Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R3lb8ab38cpnGgkwCc77dDs_JLU.roa
File: R3lb8ab38cpnGgkwCc77dDs_JLU.roa (raw, json)
Hash identifier: ctcGWdyDfrB8mYIHqMmVkAYXdG68RR/5Q+SjsQ2fYDo=
Subject key identifier: 47:79:5B:F1:A6:F7:F1:CA:67:1A:09:30:09:CE:FB:74:3B:3F:24:B5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019560D3FB0F323818C7622714BF02EF7454
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R3lb8ab38cpnGgkwCc77dDs_JLU.roa
Signing time: Tue 04 Mar 2025 11:04:19 +0000
ROA not before: Tue 04 Mar 2025 11:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:60d3:f0b4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:d3:fb:0f:32:38:18:c7:62:27:14:bf:02:ef:74:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 4 11:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47795bf1a6f7f1ca671a093009cefb743b3f24b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:46:71:e3:3e:ed:27:3d:73:21:4b:ad:7a:3a:
8e:fc:97:d6:9c:48:b9:c1:75:5c:37:ee:de:17:59:
ac:f5:03:c2:3d:d8:ed:0d:43:6c:27:3b:d7:b0:9a:
9b:5c:af:0b:da:19:e5:43:1c:15:c2:a6:4e:00:35:
db:90:2b:31:3b:27:5a:be:60:d9:ee:45:99:62:d4:
88:ee:94:18:98:86:3e:77:a8:31:cd:82:90:0f:6d:
58:74:10:c5:76:99:68:4b:bf:c3:89:a9:41:49:01:
25:36:5c:39:a5:fd:67:aa:4a:10:7b:69:75:7f:16:
3c:c6:fa:8d:91:d7:2a:33:37:1d:28:1e:94:5a:4c:
be:d8:6d:18:b2:0b:37:99:1c:cd:bd:0c:d4:90:9f:
ae:a7:9b:4f:32:9f:6c:41:11:9b:47:24:d3:8a:07:
7b:d0:3d:62:bf:c9:c8:9c:72:c9:f8:97:bf:1c:25:
45:1d:97:3c:48:dc:7f:c8:e7:42:2a:73:d3:78:50:
98:4f:2f:dc:b6:f2:d9:36:53:14:5b:91:98:03:9d:
11:f2:53:33:e3:5a:ef:26:99:2d:1b:ed:b5:d4:5f:
5f:b0:f1:b7:1d:47:80:c5:52:65:e8:2c:f9:34:f1:
0c:1f:a8:2e:d2:03:75:2c:fc:6b:55:9c:6f:32:49:
95:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:79:5B:F1:A6:F7:F1:CA:67:1A:09:30:09:CE:FB:74:3B:3F:24:B5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/R3lb8ab38cpnGgkwCc77dDs_JLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:60d3:f0b4/128
Signature Algorithm: sha256WithRSAEncryption
7f:0d:43:9c:1a:f3:e4:73:28:61:cd:0f:43:4f:ff:dd:27:d9:
58:c7:a3:c8:12:e7:5b:68:67:b8:f3:13:51:c8:86:8e:d0:28:
96:9a:da:de:29:b6:3d:d7:7a:d9:f6:bc:2b:4f:37:ad:4e:6e:
f5:66:31:ee:52:75:8c:33:3a:13:00:18:8a:65:cb:d5:54:7a:
2e:93:e9:48:1d:2e:02:64:4c:51:81:54:61:1b:20:03:61:32:
32:46:63:e9:ba:b2:dd:57:c8:0d:22:dc:0b:78:c4:b4:8f:2b:
fa:e2:a6:50:4c:bb:d7:e3:cb:8c:0b:f1:95:26:c7:0e:6d:23:
02:0c:50:47:fb:93:9e:31:0c:87:ba:5a:11:6b:f9:c2:ef:de:
35:f7:1c:0f:0d:13:98:3d:ba:75:30:c9:2c:d6:d2:be:e2:99:
3f:0e:15:c5:8c:a7:4d:20:16:9c:a1:fb:b8:b2:43:7b:96:13:
3a:d1:80:37:c8:aa:a6:8d:c2:76:98:e4:79:04:04:28:ba:19:
4f:1f:4e:65:34:84:5e:cd:4e:ce:43:ef:99:33:ba:78:1d:29:
cb:f1:58:00:fd:d8:e4:29:11:69:0f:74:7d:73:71:e2:87:1a:
ba:87:89:93:20:4b:20:d6:79:4a:e5:db:c7:5e:b9:98:3b:22:
ff:ee:7d:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVg0/sPMjgYx2InFL8C73RUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA0MTEwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzc5NWJmMWE2ZjdmMWNhNjcxYTA5MzAwOWNlZmI3NDNiM2YyNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0Zx4z7tJz1zIUutejqO/JfWnEi5
wXVcN+7eF1ms9QPCPdjtDUNsJzvXsJqbXK8L2hnlQxwVwqZOADXbkCsxOydavmDZ
7kWZYtSI7pQYmIY+d6gxzYKQD21YdBDFdploS7/DialBSQElNlw5pf1nqkoQe2l1
fxY8xvqNkdcqMzcdKB6UWky+2G0Ysgs3mRzNvQzUkJ+up5tPMp9sQRGbRyTTigd7
0D1iv8nInHLJ+Je/HCVFHZc8SNx/yOdCKnPTeFCYTy/ctvLZNlMUW5GYA50R8lMz
41rvJpktG+211F9fsPG3HUeAxVJl6Cz5NPEMH6gu0gN1LPxrVZxvMkmVhQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEd5W/Gm9/HKZxoJMAnO+3Q7PyS1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUjNsYjhhYjM4Y3BuR2drd0NjNzdkRHNfSkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVYNPwtDANBgkqhkiG9w0BAQsFAAOCAQEAfw1DnBrz5HMoYc0PQ0//3SfZ
WMejyBLnW2hnuPMTUciGjtAolpra3im2Pdd62fa8K083rU5u9WYx7lJ1jDM6EwAY
imXL1VR6LpPpSB0uAmRMUYFUYRsgA2EyMkZj6bqy3VfIDSLcC3jEtI8r+uKmUEy7
1+PLjAvxlSbHDm0jAgxQR/uTnjEMh7paEWv5wu/eNfccDw0TmD26dTDJLNbSvuKZ
Pw4VxYynTSAWnKH7uLJDe5YTOtGAN8iqpo3CdpjkeQQEKLoZTx9OZTSEXs1OzkPv
mTO6eB0py/FYAP3Y5CkRaQ90fXNx4ocauoeJkyBLINZ5SuXbx165mDsi/+59Qg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:37 2025 by rpki-client