Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PcDhcmaKw1Td9QqQzWbLGL2ga90.roa
File: PcDhcmaKw1Td9QqQzWbLGL2ga90.roa (raw, json)
Hash identifier: FGNWypFAuBJEJGJbmAoc3mZrerfNQfECpXxhNG1/9IU=
Subject key identifier: 3D:C0:E1:72:66:8A:C3:54:DD:F5:0A:90:CD:66:CB:18:BD:A0:6B:DD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A1E00CF55B66705AAA572DD7560F9C1F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PcDhcmaKw1Td9QqQzWbLGL2ga90.roa
Signing time: Mon 17 Mar 2025 02:12:49 +0000
ROA not before: Mon 17 Mar 2025 02:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a1:e0:0c:f5:5b:66:70:5a:aa:57:2d:d7:56:0f:9c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 17 02:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dc0e172668ac354ddf50a90cd66cb18bda06bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:44:72:7c:17:f5:81:31:e2:c4:02:ff:46:
af:08:fe:d2:2a:0f:17:e1:b1:6d:92:86:67:ab:2f:
47:f2:dc:0f:1f:dd:ca:d2:4f:1c:b0:45:34:81:83:
a1:ea:1c:f1:4d:a4:77:c1:e3:7f:53:ec:9c:b5:ce:
a8:42:dc:14:2a:69:89:79:f0:a6:d1:61:fb:b1:de:
87:4a:ad:73:b5:3a:9a:d2:3b:56:66:69:74:92:9d:
d1:39:8e:b7:18:51:2a:85:1c:8c:fc:3c:4a:a9:4b:
4e:66:09:38:60:3c:71:09:15:d9:e1:8f:e0:49:8e:
64:3d:15:c5:dd:89:fa:0b:04:19:72:6a:a1:25:48:
29:7b:20:2f:5c:9e:2d:bf:0c:53:6f:50:b2:87:47:
9d:59:6b:c8:bc:d4:da:a4:dd:31:d0:97:41:b2:72:
ca:a3:14:47:79:05:09:5a:86:90:e7:6a:f5:e5:1e:
af:3c:c6:01:f1:d8:10:ed:16:78:5f:cd:e1:44:8c:
c8:fd:39:9b:28:6b:63:33:8e:fb:f2:7c:f8:3b:37:
de:ba:81:a9:cf:95:b7:c0:c9:70:8d:0d:f5:1d:05:
7c:8e:f5:a9:2f:78:50:b9:e6:5a:10:3b:bc:4a:e4:
07:83:56:d8:02:32:df:b4:eb:9e:0a:4b:72:2b:17:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C0:E1:72:66:8A:C3:54:DD:F5:0A:90:CD:66:CB:18:BD:A0:6B:DD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PcDhcmaKw1Td9QqQzWbLGL2ga90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
7d:fa:b8:1a:74:95:b0:3a:2c:62:18:93:ff:58:5f:7a:54:ff:
62:5d:d1:bc:53:68:6d:7f:70:36:7d:57:1d:ee:99:ad:84:0e:
37:ec:ab:87:39:bd:bc:71:3d:25:d7:6e:70:60:67:9f:f8:c7:
f5:87:de:34:1e:3e:d1:88:e3:64:d7:78:94:77:a3:bf:88:c0:
5a:23:0a:cb:99:5c:8b:6b:fe:b0:e6:c2:1c:ee:cf:0c:a6:15:
c3:42:2f:28:8c:e6:16:6d:b6:8d:15:62:ab:cf:36:78:f9:47:
28:06:eb:3d:36:6e:7b:55:6e:d7:90:1a:a5:c0:b9:56:2b:27:
86:39:19:3c:78:07:86:55:48:fb:be:4e:fe:02:dd:80:4f:b6:
b6:47:52:96:14:e0:36:ab:53:7f:9a:34:00:53:c2:5d:13:0a:
1e:63:52:71:c5:47:84:c3:1f:31:07:fb:63:01:5e:c1:85:8f:
01:b0:f8:75:e3:4b:f4:f4:77:99:66:23:62:4e:f5:52:76:40:
92:3a:72:b7:ce:f9:ad:98:15:8a:0d:07:f6:c3:20:79:8f:0d:
67:ae:3e:65:47:58:e2:5c:87:b0:fc:c0:0b:a8:06:40:a2:29:
19:ba:86:68:a8:bf:21:b1:64:01:11:06:30:f5:52:c0:f6:da:
41:e6:17:94
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWh4Az1W2ZwWqpXLddWD5wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE3MDIxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMwZTE3MjY2OGFjMzU0ZGRmNTBhOTBjZDY2Y2IxOGJkYTA2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HJEcnwX9YEx4sQC/0avCP7SKg8X
4bFtkoZnqy9H8twPH93K0k8csEU0gYOh6hzxTaR3weN/U+yctc6oQtwUKmmJefCm
0WH7sd6HSq1ztTqa0jtWZml0kp3ROY63GFEqhRyM/DxKqUtOZgk4YDxxCRXZ4Y/g
SY5kPRXF3Yn6CwQZcmqhJUgpeyAvXJ4tvwxTb1Cyh0edWWvIvNTapN0x0JdBsnLK
oxRHeQUJWoaQ52r15R6vPMYB8dgQ7RZ4X83hRIzI/TmbKGtjM4778nz4OzfeuoGp
z5W3wMlwjQ31HQV8jvWpL3hQueZaEDu8SuQHg1bYAjLftOueCktyKxdbVwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD3A4XJmisNU3fUKkM1myxi9oGvdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUGNEaGNtYUt3MVRkOVFxUXpXYkxHTDJnYTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAffq4GnSVsDosYhiT/1hfelT/
Yl3RvFNobX9wNn1XHe6ZrYQON+yrhzm9vHE9JdducGBnn/jH9YfeNB4+0YjjZNd4
lHejv4jAWiMKy5lci2v+sObCHO7PDKYVw0IvKIzmFm22jRViq882ePlHKAbrPTZu
e1Vu15AapcC5VisnhjkZPHgHhlVI+75O/gLdgE+2tkdSlhTgNqtTf5o0AFPCXRMK
HmNSccVHhMMfMQf7YwFewYWPAbD4deNL9PR3mWYjYk71UnZAkjpyt875rZgVig0H
9sMgeY8NZ64+ZUdY4lyHsPzAC6gGQKIpGbqGaKi/IbFkAREGMPVSwPbaQeYXlA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:05:16 2025 by rpki-client