:07:47:DD:52:85:19:99
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IThs1o3A95pi5ICAVAdH3VKFGZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:737f:9d80/128
Signature Algorithm: sha256WithRSAEncryption
6f:cc:ae:e7:e2:bd:a3:91:84:2d:4d:af:d7:06:ea:a2:b1:39:
9c:9e:b6:b0:cb:6b:0b:49:3e:1f:2d:33:29:49:e7:78:da:c9:
b3:e9:08:12:2b:d1:f7:d9:00:37:a2:e8:7d:5c:2e:e7:62:70:
54:2c:bf:94:a3:81:1f:8e:a9:65:ec:71:5c:3b:b3:5e:2c:63:
82:65:00:2b:5a:fd:5a:15:dc:82:b2:61:c0:24:6c:86:18:a3:
7e:f4:2b:ae:74:af:ee:d9:a8:dc:7a:67:5a:83:af:c6:d7:7a:
1f:ba:f1:05:99:5c:b9:fa:ff:01:ca:37:11:7d:1d:6d:e4:20:
3e:fa:99:ac:e0:f4:0d:16:0d:7c:e0:f2:c3:15:87:ee:12:03:
49:19:64:e7:a5:7a:47:03:23:3e:32:f9:44:25:14:91:86:04:
24:81:ba:8f:dd:d0:93:32:3b:33:92:89:2b:57:c0:83:68:91:
94:5f:2f:a8:55:44:b7:f6:14:65:a6:1f:d9:4c:be:7a:de:3f:
f0:65:17:99:d1:73:a1:eb:3c:86:8c:52:e6:79:08:6d:6c:f4:
49:18:17:69:f3:20:f8:e1:9e:6e:06:5a:db:ff:4a:d7:9c:2c:
1f:4d:71:50:76:c2:09:ca:e8:1a:ef:42:65:49:b2:a7:4b:45:
8e:b5:48:61
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVzf/OhqkMWzgUQWIyMlSU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA4MDIwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM4NmNkNjhkYzBmNzlhNjJlNDgwODA1NDA3NDdkZDUyODUxOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiiZ0Gh8x0hyBt7g/NjzVmRvvpkv
+T7DZnbOr1T+KK+SVMr13q7WNVIRmNR3HtqpWs4TNciEihEkGzq97Mn/D019PCTO
jGz8v18uClVqCJTqqUpIOsWonyMRVEB2PW/LsCDNoAFtkgjQB5yNX12Wa3Ms0qRT
zCtHOgrKjhp2KAb9SGThmX+Yn6v4RqOGeEOWbO+QE7GCBm6hdIH7imJIJlh42PZ5
PbXPksgKVa6cx8VAOl7EB8qGqqYiQ2no2UL/bkC8J36KplCmAm9Ley+7Y3f3C3Wx
fv8NpzEFDe3HNMK0aTCLDzctQEqOo2EuxKw5Dly6Y5kAB/xSwiL7XW1oSwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCE4bNaNwPeaYuSAgFQHR91ShRmZMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSVRoczFvM0E5NXBpNUlDQVZBZEgzVktGR1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVc3+dgDANBgkqhkiG9w0BAQsFAAOCAQEAb8yu5+K9o5GELU2v1wbqorE5
nJ62sMtrC0k+Hy0zKUnneNrJs+kIEivR99kAN6LofVwu52JwVCy/lKOBH46pZexx
XDuzXixjgmUAK1r9WhXcgrJhwCRshhijfvQrrnSv7tmo3HpnWoOvxtd6H7rxBZlc
ufr/Aco3EX0dbeQgPvqZrOD0DRYNfODywxWH7hIDSRlk56V6RwMjPjL5RCUUkYYE
JIG6j93QkzI7M5KJK1fAg2iRlF8vqFVEt/YUZaYf2Uy+et4/8GUXmdFzoes8hoxS
5nkIbWz0SRgXafMg+OGebgZa2/9K15wsH01xUHbCCcroGu9CZUmyp0tFjrVIYQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:44 2025 by rpki-client