Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0yJ7suXfUn5eIttuj4iICKkobc.roa
File: P0yJ7suXfUn5eIttuj4iICKkobc.roa (raw, json)
Hash identifier: b86cYPoFqQ2HfGjdOkLLGTEp5lRStZdMZl78/4AHtQQ=
Subject key identifier: 3F:4C:89:EE:CB:97:7D:49:F9:78:8B:6D:BA:3E:22:20:22:A4:A1:B7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019597248DCF7D227E4814CB900FEA7A0574
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0yJ7suXfUn5eIttuj4iICKkobc.roa
Signing time: Sat 15 Mar 2025 00:11:50 +0000
ROA not before: Sat 15 Mar 2025 00:11:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:97:24:8d:cf:7d:22:7e:48:14:cb:90:0f:ea:7a:05:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 15 00:11:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4c89eecb977d49f9788b6dba3e222022a4a1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:34:b3:48:5a:19:59:dc:ba:c7:10:6e:1b:
5d:eb:52:2e:95:60:12:d8:ba:42:1a:b2:dd:94:3f:
5d:1b:d9:2c:ca:71:b8:f9:a5:f2:95:a8:1a:46:be:
9a:7c:f6:ef:24:fb:e9:65:f7:11:3f:a2:a2:a2:f3:
e2:ce:a8:22:49:07:48:be:e9:34:ed:b1:d9:b1:f4:
9d:57:75:d0:75:03:79:d3:d5:1e:3c:11:a2:7b:5f:
b8:c2:ac:f3:7a:d3:90:a0:20:2b:8b:3d:d6:da:95:
a2:b5:21:73:f7:d4:a4:cf:aa:75:64:f2:23:6b:75:
35:9c:af:c8:1b:55:8a:56:06:db:92:ef:cf:af:3e:
9e:8b:4b:12:93:d3:a8:0d:15:66:ff:37:08:aa:cf:
27:63:38:fe:f9:62:5f:da:87:cf:7d:cd:49:df:15:
f5:5e:ff:30:d2:be:df:43:3b:48:f2:1f:33:95:b2:
ab:97:f0:05:74:7a:72:8e:2c:d7:cf:4e:6c:53:d0:
58:3d:89:63:b5:91:e2:94:4e:89:94:d4:99:3b:c5:
b2:a7:92:a9:61:f7:e7:5a:b5:f3:46:ed:3b:4e:f6:
b3:a3:b2:a5:df:d4:d5:25:1d:ec:df:89:6a:0b:0b:
84:c8:ac:0c:3d:9d:fc:1a:f6:31:f1:fd:f0:ea:3a:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4C:89:EE:CB:97:7D:49:F9:78:8B:6D:BA:3E:22:20:22:A4:A1:B7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0yJ7suXfUn5eIttuj4iICKkobc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
6e:8d:25:a5:7b:19:85:40:ce:60:c6:5d:1f:37:97:ae:29:75:
16:41:e6:13:93:40:55:fa:c4:c1:2c:19:98:e9:de:ef:3d:46:
4e:96:c6:b2:d5:bb:d3:00:a4:40:1b:4a:ca:30:78:94:be:d0:
df:e8:d8:0f:84:ff:68:ad:cd:f0:c5:a0:12:16:91:e6:a6:6d:
81:a9:60:f2:d7:ef:e0:8c:79:e0:30:98:58:a9:2f:51:8f:93:
f2:16:b6:c2:1f:be:01:63:91:af:8b:d0:6f:77:00:1c:cb:8e:
d8:d7:ce:34:df:d6:f7:c4:37:e3:4b:8c:9d:7a:89:40:ee:ef:
5f:21:20:f3:2a:b7:da:76:2c:f2:17:f8:ae:bf:d7:36:26:39:
42:41:4d:8d:e6:53:59:e2:a8:36:90:15:88:a2:ea:16:5a:d7:
18:e8:c6:5b:fd:fb:a5:53:7d:28:81:ca:9c:ff:df:04:e5:80:
fb:38:66:6a:4e:dd:b2:26:45:22:3f:a0:da:e9:15:98:ea:73:
81:25:ef:6e:44:be:cd:36:0f:45:f4:fc:f9:59:60:64:aa:58:
b6:f4:9c:da:34:21:85:62:53:3d:ca:e8:5d:26:66:9a:1a:4d:
f0:e4:93:c0:9a:68:d6:58:1e:22:48:1f:93:5e:99:12:e2:e7:
27:ee:95:cc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWXJI3PfSJ+SBTLkA/qegV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE1MDAxMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRjODllZWNiOTc3ZDQ5Zjk3ODhiNmRiYTNlMjIyMDIyYTRhMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWA0s0haGVncuscQbhtd61IulWAS
2LpCGrLdlD9dG9ksynG4+aXylagaRr6afPbvJPvpZfcRP6KiovPizqgiSQdIvuk0
7bHZsfSdV3XQdQN509UePBGie1+4wqzzetOQoCAriz3W2pWitSFz99Skz6p1ZPIj
a3U1nK/IG1WKVgbbku/Prz6ei0sSk9OoDRVm/zcIqs8nYzj++WJf2ofPfc1J3xX1
Xv8w0r7fQztI8h8zlbKrl/AFdHpyjizXz05sU9BYPYljtZHilE6JlNSZO8Wyp5Kp
YffnWrXzRu07Tvazo7Kl39TVJR3s34lqCwuEyKwMPZ38GvYx8f3w6joOuwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD9Mie7Ll31J+XiLbbo+IiAipKG3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUDB5SjdzdVhmVW41ZUl0dHVqNGlJQ0trb2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAbo0lpXsZhUDOYMZdHzeXril1
FkHmE5NAVfrEwSwZmOne7z1GTpbGstW70wCkQBtKyjB4lL7Q3+jYD4T/aK3N8MWg
EhaR5qZtgalg8tfv4Ix54DCYWKkvUY+T8ha2wh++AWORr4vQb3cAHMuO2NfONN/W
98Q340uMnXqJQO7vXyEg8yq32nYs8hf4rr/XNiY5QkFNjeZTWeKoNpAViKLqFlrX
GOjGW/37pVN9KIHKnP/fBOWA+zhmak7dsiZFIj+g2ukVmOpzgSXvbkS+zTYPRfT8
+VlgZKpYtvSc2jQhhWJTPcroXSZmmhpN8OSTwJpo1lgeIkgfk16ZEuLnJ+6VzA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:12:00 2025 by rpki-client