Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Po7Rb0GwQ6grletqximGBEvxt2o.roa
File: Po7Rb0GwQ6grletqximGBEvxt2o.roa (raw, json)
Hash identifier: DK7knVMd7YqEew3u3PBi1DMvEtihO2zust9cFbCFHKk=
Subject key identifier: 3E:8E:D1:6F:41:B0:43:A8:2B:95:EB:6A:C6:29:86:04:4B:F1:B7:6A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195945A70596767A5DF28D43857F9ABF32E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Po7Rb0GwQ6grletqximGBEvxt2o.roa
Signing time: Fri 14 Mar 2025 11:11:49 +0000
ROA not before: Fri 14 Mar 2025 11:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:5a:70:59:67:67:a5:df:28:d4:38:57:f9:ab:f3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 11:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e8ed16f41b043a82b95eb6ac62986044bf1b76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:06:d9:2f:36:07:f6:42:fc:8c:41:e7:33:
0e:1b:60:b2:7f:7e:bf:d1:36:b6:aa:86:b1:e4:a4:
11:45:a6:4d:58:1e:07:c0:77:3b:19:30:cc:fa:00:
6c:9d:36:01:c9:35:86:cd:07:62:7f:3e:6f:60:63:
4c:44:f7:b6:6d:cf:8a:0a:0f:b9:bd:72:e3:05:8e:
9c:ce:6d:7b:b4:f5:e4:6a:33:f8:e0:f5:cc:3f:05:
9e:7f:70:52:bc:21:b8:31:0f:2e:e2:98:f7:e5:b9:
3b:b2:3d:30:95:7d:4f:40:ca:3e:02:86:33:5d:5e:
2a:be:3e:8b:1d:40:fe:20:82:c5:8f:1e:8a:68:07:
ed:ee:05:e8:a5:99:e6:35:11:ab:d6:56:9d:f4:cb:
0f:21:9a:c0:bf:d2:cc:51:fb:4a:8a:0b:52:af:08:
9e:28:c5:8f:35:cb:e5:9c:c1:7c:36:47:b5:6d:6e:
ce:74:ca:a3:3a:8d:24:1b:14:43:ba:59:08:3a:93:
77:6b:6d:d9:8a:b1:6d:6a:86:a9:ff:f6:4a:59:0e:
ec:46:dc:99:ce:7c:19:c1:9e:00:65:6c:f9:4c:5a:
4e:76:4c:b0:fd:2e:25:83:0c:d8:15:da:c5:fb:36:
ef:3e:ba:bd:fc:42:c2:4b:8a:2b:f7:89:78:3f:3a:
91:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8E:D1:6F:41:B0:43:A8:2B:95:EB:6A:C6:29:86:04:4B:F1:B7:6A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Po7Rb0GwQ6grletqximGBEvxt2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
96:50:68:9a:85:e4:d7:7f:93:5b:01:ef:02:18:9d:dd:f1:23:
4a:6b:b0:0e:ac:32:9b:c9:2a:3b:54:d0:07:3a:8a:c2:f4:2a:
a6:b0:ac:70:43:3f:23:e3:67:19:28:8b:d3:f0:13:93:0d:ab:
5e:25:ec:b9:e6:c5:90:98:1d:5a:30:36:6d:46:8a:41:ee:99:
1e:07:63:14:48:0d:0d:65:ac:d9:1d:de:da:5d:af:fb:96:fe:
51:57:d2:54:72:14:d5:65:c6:1d:bf:b2:72:59:3b:e6:b1:a7:
b5:5a:ed:82:09:8d:96:dd:c9:69:9e:24:32:3a:61:bf:bf:b2:
51:f0:6c:9b:d8:ba:06:f6:aa:eb:b5:2f:66:a3:16:f7:85:ea:
81:79:25:96:83:94:a4:ee:7a:a1:99:52:82:5f:e4:a3:16:33:
88:06:ea:91:00:76:32:7a:46:dd:cc:d6:8d:d4:20:c5:a1:14:
ac:87:46:71:92:bb:ed:6b:37:aa:87:51:bc:7b:fd:00:32:0d:
9c:e5:57:c0:b3:a9:e6:8a:4c:44:72:49:ce:58:9c:11:01:d1:
5d:b2:11:44:21:4c:a3:22:30:ec:ec:b9:50:fd:67:4b:d2:38:
0c:9c:fa:84:e3:29:9e:2b:e4:2f:88:74:f8:32:1b:c9:7c:d4:
3b:b7:e0:c9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWUWnBZZ2el3yjUOFf5q/MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MTExMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThlZDE2ZjQxYjA0M2E4MmI5NWViNmFjNjI5ODYwNDRiZjFiNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotIG2S82B/ZC/IxB5zMOG2Cyf36/
0Ta2qoax5KQRRaZNWB4HwHc7GTDM+gBsnTYByTWGzQdifz5vYGNMRPe2bc+KCg+5
vXLjBY6czm17tPXkajP44PXMPwWef3BSvCG4MQ8u4pj35bk7sj0wlX1PQMo+AoYz
XV4qvj6LHUD+IILFjx6KaAft7gXopZnmNRGr1lad9MsPIZrAv9LMUftKigtSrwie
KMWPNcvlnMF8Nke1bW7OdMqjOo0kGxRDulkIOpN3a23ZirFtaoap//ZKWQ7sRtyZ
znwZwZ4AZWz5TFpOdkyw/S4lgwzYFdrF+zbvPrq9/ELCS4or94l4PzqRPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD6O0W9BsEOoK5XrasYphgRL8bdqMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUG83UmIwR3dRNmdybGV0cXhpbUdCRXZ4dDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAllBomoXk13+TWwHvAhid3fEj
SmuwDqwym8kqO1TQBzqKwvQqprCscEM/I+NnGSiL0/ATkw2rXiXsuebFkJgdWjA2
bUaKQe6ZHgdjFEgNDWWs2R3e2l2v+5b+UVfSVHIU1WXGHb+yclk75rGntVrtggmN
lt3JaZ4kMjphv7+yUfBsm9i6Bvaq67UvZqMW94XqgXklloOUpO56oZlSgl/koxYz
iAbqkQB2MnpG3czWjdQgxaEUrIdGcZK77Ws3qodRvHv9ADINnOVXwLOp5opMRHJJ
zlicEQHRXbIRRCFMoyIw7Oy5UP1nS9I4DJz6hOMpnivkL4h0+DIbyXzUO7fgyQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:19 2025 by rpki-client