Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NuvfjRGnwUuYE40QjCuMLbLbLiI.roa
File: NuvfjRGnwUuYE40QjCuMLbLbLiI.roa (raw, json)
Hash identifier: lrn5iZtFdYb1UhCLbzY6u3YhOr5bl/s8SllOnLbfJns=
Subject key identifier: 36:EB:DF:8D:11:A7:C1:4B:98:13:8D:10:8C:2B:8C:2D:B2:DB:2E:22
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01952A53FF66BCC760E1B395833361638185
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NuvfjRGnwUuYE40QjCuMLbLbLiI.roa
Signing time: Fri 21 Feb 2025 21:05:02 +0000
ROA not before: Fri 21 Feb 2025 21:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:2a53:8b9e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2a:53:ff:66:bc:c7:60:e1:b3:95:83:33:61:63:81:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 21 21:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36ebdf8d11a7c14b98138d108c2b8c2db2db2e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a7:e0:a3:91:fd:42:d4:e6:72:6d:4b:fd:1e:
52:d9:49:d4:e6:85:0b:15:74:e0:bc:eb:bd:8a:9d:
b4:32:a9:f5:bc:a3:99:3c:b0:4f:41:c6:62:33:f0:
ee:ed:80:2b:e8:27:e7:73:8e:c6:7a:fb:93:c0:b5:
7b:4d:e6:b0:78:6b:6d:16:b0:4b:2c:c8:a5:fe:2f:
75:fb:aa:cc:9c:28:a5:56:63:1f:cf:b6:9c:85:83:
48:39:e5:c3:c4:b2:ba:4b:6d:e7:a9:0c:5c:fc:bb:
72:b1:84:e0:c4:71:a2:99:c4:17:73:a8:81:ca:5b:
8f:50:a5:94:f9:7e:9c:d2:e1:18:08:48:2f:eb:50:
9f:80:d4:98:f8:ab:2b:f1:64:fc:2d:f9:16:fc:81:
49:1e:6f:bb:c6:34:c4:99:60:21:ec:ed:47:30:6a:
7d:11:c8:06:d8:16:80:f9:e5:a1:a4:8e:43:af:48:
cd:0b:fd:91:a5:39:0f:64:a9:62:bd:ed:fa:f5:f4:
18:17:6b:45:cb:6a:7f:48:e1:e3:db:55:5d:d0:f1:
e3:be:7c:35:28:4a:9a:83:18:0b:9c:7e:9d:4c:9a:
05:a4:5f:14:50:c8:0d:98:3f:80:3e:83:be:fb:90:
78:5a:30:1d:e2:e8:64:09:12:bc:fa:de:62:23:af:
41:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EB:DF:8D:11:A7:C1:4B:98:13:8D:10:8C:2B:8C:2D:B2:DB:2E:22
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NuvfjRGnwUuYE40QjCuMLbLbLiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:2a53:8b9e/128
Signature Algorithm: sha256WithRSAEncryption
1d:dd:5a:00:e1:56:1b:f7:d7:e9:e7:45:da:80:79:66:10:e2:
95:74:bb:fb:c0:96:84:2d:dd:0f:a4:f0:f8:1a:8a:eb:98:1f:
7e:49:b8:6c:63:ba:53:5e:98:77:fb:b0:d8:3e:dc:f8:5a:53:
39:3b:79:f9:ff:2e:02:d3:6d:1a:31:d6:02:73:ed:5f:dd:a4:
1a:03:98:59:b4:9f:4d:cd:31:a9:cc:ce:3c:cd:03:64:2d:f4:
f6:9f:0b:9d:04:c3:cf:88:15:82:7f:29:61:08:dd:b9:56:1a:
4c:b7:f9:5a:9e:63:1b:eb:23:3f:bd:ae:17:4a:18:74:0d:0a:
04:2f:75:ef:3e:d5:27:53:b7:ad:3f:5b:67:f1:f0:69:1e:be:
c5:fb:5d:8d:6e:2e:97:f6:19:e4:6b:69:22:94:16:f8:37:11:
83:2d:6a:7d:cc:61:5f:97:10:98:49:8e:7c:2e:05:95:5c:92:
2d:f4:b5:15:06:11:88:9e:e5:3e:d9:4e:56:32:28:76:b5:79:
b1:17:50:f9:1e:3f:2c:56:0c:7e:45:fc:e6:4f:75:8e:6c:0e:
51:66:9c:c4:12:9e:a3:0d:43:27:56:b7:2d:c0:fa:90:ce:d1:
ae:ec:b5:9e:78:f0:d0:25:0a:d5:48:04:f4:2d:fd:a0:bb:4d:
85:8e:ff:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUqU/9mvMdg4bOVgzNhY4GFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjIxMjEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmViZGY4ZDExYTdjMTRiOTgxMzhkMTA4YzJiOGMyZGIyZGIyZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKfgo5H9QtTmcm1L/R5S2UnU5oUL
FXTgvOu9ip20Mqn1vKOZPLBPQcZiM/Du7YAr6Cfnc47GevuTwLV7TeaweGttFrBL
LMil/i91+6rMnCilVmMfz7achYNIOeXDxLK6S23nqQxc/LtysYTgxHGimcQXc6iB
yluPUKWU+X6c0uEYCEgv61CfgNSY+Ksr8WT8LfkW/IFJHm+7xjTEmWAh7O1HMGp9
EcgG2BaA+eWhpI5Dr0jNC/2RpTkPZKlive369fQYF2tFy2p/SOHj21Vd0PHjvnw1
KEqagxgLnH6dTJoFpF8UUMgNmD+APoO++5B4WjAd4uhkCRK8+t5iI69B7wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDbr340Rp8FLmBONEIwrjC2y2y4iMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTnV2ZmpSR253VXVZRTQwUWpDdU1MYkxiTGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVKlOLnjANBgkqhkiG9w0BAQsFAAOCAQEAHd1aAOFWG/fX6edF2oB5ZhDi
lXS7+8CWhC3dD6Tw+BqK65gffkm4bGO6U16Yd/uw2D7c+FpTOTt5+f8uAtNtGjHW
AnPtX92kGgOYWbSfTc0xqczOPM0DZC309p8LnQTDz4gVgn8pYQjduVYaTLf5Wp5j
G+sjP72uF0oYdA0KBC917z7VJ1O3rT9bZ/HwaR6+xftdjW4ul/YZ5GtpIpQW+DcR
gy1qfcxhX5cQmEmOfC4FlVySLfS1FQYRiJ7lPtlOVjIodrV5sRdQ+R4/LFYMfkX8
5k91jmwOUWacxBKeow1DJ1a3LcD6kM7Rruy1nnjw0CUK1UgE9C39oLtNhY7/+g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:06:07 2025 by rpki-client