Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JzAch71dC-c09uk4bg-_S_mhK_I.roa
File: JzAch71dC-c09uk4bg-_S_mhK_I.roa (raw, json)
Hash identifier: bX/ee/IrEDkOT704cc6A3YroD5L2iywCf6Ce2mphPiQ=
Subject key identifier: 27:30:1C:87:BD:5D:0B:E7:34:F6:E9:38:6E:0F:BF:4B:F9:A1:2B:F2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959E7039EA99B96898A375A6F9420F9169
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JzAch71dC-c09uk4bg-_S_mhK_I.roa
Signing time: Sun 16 Mar 2025 10:11:49 +0000
ROA not before: Sun 16 Mar 2025 10:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9e:70:39:ea:99:b9:68:98:a3:75:a6:f9:42:0f:91:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 10:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27301c87bd5d0be734f6e9386e0fbf4bf9a12bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:48:d5:d2:3b:46:61:bd:03:af:33:14:9e:55:
08:33:ff:3c:cb:f7:cd:6a:09:c0:5f:1e:a8:14:1e:
d2:01:2c:c5:2f:1c:44:d6:5c:f2:28:2f:01:f2:84:
fc:22:b9:07:07:34:c8:31:8b:9a:89:1b:93:a8:4a:
b4:7d:80:19:42:ed:55:7d:3b:66:69:69:51:2e:fc:
71:d1:20:6d:3d:56:cf:8d:f1:cf:f6:1d:8a:2c:a2:
ce:c4:33:f6:cd:20:56:cc:8a:44:f5:4c:96:fa:44:
13:0c:84:41:44:71:0a:a4:aa:a3:b5:6f:fd:48:fe:
6c:c4:62:05:0c:40:6d:95:02:2c:f0:6e:2a:13:72:
a6:4f:d0:a4:f1:7e:09:c5:d6:66:7e:36:38:58:c5:
69:bf:de:44:fd:cc:f3:6c:cc:80:88:49:1e:69:b4:
53:42:0a:c3:f8:11:4d:51:64:83:40:cc:7a:bc:01:
d8:4c:bb:47:c5:a1:09:46:a4:7d:1d:99:13:66:ff:
e6:1d:7f:7a:bf:e2:49:46:8d:4e:a0:ea:b9:6f:3c:
15:9a:5e:46:45:e1:10:9a:be:32:b2:43:6d:60:b9:
eb:c9:ab:d8:ea:8c:04:ab:48:37:e1:f8:0f:ab:95:
e0:41:91:79:66:aa:57:86:4e:65:d1:3c:df:69:c7:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:30:1C:87:BD:5D:0B:E7:34:F6:E9:38:6E:0F:BF:4B:F9:A1:2B:F2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/JzAch71dC-c09uk4bg-_S_mhK_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
04:1a:c1:4f:85:c8:eb:38:83:f9:f0:6d:9e:59:70:dc:9e:c0:
14:37:71:8e:38:80:79:7c:d3:df:9d:80:a9:9d:6f:37:50:68:
2d:0c:2b:e9:a8:81:b3:40:8f:71:33:dc:91:1d:c2:e4:29:76:
f5:ac:6c:45:c0:63:1a:ab:72:5c:ae:0b:39:60:a6:ca:86:09:
e9:3a:44:3c:58:c9:9a:f7:c7:66:d4:d2:f5:0a:00:67:46:09:
2d:09:10:32:89:8d:2f:17:7f:02:75:09:89:57:e4:97:a6:c0:
f0:61:e1:92:ee:e4:6d:68:c4:e9:19:36:0c:ff:99:e0:8c:c9:
89:dd:2b:f4:61:3f:6c:be:27:c0:65:ab:65:c1:5c:06:86:ae:
be:71:dd:7b:88:2f:05:4e:1c:c7:f2:77:a5:66:16:d5:12:0a:
1e:52:f1:9b:ef:e3:41:fe:6d:f5:a0:c7:41:d1:c5:81:f4:1d:
15:8c:f1:42:3f:f2:d5:53:51:99:2a:62:a8:55:de:fd:fc:82:
f5:f7:56:94:ea:7c:d9:4b:a0:22:99:34:81:1a:b3:e2:32:e4:
df:c8:f0:30:d3:f4:23:46:3e:0e:7f:7f:51:84:d4:cc:26:15:
a8:3b:11:5a:1e:7e:7f:dc:af:1e:6c:bb:43:1e:cb:5a:79:64:
82:1a:90:7e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWecDnqmblomKN1pvlCD5FpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTAxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzMwMWM4N2JkNWQwYmU3MzRmNmU5Mzg2ZTBmYmY0YmY5YTEyYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkjV0jtGYb0DrzMUnlUIM/88y/fN
agnAXx6oFB7SASzFLxxE1lzyKC8B8oT8IrkHBzTIMYuaiRuTqEq0fYAZQu1VfTtm
aWlRLvxx0SBtPVbPjfHP9h2KLKLOxDP2zSBWzIpE9UyW+kQTDIRBRHEKpKqjtW/9
SP5sxGIFDEBtlQIs8G4qE3KmT9Ck8X4JxdZmfjY4WMVpv95E/czzbMyAiEkeabRT
QgrD+BFNUWSDQMx6vAHYTLtHxaEJRqR9HZkTZv/mHX96v+JJRo1OoOq5bzwVml5G
ReEQmr4yskNtYLnryavY6owEq0g34fgPq5XgQZF5ZqpXhk5l0TzfaceZPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCcwHIe9XQvnNPbpOG4Pv0v5oSvyMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSnpBY2g3MWRDLWMwOXVrNGJnLV9TX21oS19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEABBrBT4XI6ziD+fBtnllw3J7A
FDdxjjiAeXzT352AqZ1vN1BoLQwr6aiBs0CPcTPckR3C5Cl29axsRcBjGqtyXK4L
OWCmyoYJ6TpEPFjJmvfHZtTS9QoAZ0YJLQkQMomNLxd/AnUJiVfkl6bA8GHhku7k
bWjE6Rk2DP+Z4IzJid0r9GE/bL4nwGWrZcFcBoauvnHde4gvBU4cx/J3pWYW1RIK
HlLxm+/jQf5t9aDHQdHFgfQdFYzxQj/y1VNRmSpiqFXe/fyC9fdWlOp82UugIpk0
gRqz4jLk38jwMNP0I0Y+Dn9/UYTUzCYVqDsRWh5+f9yvHmy7Qx7LWnlkghqQfg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:03:43 2025 by rpki-client