Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qf-hn9o0yjlsGf8k3t4QCHVQtgg.roa
File: Qf-hn9o0yjlsGf8k3t4QCHVQtgg.roa (raw, json)
Hash identifier: 5KVqCXBXAxZckduDOUE9lXhibMjPFK5V4V1um64k57o=
Subject key identifier: 41:FF:A1:9F:DA:34:CA:39:6C:19:FF:24:DE:DE:10:08:75:50:B6:08
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019586D033F64B3EB3613A9DB9B127D9899D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qf-hn9o0yjlsGf8k3t4QCHVQtgg.roa
Signing time: Tue 11 Mar 2025 20:05:46 +0000
ROA not before: Tue 11 Mar 2025 20:05:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:d0:33:f6:4b:3e:b3:61:3a:9d:b9:b1:27:d9:89:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 11 20:05:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41ffa19fda34ca396c19ff24dede10087550b608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:e8:44:a5:7e:c7:a8:33:ec:b0:6b:06:ff:
16:cf:cd:df:34:f2:67:e3:df:66:6e:14:03:0d:d3:
5c:99:5c:d7:dd:24:f2:00:76:1a:e8:a4:2f:8b:00:
91:ef:5a:4f:9d:7c:f1:4e:28:2a:5a:f3:a2:46:97:
2f:7a:c0:17:79:ea:ef:ac:a4:58:5c:ba:fd:2c:ee:
da:2b:8f:2f:14:5a:a7:da:cf:04:3b:00:40:05:fd:
e7:d7:c0:5a:9b:21:c1:87:2c:72:5a:13:6f:66:a0:
b5:83:6b:45:cb:71:f8:dc:35:41:29:ea:64:ab:c2:
f1:94:0f:9b:dc:e7:f1:14:68:d7:17:b2:1f:f0:ef:
9f:1d:79:e9:4c:3c:3d:e5:1f:da:da:98:a6:be:6d:
c8:90:82:79:09:98:6e:cf:03:90:6a:ed:a5:80:04:
68:5b:32:f8:26:d4:77:29:1d:9a:05:b8:3b:e9:59:
e0:09:9e:7e:2f:68:11:4d:69:e0:74:b9:0d:cf:75:
45:13:47:61:66:1e:ec:33:93:65:f6:ac:a1:3a:c8:
69:c5:48:e1:f2:64:41:fd:91:da:1d:e6:e1:21:57:
f7:ab:0e:6a:26:c4:08:68:2a:02:9f:46:a5:ce:25:
90:be:1b:d3:f0:25:26:1d:4a:d4:84:4d:c5:c8:fe:
71:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FF:A1:9F:DA:34:CA:39:6C:19:FF:24:DE:DE:10:08:75:50:B6:08
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qf-hn9o0yjlsGf8k3t4QCHVQtgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
2a:f9:99:5a:26:98:aa:ad:92:a1:05:89:4f:4b:24:e4:4f:e3:
4f:3b:1b:f8:1b:7e:cc:74:a9:3d:56:c5:11:fb:c1:2a:40:da:
f6:3f:c5:55:87:c1:02:79:e0:c9:66:a1:39:70:08:ec:54:60:
e5:3f:04:25:c7:2a:4c:a5:3c:6c:66:c9:73:a5:8d:9b:bb:22:
8c:53:60:08:f5:c0:35:00:ef:fa:9d:f9:fd:87:82:4c:a2:cc:
5f:c5:a1:a4:38:00:13:f9:c6:e2:1a:72:2b:32:ec:7e:79:42:
12:0b:39:31:81:34:67:80:54:1f:b8:45:0a:dd:0c:7f:49:64:
3a:6c:f0:cd:5f:8f:a2:3d:ea:7a:0a:e5:00:8d:71:60:19:ba:
18:52:80:50:fe:e6:0c:0e:71:b4:46:60:ae:82:a8:45:d4:b7:
aa:4e:3b:a7:73:13:17:4b:e5:63:88:fd:2d:76:af:69:2a:0c:
ab:c1:3a:e9:bb:7c:04:3a:99:85:21:c5:a9:11:ff:fa:4b:0c:
06:b8:1d:19:16:0d:85:f8:c5:74:e8:2c:65:40:58:4a:39:79:
58:03:44:cc:53:aa:c7:21:50:f8:8f:d5:e7:78:3f:47:6d:5c:
fb:13:b6:91:53:ec:21:03:68:53:44:cf:3a:b9:d7:86:bf:06:
2c:50:88:ea
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWG0DP2Sz6zYTqdubEn2YmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzExMjAwNTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZmYTE5ZmRhMzRjYTM5NmMxOWZmMjRkZWRlMTAwODc1NTBiNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHnoRKV+x6gz7LBrBv8Wz83fNPJn
499mbhQDDdNcmVzX3STyAHYa6KQviwCR71pPnXzxTigqWvOiRpcvesAXeervrKRY
XLr9LO7aK48vFFqn2s8EOwBABf3n18BamyHBhyxyWhNvZqC1g2tFy3H43DVBKepk
q8LxlA+b3OfxFGjXF7If8O+fHXnpTDw95R/a2pimvm3IkIJ5CZhuzwOQau2lgARo
WzL4JtR3KR2aBbg76VngCZ5+L2gRTWngdLkNz3VFE0dhZh7sM5Nl9qyhOshpxUjh
8mRB/ZHaHebhIVf3qw5qJsQIaCoCn0alziWQvhvT8CUmHUrUhE3FyP5xYQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEH/oZ/aNMo5bBn/JN7eEAh1ULYIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUWYtaG45bzB5amxzR2Y4azN0NFFDSFZRdGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAKvmZWiaYqq2SoQWJT0sk5E/j
Tzsb+Bt+zHSpPVbFEfvBKkDa9j/FVYfBAnngyWahOXAI7FRg5T8EJccqTKU8bGbJ
c6WNm7sijFNgCPXANQDv+p35/YeCTKLMX8WhpDgAE/nG4hpyKzLsfnlCEgs5MYE0
Z4BUH7hFCt0Mf0lkOmzwzV+Poj3qegrlAI1xYBm6GFKAUP7mDA5xtEZgroKoRdS3
qk47p3MTF0vlY4j9LXavaSoMq8E66bt8BDqZhSHFqRH/+ksMBrgdGRYNhfjFdOgs
ZUBYSjl5WANEzFOqxyFQ+I/V53g/R21c+xO2kVPsIQNoU0TPOrnXhr8GLFCI6g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:57:27 2025 by rpki-client