Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OPJ60VKW9FTqcWIph9j56Fwj7qs.roa
File: OPJ60VKW9FTqcWIph9j56Fwj7qs.roa (raw, json)
Hash identifier: Ax30sgEnioliIZ7SaAq+vsGFr3hcPO8nzqRiqajtYSU=
Subject key identifier: 38:F2:7A:D1:52:96:F4:54:EA:71:62:29:87:D8:F9:E8:5C:23:EE:AB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019559F715848C5555F948A70DBB76C039AA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OPJ60VKW9FTqcWIph9j56Fwj7qs.roa
Signing time: Mon 03 Mar 2025 03:05:19 +0000
ROA not before: Mon 03 Mar 2025 03:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:59f6:93c7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:59:f7:15:84:8c:55:55:f9:48:a7:0d:bb:76:c0:39:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 3 03:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38f27ad15296f454ea71622987d8f9e85c23eeab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:ab:ed:65:34:b4:56:eb:39:bb:62:1f:9b:
06:85:30:a9:c9:b2:70:29:7b:65:77:63:58:d0:de:
7f:2b:1c:5d:ee:a2:a2:c2:b0:99:a7:78:06:43:cd:
7d:06:33:65:55:db:18:49:c8:16:d4:0d:1f:4f:ba:
65:3d:e3:07:17:2a:fd:0f:24:c3:0b:f2:f3:cb:6c:
bf:93:e8:55:9a:26:c8:38:02:50:bc:05:68:fe:8b:
19:d4:c2:92:b8:f1:29:35:11:c4:d3:22:6a:85:f0:
53:dc:25:5d:bc:26:3d:af:b2:b1:50:97:75:ec:65:
cf:30:77:a2:e7:72:74:d4:8f:53:2a:1c:f2:6f:93:
2d:74:50:a2:be:4c:46:1a:c2:55:c7:0c:85:f2:ce:
d3:a7:5b:fd:f5:22:27:5b:90:9b:18:8e:ba:16:c4:
4b:e3:93:3a:8d:d6:b8:64:ee:7c:de:83:a5:89:94:
97:6a:ff:7b:68:9f:31:26:f7:70:07:fc:82:bf:e0:
b2:31:86:47:e8:fd:e5:3f:fa:67:02:43:d0:cc:4f:
d4:f1:c8:8a:13:ac:26:32:2d:36:97:7c:e7:d7:b1:
9c:c7:1a:f6:4a:da:75:78:29:99:20:79:e3:c3:9e:
17:9d:9b:c0:63:7a:aa:e9:ac:ef:b6:54:19:33:06:
02:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F2:7A:D1:52:96:F4:54:EA:71:62:29:87:D8:F9:E8:5C:23:EE:AB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OPJ60VKW9FTqcWIph9j56Fwj7qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:59f6:93c7/128
Signature Algorithm: sha256WithRSAEncryption
7a:e2:ee:eb:0e:a4:f6:cd:5c:ec:bc:64:e2:6a:3f:4b:16:a2:
a7:19:08:af:14:51:8e:42:48:c6:3e:56:43:39:26:77:1e:38:
8e:00:fb:3b:20:0b:40:a6:fd:62:ef:1d:28:93:12:b9:84:58:
bc:45:22:26:39:51:83:71:c8:b6:f5:83:da:83:07:61:9d:84:
62:04:27:c5:e1:11:99:05:61:cf:42:18:06:49:86:fa:bb:b9:
05:bd:25:0a:dd:a8:6a:09:db:3d:fe:2c:10:7b:c9:86:87:d9:
6f:15:27:50:e3:7a:32:41:f9:1c:d5:89:b8:d5:6f:c5:16:1f:
d2:94:97:e6:60:48:eb:51:24:11:11:46:09:7d:45:7c:e8:d4:
2c:d0:50:c2:c8:5e:d9:d1:e1:79:d0:71:ce:8f:23:a8:45:7e:
cd:39:74:8c:20:cc:5d:7d:32:de:c4:e4:85:39:1f:f6:d7:26:
9c:5c:63:8f:e8:39:63:fc:f0:18:2a:68:81:a3:e4:6e:e4:58:
d2:98:48:e6:38:21:b9:4f:31:2e:9a:ff:6a:df:42:b0:e4:56:
eb:b3:27:19:b5:e0:a5:9d:78:6f:ac:f3:17:5a:3e:ac:a7:9a:
03:69:11:06:24:15:f3:14:22:c1:4b:e9:d5:79:62:70:9e:f9:
fb:cd:4f:6f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVZ9xWEjFVV+UinDbt2wDmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzAzMDMwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGYyN2FkMTUyOTZmNDU0ZWE3MTYyMjk4N2Q4ZjllODVjMjNlZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgGr7WU0tFbrObtiH5sGhTCpybJw
KXtld2NY0N5/Kxxd7qKiwrCZp3gGQ819BjNlVdsYScgW1A0fT7plPeMHFyr9DyTD
C/Lzy2y/k+hVmibIOAJQvAVo/osZ1MKSuPEpNRHE0yJqhfBT3CVdvCY9r7KxUJd1
7GXPMHei53J01I9TKhzyb5MtdFCivkxGGsJVxwyF8s7Tp1v99SInW5CbGI66FsRL
45M6jda4ZO583oOliZSXav97aJ8xJvdwB/yCv+CyMYZH6P3lP/pnAkPQzE/U8ciK
E6wmMi02l3zn17Gcxxr2Stp1eCmZIHnjw54XnZvAY3qq6azvtlQZMwYCIQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDjyetFSlvRU6nFiKYfY+ehcI+6rMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT1BKNjBWS1c5RlRxY1dJcGg5ajU2RndqN3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVWfaTxzANBgkqhkiG9w0BAQsFAAOCAQEAeuLu6w6k9s1c7Lxk4mo/Sxai
pxkIrxRRjkJIxj5WQzkmdx44jgD7OyALQKb9Yu8dKJMSuYRYvEUiJjlRg3HItvWD
2oMHYZ2EYgQnxeERmQVhz0IYBkmG+ru5Bb0lCt2oagnbPf4sEHvJhofZbxUnUON6
MkH5HNWJuNVvxRYf0pSX5mBI61EkERFGCX1FfOjULNBQwshe2dHhedBxzo8jqEV+
zTl0jCDMXX0y3sTkhTkf9tcmnFxjj+g5Y/zwGCpogaPkbuRY0phI5jghuU8xLpr/
at9CsORW67MnGbXgpZ14b6zzF1o+rKeaA2kRBiQV8xQiwUvp1XlicJ75+81Pbw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:06 2025 by rpki-client