Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OuQIhpePvWRGgYfntBSygNoQpPU.roa
File: OuQIhpePvWRGgYfntBSygNoQpPU.roa (raw, json)
Hash identifier: ki1dbZOzQHQaffiNsDL6EXU2GigJSftLBuWy8hLCOR4=
Subject key identifier: 3A:E4:08:86:97:8F:BD:64:46:81:87:E7:B4:14:B2:80:DA:10:A4:F5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959ACB4DA70D567628AA1050937F9F1915
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OuQIhpePvWRGgYfntBSygNoQpPU.roa
Signing time: Sat 15 Mar 2025 17:12:49 +0000
ROA not before: Sat 15 Mar 2025 17:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:cb:4d:a7:0d:56:76:28:aa:10:50:93:7f:9f:19:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 17:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ae40886978fbd64468187e7b414b280da10a4f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:8a:31:07:91:f5:f4:3e:08:9c:3b:63:40:
77:1d:09:d0:49:01:4c:af:8d:2f:ae:fe:16:c1:13:
b1:2e:1b:78:d0:a5:f4:c3:7e:f4:4f:d0:d4:8f:96:
1b:bf:03:39:d6:5b:ba:b9:c4:b1:9c:c4:33:68:87:
be:81:cd:9c:0a:c2:fc:ee:99:f2:8a:cc:4c:6e:9e:
72:17:ac:4d:74:e4:51:3b:ad:e4:80:b4:f4:1f:65:
b5:56:ca:d1:69:86:91:3a:80:3a:5c:b7:54:c1:59:
da:cf:84:ee:0f:c2:42:ed:5f:9c:2d:8e:55:07:69:
de:8f:7b:f8:bf:38:17:e9:81:e4:89:11:90:cc:85:
79:24:96:1c:7d:f4:13:ce:36:b4:88:71:49:10:b7:
c5:51:4c:94:77:9e:50:f7:ec:f3:0b:01:32:23:6f:
e5:2c:4d:d7:27:e4:10:50:a7:8a:32:a0:ef:37:38:
a8:09:d2:c8:91:3a:0f:43:73:37:1a:9c:b5:50:06:
2e:4d:75:2e:4e:6e:b4:b4:ef:f9:16:44:71:d0:2b:
2e:59:eb:b1:6a:56:94:ad:f0:f9:79:5a:d7:4e:90:
00:e1:25:a0:0c:51:93:92:37:de:5f:a1:89:70:3c:
bf:ed:7b:26:72:49:d2:3c:12:dd:a8:86:f7:58:44:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E4:08:86:97:8F:BD:64:46:81:87:E7:B4:14:B2:80:DA:10:A4:F5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/OuQIhpePvWRGgYfntBSygNoQpPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
6d:f6:30:82:b6:7b:21:ab:59:fd:3d:0b:4a:bd:0d:47:c3:44:
24:cc:7b:3d:ad:ad:97:0d:9e:dd:2a:ee:4b:4c:b0:e3:03:38:
77:90:20:08:20:f7:ea:e8:ed:b6:5f:ef:a2:5a:1a:30:1a:df:
d7:1a:fa:66:39:e3:7f:28:74:0c:73:5a:b1:98:3d:f5:96:c7:
e8:f5:12:55:0f:f1:c0:a0:91:c1:92:ab:77:83:cc:5f:e3:93:
2f:ed:e8:a9:a5:e2:27:b3:5a:4d:d4:83:5e:7a:d0:87:72:ea:
2a:46:46:04:38:de:13:68:3e:22:49:4f:f2:13:f3:d3:fb:2e:
7d:52:7e:a0:8b:75:ed:bb:93:02:2c:6f:cc:06:88:83:85:18:
51:9a:6e:f6:61:1b:48:16:e3:f7:40:93:94:cb:3e:a1:65:2c:
82:04:8e:91:93:14:ba:56:0f:56:a2:aa:be:1c:bb:dd:9d:3b:
60:94:a2:08:4c:4b:cc:c2:e2:21:a6:b3:ac:d5:e4:21:03:f7:
a6:1f:47:3a:12:1b:4b:82:a5:32:68:e0:b9:c8:db:50:25:e1:
55:ce:bb:7f:93:54:6b:1d:2a:dc:37:18:a5:78:d8:2f:ff:ac:
56:d6:ef:86:58:c7:2b:03:e4:8a:d9:dd:7f:fe:79:cd:9a:df:
b8:87:6c:b7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWay02nDVZ2KKoQUJN/nxkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MTcxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU0MDg4Njk3OGZiZDY0NDY4MTg3ZTdiNDE0YjI4MGRhMTBhNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhKKMQeR9fQ+CJw7Y0B3HQnQSQFM
r40vrv4WwROxLht40KX0w370T9DUj5YbvwM51lu6ucSxnMQzaIe+gc2cCsL87pny
isxMbp5yF6xNdORRO63kgLT0H2W1VsrRaYaROoA6XLdUwVnaz4TuD8JC7V+cLY5V
B2nej3v4vzgX6YHkiRGQzIV5JJYcffQTzja0iHFJELfFUUyUd55Q9+zzCwEyI2/l
LE3XJ+QQUKeKMqDvNzioCdLIkToPQ3M3Gpy1UAYuTXUuTm60tO/5FkRx0CsuWeux
alaUrfD5eVrXTpAA4SWgDFGTkjfeX6GJcDy/7XsmcknSPBLdqIb3WETG5QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDrkCIaXj71kRoGH57QUsoDaEKT1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT3VRSWhwZVB2V1JHZ1lmbnRCU3lnTm9RcFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAbfYwgrZ7IatZ/T0LSr0NR8NE
JMx7Pa2tlw2e3SruS0yw4wM4d5AgCCD36ujttl/voloaMBrf1xr6Zjnjfyh0DHNa
sZg99ZbH6PUSVQ/xwKCRwZKrd4PMX+OTL+3oqaXiJ7NaTdSDXnrQh3LqKkZGBDje
E2g+IklP8hPz0/sufVJ+oIt17buTAixvzAaIg4UYUZpu9mEbSBbj90CTlMs+oWUs
ggSOkZMUulYPVqKqvhy73Z07YJSiCExLzMLiIaazrNXkIQP3ph9HOhIbS4KlMmjg
ucjbUCXhVc67f5NUax0q3DcYpXjYL/+sVtbvhljHKwPkitndf/55zZrfuIdstw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:57:29 2025 by rpki-client