Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PwtrjVj8jb9kpF6Tov8555werYs.roa
File: PwtrjVj8jb9kpF6Tov8555werYs.roa (raw, json)
Hash identifier: QkKCsyh/sSrhwd5HvPz1jdk9Xq2rTU2zTUPk7Kkv6Do=
Subject key identifier: 3F:0B:6B:8D:58:FC:8D:BF:64:A4:5E:93:A2:FF:39:E7:9C:1E:AD:8B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019588FBFAE295358842AA20B8DCD4A8DCB8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PwtrjVj8jb9kpF6Tov8555werYs.roa
Signing time: Wed 12 Mar 2025 06:12:49 +0000
ROA not before: Wed 12 Mar 2025 06:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:88:fb:fa:e2:95:35:88:42:aa:20:b8:dc:d4:a8:dc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 06:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f0b6b8d58fc8dbf64a45e93a2ff39e79c1ead8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:83:e5:04:7b:ab:e7:ef:a7:66:1a:11:47:26:
f6:4e:0f:b7:07:b6:22:c5:23:ef:65:fb:5a:10:f4:
91:8e:72:bd:4f:04:65:0a:72:77:eb:30:36:c0:2a:
35:5d:76:4c:40:91:21:1b:8b:87:97:6d:9f:f2:5a:
1a:c2:ee:52:20:1f:34:0e:65:cd:e5:fc:66:99:2d:
46:ab:b8:c2:ac:6c:a7:c7:a8:59:11:ff:ad:f3:ea:
41:d3:35:5d:76:0c:86:6b:95:cc:ee:ef:91:96:8c:
54:b9:7b:31:75:47:e6:62:13:ec:b2:db:71:90:35:
bb:63:45:d2:b1:63:99:a2:90:53:66:e4:c3:fa:40:
ec:93:4c:fd:8f:cc:fb:3c:fb:8b:31:85:7c:e2:3e:
74:8a:3e:2f:c0:3a:92:21:86:e8:9f:f8:3b:aa:3f:
8d:de:49:d9:95:35:2a:69:fa:0f:1c:d0:a3:d1:b0:
46:d9:ed:73:dd:6c:52:d0:5e:67:c1:d4:f4:15:b3:
c0:03:95:c5:37:ed:34:cd:d4:17:4f:ef:e3:9e:ec:
27:f6:fe:24:b6:6a:1a:ee:b2:f4:d7:98:51:36:1d:
77:d1:4c:c8:a7:e0:94:23:c2:a1:1c:12:27:0a:39:
1e:9a:4d:84:63:44:31:cd:5f:0c:4c:57:fc:cd:13:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0B:6B:8D:58:FC:8D:BF:64:A4:5E:93:A2:FF:39:E7:9C:1E:AD:8B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PwtrjVj8jb9kpF6Tov8555werYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
13:40:be:be:0a:1c:40:3e:d5:27:b3:a7:ca:f0:d9:c0:8f:1a:
0f:54:58:48:20:ef:a4:4c:a9:10:70:7a:67:1f:7a:70:75:8d:
0a:4c:93:88:77:aa:39:77:7a:45:f9:19:c2:3a:f0:64:b6:64:
7d:20:d8:f8:79:58:31:5c:20:8a:4c:09:0c:bc:2e:13:fe:28:
25:65:5b:ef:38:7b:36:ee:0d:f3:c1:29:6d:ce:6f:aa:50:ea:
60:ac:7b:15:6d:0e:24:6c:39:a6:20:71:44:49:0c:34:32:f1:
ad:d4:e6:f1:e2:4a:0e:40:2e:54:c4:a3:67:19:55:95:f8:fd:
0b:1a:ef:9a:0f:ce:25:05:e4:28:ae:14:ee:26:84:a8:16:58:
18:2b:83:12:3b:78:71:43:ab:6a:ff:25:ff:75:f2:33:cd:49:
61:af:cb:b8:79:a3:64:db:be:49:58:75:c1:ea:59:ff:28:c7:
86:48:5f:1a:bc:03:1f:11:e1:bd:d0:f2:bd:0f:40:0e:48:9c:
27:38:98:9b:c4:d1:90:93:2e:77:19:16:17:e7:64:d8:de:8d:
ff:5f:ac:24:ad:6f:a6:3d:33:5c:c5:38:0a:ba:5b:0c:9e:83:
27:66:10:59:cb:e3:ea:09:c4:8f:2f:68:a6:a9:0c:ee:4a:d1:
01:0e:b8:07
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWI+/rilTWIQqoguNzUqNy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMDYxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBiNmI4ZDU4ZmM4ZGJmNjRhNDVlOTNhMmZmMzllNzljMWVhZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YPlBHur5++nZhoRRyb2Tg+3B7Yi
xSPvZftaEPSRjnK9TwRlCnJ36zA2wCo1XXZMQJEhG4uHl22f8loawu5SIB80DmXN
5fxmmS1Gq7jCrGynx6hZEf+t8+pB0zVddgyGa5XM7u+RloxUuXsxdUfmYhPssttx
kDW7Y0XSsWOZopBTZuTD+kDsk0z9j8z7PPuLMYV84j50ij4vwDqSIYbon/g7qj+N
3knZlTUqafoPHNCj0bBG2e1z3WxS0F5nwdT0FbPAA5XFN+00zdQXT+/jnuwn9v4k
tmoa7rL015hRNh130UzIp+CUI8KhHBInCjkemk2EY0QxzV8MTFf8zRN/swIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD8La41Y/I2/ZKRek6L/OeecHq2LMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUHd0cmpWajhqYjlrcEY2VG92ODU1NXdlcllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAE0C+vgocQD7VJ7OnyvDZwI8a
D1RYSCDvpEypEHB6Zx96cHWNCkyTiHeqOXd6RfkZwjrwZLZkfSDY+HlYMVwgikwJ
DLwuE/4oJWVb7zh7Nu4N88Epbc5vqlDqYKx7FW0OJGw5piBxREkMNDLxrdTm8eJK
DkAuVMSjZxlVlfj9Cxrvmg/OJQXkKK4U7iaEqBZYGCuDEjt4cUOrav8l/3XyM81J
Ya/LuHmjZNu+SVh1wepZ/yjHhkhfGrwDHxHhvdDyvQ9ADkicJziYm8TRkJMudxkW
F+dk2N6N/1+sJK1vpj0zXMU4CrpbDJ6DJ2YQWcvj6gnEjy9opqkM7krRAQ64Bw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:38 2025 by rpki-client