Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JXg2Cg1arpqGfnwaKw5Gt7KVULM.roa
File: JXg2Cg1arpqGfnwaKw5Gt7KVULM.roa (raw, json)
Hash identifier: fKHqgeUeaKmJyQW1/flCeNmcVZ1jYnQ8fT/F8j881A0=
Subject key identifier: 25:78:36:0A:0D:5A:AE:9A:86:7E:7C:1A:2B:0E:46:B7:B2:95:50:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A027AE691218CB39E31B11BCB5153D25
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JXg2Cg1arpqGfnwaKw5Gt7KVULM.roa
Signing time: Sun 16 Mar 2025 18:11:49 +0000
ROA not before: Sun 16 Mar 2025 18:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:27:ae:69:12:18:cb:39:e3:1b:11:bc:b5:15:3d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 18:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2578360a0d5aae9a867e7c1a2b0e46b7b29550b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:48:94:c0:cc:87:56:1c:e7:7f:3c:33:02:
0a:a4:8b:0a:09:1d:47:dd:ac:c3:5d:a7:46:eb:d6:
66:ab:f9:86:a7:3b:1b:f3:b2:df:6a:1f:c6:af:b8:
75:19:0c:22:a8:db:29:7e:21:1a:71:70:ae:23:42:
f1:d9:4f:ca:38:fb:81:f9:d4:e0:5f:dc:7d:05:4a:
1d:69:56:0c:37:54:70:dd:25:d6:18:b1:c9:ca:64:
ee:73:ff:d5:bb:8f:08:89:8c:db:43:10:c8:14:e9:
4e:31:0e:26:6f:fe:4f:a1:92:1a:c1:85:b0:86:40:
bd:27:24:76:82:2a:04:23:14:27:cf:69:b8:96:a1:
02:eb:08:5b:54:47:6a:aa:bd:58:c0:e1:90:45:0b:
45:14:4b:44:2c:d0:dd:48:dc:17:8e:e1:4d:fe:fc:
25:37:31:70:4b:6f:37:9c:85:8b:3c:37:12:e5:b4:
b4:b1:03:2a:f4:08:56:ed:20:be:db:27:28:eb:d7:
17:84:93:47:ef:a0:04:3d:02:e8:47:4d:3e:c5:3f:
7b:65:d3:73:c4:8a:b0:0c:81:17:12:e5:51:55:2b:
12:25:60:31:a1:70:cd:4d:80:86:e2:a1:9d:bb:a8:
3b:62:c2:81:7c:6f:24:69:be:b9:fa:b8:f0:66:d1:
5e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:78:36:0A:0D:5A:AE:9A:86:7E:7C:1A:2B:0E:46:B7:B2:95:50:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JXg2Cg1arpqGfnwaKw5Gt7KVULM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
11:37:75:41:3f:15:35:9a:d7:4c:c0:57:ab:34:e3:3b:86:5d:
92:7b:c4:79:62:8e:39:94:6c:58:10:61:5a:bb:48:17:33:83:
3f:30:29:29:65:5e:96:14:02:b2:ff:8f:3d:8a:38:d6:f1:07:
f0:58:69:e2:df:5c:2f:6c:2a:d5:18:31:ed:d9:c8:5d:b9:d0:
3f:0a:79:13:c8:80:a1:bc:00:0b:b5:a7:35:a2:1c:29:07:5e:
48:3e:63:9c:80:a4:b9:85:d2:21:1a:df:8d:ba:ff:d1:56:ef:
bb:d7:09:4d:9f:fe:04:db:08:d8:97:a1:cf:e1:bd:98:39:fa:
57:f2:4d:2d:56:ae:f8:33:d3:a2:54:a5:4c:ad:c6:39:b5:03:
8d:95:40:11:b3:27:36:be:e5:b4:31:ef:39:ae:8e:08:d6:35:
e2:45:a0:dc:e7:c4:65:d3:92:32:91:78:f5:2c:34:48:f1:38:
8c:37:68:ee:e0:2f:8f:96:c8:c9:55:88:e0:ec:07:88:45:fd:
3c:29:21:65:9b:ec:2d:2d:c2:1b:d3:cb:08:21:91:61:e2:28:
fb:db:77:9b:45:d4:d8:f4:b4:b3:09:e8:76:9f:af:18:89:71:
49:6b:b9:34:74:05:c7:18:eb:03:03:8e:05:b0:6c:fc:09:27:
86:a9:73:78
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWgJ65pEhjLOeMbEby1FT0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTgxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc4MzYwYTBkNWFhZTlhODY3ZTdjMWEyYjBlNDZiN2IyOTU1MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5IlMDMh1Yc5388MwIKpIsKCR1H
3azDXadG69Zmq/mGpzsb87Lfah/Gr7h1GQwiqNspfiEacXCuI0Lx2U/KOPuB+dTg
X9x9BUodaVYMN1Rw3SXWGLHJymTuc//Vu48IiYzbQxDIFOlOMQ4mb/5PoZIawYWw
hkC9JyR2gioEIxQnz2m4lqEC6whbVEdqqr1YwOGQRQtFFEtELNDdSNwXjuFN/vwl
NzFwS283nIWLPDcS5bS0sQMq9AhW7SC+2yco69cXhJNH76AEPQLoR00+xT97ZdNz
xIqwDIEXEuVRVSsSJWAxoXDNTYCG4qGdu6g7YsKBfG8kab65+rjwZtFe6QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCV4NgoNWq6ahn58GisORreylVCzMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSlhnMkNnMWFycHFHZm53YUt3NUd0N0tWVUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAETd1QT8VNZrXTMBXqzTjO4Zd
knvEeWKOOZRsWBBhWrtIFzODPzApKWVelhQCsv+PPYo41vEH8Fhp4t9cL2wq1Rgx
7dnIXbnQPwp5E8iAobwAC7WnNaIcKQdeSD5jnICkuYXSIRrfjbr/0Vbvu9cJTZ/+
BNsI2Jehz+G9mDn6V/JNLVau+DPTolSlTK3GObUDjZVAEbMnNr7ltDHvOa6OCNY1
4kWg3OfEZdOSMpF49Sw0SPE4jDdo7uAvj5bIyVWI4OwHiEX9PCkhZZvsLS3CG9PL
CCGRYeIo+9t3m0XU2PS0swnodp+vGIlxSWu5NHQFxxjrAwOOBbBs/AknhqlzeA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:58:47 2025 by rpki-client