Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IV276jD3tM-9XvQ1Nnwn-srQ4rs.roa
File: IV276jD3tM-9XvQ1Nnwn-srQ4rs.roa (raw, json)
Hash identifier: le6ONcsiJ4IQRhSfus3imR0Kt7Z/hqdUvrMdp5grGzs=
Subject key identifier: 21:5D:BB:EA:30:F7:B4:CF:BD:5E:F4:35:36:7C:27:FA:CA:D0:E2:BB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019594C937E5ED9DF03F7DED829FC7A4D74F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IV276jD3tM-9XvQ1Nnwn-srQ4rs.roa
Signing time: Fri 14 Mar 2025 13:12:49 +0000
ROA not before: Fri 14 Mar 2025 13:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:c9:37:e5:ed:9d:f0:3f:7d:ed:82:9f:c7:a4:d7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 13:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=215dbbea30f7b4cfbd5ef435367c27facad0e2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:8b:4c:fe:0f:3d:d5:1c:ad:20:9a:13:1a:
6a:26:7f:d2:f3:09:40:c4:73:aa:ed:c5:5d:1a:04:
be:c9:30:2c:78:c7:3a:b5:4b:fe:d8:f0:ab:89:0a:
17:ea:61:9b:9a:48:5c:14:81:61:0f:c1:a0:ed:73:
e6:4c:d9:3a:b7:79:71:cc:24:8a:7d:70:72:83:76:
4e:91:1e:30:eb:70:a6:8c:8d:08:9a:bf:17:62:ef:
a2:b1:32:d5:54:1d:31:e3:d8:67:fb:4b:c1:4f:c2:
77:cb:93:e5:3e:ca:4b:33:da:a0:19:45:58:e3:07:
97:79:95:c5:95:df:4f:3f:6f:ac:7f:07:e2:41:01:
be:e6:1b:69:b6:0c:ab:9e:32:03:e8:bf:d1:6e:38:
65:43:30:a3:5f:d2:21:02:ec:6c:81:eb:50:51:d2:
7b:ee:00:0a:af:b2:37:cb:32:2f:f5:53:55:96:dd:
56:11:0e:c8:5f:a6:90:5e:15:8e:0f:7b:e0:9a:ea:
68:2d:78:1f:db:b9:9f:6c:76:c9:9d:f9:e5:f0:6c:
64:23:0d:8f:b9:b2:58:6e:71:bb:c8:3c:4e:ea:26:
31:dc:83:4c:44:1c:10:a2:8d:bf:4b:36:2d:18:44:
4b:57:9a:be:bc:56:73:23:c6:ab:71:a2:32:f4:27:
db:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5D:BB:EA:30:F7:B4:CF:BD:5E:F4:35:36:7C:27:FA:CA:D0:E2:BB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IV276jD3tM-9XvQ1Nnwn-srQ4rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
71:7b:d2:f5:79:75:cb:ce:0c:1a:4b:b3:93:e4:cc:ff:09:95:
cd:29:d3:90:77:3f:ca:1a:96:6c:f1:cb:8d:ca:41:b8:e0:e1:
f2:f0:bc:b2:8a:38:a5:6c:60:31:12:f5:8a:24:85:b3:1d:c2:
8f:94:ab:88:7d:bd:ea:c8:88:0d:ff:54:ba:e0:6b:3d:0c:de:
37:83:7f:8c:f8:80:0f:80:eb:44:a8:b3:65:e7:dd:64:bf:b7:
50:f5:d4:f6:b3:7a:56:6b:aa:4a:7c:8f:af:8b:98:77:d1:32:
5f:40:ef:34:57:56:28:c1:a2:cb:10:43:30:fc:da:76:52:ad:
f7:77:c6:6d:83:6a:74:a6:e1:39:a5:f3:99:db:6b:27:fd:fb:
7e:32:90:e9:92:67:56:21:9f:ea:23:2a:02:8c:fb:93:ae:a7:
8a:f7:af:39:38:35:3d:19:85:b2:3e:54:f9:6c:62:14:17:e7:
8f:c7:b4:7d:7f:88:70:ff:db:84:ad:4d:9f:28:88:0b:3e:bf:
d1:05:22:f6:eb:f6:34:5d:01:60:12:22:97:52:42:19:67:13:
38:75:6b:69:8a:e2:ee:f4:8b:fc:83:71:6e:1d:83:39:35:a7:
24:f2:ee:e1:69:ce:f9:4b:18:57:43:2d:0d:4d:b4:52:7c:df:
cf:03:18:95
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWUyTfl7Z3wP33tgp/HpNdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MTMxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVkYmJlYTMwZjdiNGNmYmQ1ZWY0MzUzNjdjMjdmYWNhZDBlMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFaLTP4PPdUcrSCaExpqJn/S8wlA
xHOq7cVdGgS+yTAseMc6tUv+2PCriQoX6mGbmkhcFIFhD8Gg7XPmTNk6t3lxzCSK
fXByg3ZOkR4w63CmjI0Imr8XYu+isTLVVB0x49hn+0vBT8J3y5PlPspLM9qgGUVY
4weXeZXFld9PP2+sfwfiQQG+5htptgyrnjID6L/RbjhlQzCjX9IhAuxsgetQUdJ7
7gAKr7I3yzIv9VNVlt1WEQ7IX6aQXhWOD3vgmupoLXgf27mfbHbJnfnl8GxkIw2P
ubJYbnG7yDxO6iYx3INMRBwQoo2/SzYtGERLV5q+vFZzI8arcaIy9CfbBwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCFdu+ow97TPvV70NTZ8J/rK0OK7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSVYyNzZqRDN0TS05WHZRMU5ud24tc3JRNHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAcXvS9Xl1y84MGkuzk+TM/wmV
zSnTkHc/yhqWbPHLjcpBuODh8vC8soo4pWxgMRL1iiSFsx3Cj5SriH296siIDf9U
uuBrPQzeN4N/jPiAD4DrRKizZefdZL+3UPXU9rN6VmuqSnyPr4uYd9EyX0DvNFdW
KMGiyxBDMPzadlKt93fGbYNqdKbhOaXzmdtrJ/37fjKQ6ZJnViGf6iMqAoz7k66n
ivevOTg1PRmFsj5U+WxiFBfnj8e0fX+IcP/bhK1NnyiICz6/0QUi9uv2NF0BYBIi
l1JCGWcTOHVraYri7vSL/INxbh2DOTWnJPLu4WnO+UsYV0MtDU20UnzfzwMYlQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:28:04 2025 by rpki-client