Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O0d6uVu--EIP9b6TtwAF0u7jTWQ.roa
File: O0d6uVu--EIP9b6TtwAF0u7jTWQ.roa (raw, json)
Hash identifier: 7TnvX6DLmBWI7iwqqjtkMknbMhT8zXpTlLnsF6oBuHY=
Subject key identifier: 3B:47:7A:B9:5B:BE:F8:42:0F:F5:BE:93:B7:00:05:D2:EE:E3:4D:64
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01946FACDAEF5CD7DAAD8A4E2ACC4F0E2286
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O0d6uVu--EIP9b6TtwAF0u7jTWQ.roa
Signing time: Thu 16 Jan 2025 15:13:06 +0000
ROA not before: Thu 16 Jan 2025 15:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:ac:da:ef:5c:d7:da:ad:8a:4e:2a:cc:4f:0e:22:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 16 15:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b477ab95bbef8420ff5be93b70005d2eee34d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d2:b9:37:67:ba:49:a7:f4:2c:c9:70:0a:03:
ad:ff:c5:25:c9:3f:fd:e1:74:71:6f:9c:f0:76:8e:
3f:30:fc:55:63:cc:4e:23:d6:2c:c2:de:f0:6b:64:
f7:35:de:36:26:0d:fa:8b:df:f5:c3:9b:83:1d:32:
61:78:3e:28:2b:cf:b2:e0:ab:f2:b7:1d:99:14:01:
0e:08:e3:a1:cb:de:bc:6b:62:7b:d8:9d:73:7b:c6:
0a:30:d6:f4:12:ac:11:96:33:15:e7:04:ea:b0:56:
bb:aa:f9:61:45:a2:3d:80:93:8c:d6:cd:cb:9f:cb:
cf:2a:a6:68:9a:ac:ce:72:6a:2c:02:22:a0:7b:bb:
13:fd:89:e4:bd:09:78:c6:24:37:5e:20:28:cb:66:
cd:13:bd:0f:28:29:ab:8f:ef:5b:77:c0:62:04:37:
1a:40:52:f0:3f:cf:67:33:96:89:2e:e1:b9:0a:e1:
22:d9:0e:c9:6c:b9:d2:e4:54:b6:9a:c7:41:85:e7:
9e:58:6e:03:50:01:63:8d:50:30:39:11:14:27:7e:
3b:a2:ae:8b:51:59:54:b9:f7:0a:72:e7:50:08:40:
76:97:e2:e0:8c:19:3b:0f:3f:da:27:ec:1f:e4:25:
fd:3e:8d:4e:8e:b2:18:fe:82:cf:61:ce:e4:4f:22:
78:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:47:7A:B9:5B:BE:F8:42:0F:F5:BE:93:B7:00:05:D2:EE:E3:4D:64
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/O0d6uVu--EIP9b6TtwAF0u7jTWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
8d:cc:79:98:5a:94:47:ba:d1:28:42:3b:75:a7:28:e4:d4:ad:
59:38:1e:4a:f9:77:df:30:62:f7:cb:f9:ab:b0:11:2d:cb:64:
29:fb:37:49:05:59:54:ea:70:a8:db:49:22:3c:97:0f:34:97:
e2:37:bc:ee:ef:1b:56:41:f7:5b:9e:96:dc:4a:a5:02:81:dd:
64:79:9a:bd:11:0a:ec:8d:73:fd:96:a4:12:3b:67:91:fc:46:
ec:b8:fe:0d:e9:0b:f3:68:d7:7c:55:ee:33:57:0d:f5:8d:20:
73:54:8a:d1:50:7f:85:b3:ef:ce:1e:24:91:8f:24:b2:6e:57:
df:a6:fc:4d:1c:de:bb:b2:c1:4d:13:6c:f9:49:fe:7f:4f:60:
c7:d3:f5:5f:a3:97:c4:15:f8:9c:03:dc:dd:49:d7:48:62:b0:
ff:25:ba:16:b2:5e:2d:90:ad:32:67:90:2a:c4:88:18:21:29:
82:3b:f0:05:e1:9b:a9:ec:87:74:d9:df:59:be:7b:9b:ea:2a:
fc:7b:d8:af:24:02:8a:4a:68:ce:6b:2e:dd:4e:d3:c7:de:b0:
35:9f:e4:7b:5d:4d:79:c7:08:18:83:66:e3:f1:84:38:93:8f:
39:64:3b:2e:84:a7:db:89:0c:37:70:cb:51:a4:95:27:7e:ad:
e2:eb:ae:60
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRvrNrvXNfarYpOKsxPDiKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE2MTUxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ3N2FiOTViYmVmODQyMGZmNWJlOTNiNzAwMDVkMmVlZTM0ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNK5N2e6Saf0LMlwCgOt/8UlyT/9
4XRxb5zwdo4/MPxVY8xOI9Yswt7wa2T3Nd42Jg36i9/1w5uDHTJheD4oK8+y4Kvy
tx2ZFAEOCOOhy968a2J72J1ze8YKMNb0EqwRljMV5wTqsFa7qvlhRaI9gJOM1s3L
n8vPKqZomqzOcmosAiKge7sT/YnkvQl4xiQ3XiAoy2bNE70PKCmrj+9bd8BiBDca
QFLwP89nM5aJLuG5CuEi2Q7JbLnS5FS2msdBheeeWG4DUAFjjVAwOREUJ347oq6L
UVlUufcKcudQCEB2l+LgjBk7Dz/aJ+wf5CX9Po1OjrIY/oLPYc7kTyJ42wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDtHerlbvvhCD/W+k7cABdLu401kMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTzBkNnVWdS0tRUlQOWI2VHR3QUYwdTdqVFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAjcx5mFqUR7rRKEI7daco5NSt
WTgeSvl33zBi98v5q7ARLctkKfs3SQVZVOpwqNtJIjyXDzSX4je87u8bVkH3W56W
3EqlAoHdZHmavREK7I1z/ZakEjtnkfxG7Lj+DekL82jXfFXuM1cN9Y0gc1SK0VB/
hbPvzh4kkY8ksm5X36b8TRzeu7LBTRNs+Un+f09gx9P1X6OXxBX4nAPc3UnXSGKw
/yW6FrJeLZCtMmeQKsSIGCEpgjvwBeGbqeyHdNnfWb57m+oq/HvYryQCikpozmsu
3U7Tx96wNZ/ke11NeccIGINm4/GEOJOPOWQ7LoSn24kMN3DLUaSVJ36t4uuuYA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:55:18 2025 by rpki-client