Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ua4n3hHi98XKTMTK9uCnp-SFXT4.roa
File: Ua4n3hHi98XKTMTK9uCnp-SFXT4.roa (raw, json)
Hash identifier: +QCIRVhDqTv/fLKvMDBYZOkIEBtbImqzJEd7b+O3vqs=
Subject key identifier: 51:AE:27:DE:11:E2:F7:C5:CA:4C:C4:CA:F6:E0:A7:A7:E4:85:5D:3E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01950E6EE1ECFF727BC4B2A3A53DCE8E9930
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ua4n3hHi98XKTMTK9uCnp-SFXT4.roa
Signing time: Sun 16 Feb 2025 11:05:02 +0000
ROA not before: Sun 16 Feb 2025 11:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:e6e:5440/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0e:6e:e1:ec:ff:72:7b:c4:b2:a3:a5:3d:ce:8e:99:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 16 11:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51ae27de11e2f7c5ca4cc4caf6e0a7a7e4855d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:3e:05:b7:44:a7:19:23:d7:dc:55:80:df:
34:18:67:5e:21:d0:35:71:53:4f:55:8e:c1:dd:99:
d3:ec:42:d8:bc:38:cd:2b:9b:ec:4c:c0:36:e0:a0:
d6:85:81:04:ec:f3:ec:3c:84:ef:dc:bc:c1:66:6e:
c3:bc:ee:89:02:91:ea:ab:22:15:68:eb:af:8c:14:
46:88:e4:5d:36:fb:52:f5:7f:9a:25:04:ea:6f:01:
2c:f1:92:8b:bf:f8:2c:9f:4b:ce:ff:d8:40:e6:f0:
7f:07:a5:59:cf:ba:ac:f6:fb:38:14:f6:51:cd:19:
6c:38:a3:ca:84:12:61:1d:02:72:b2:f1:ce:eb:33:
fc:0d:5b:ae:14:ff:a1:48:e7:e6:49:00:03:0e:f7:
d2:88:dd:0a:4b:c8:d0:e6:fc:92:66:29:2f:bf:db:
34:e9:47:0f:2e:91:3b:a3:22:0b:22:2d:23:57:8d:
cd:1e:8a:77:e5:8a:ce:f1:08:90:28:68:1e:90:21:
b1:79:ce:21:22:85:4a:f7:36:84:77:8a:10:0e:f3:
91:28:e0:b9:ac:b5:a4:13:ea:5e:eb:2a:16:76:89:
d2:d3:38:16:7a:88:93:50:93:d9:b5:4e:0f:71:ea:
95:f2:8b:82:d3:3e:e3:f9:a0:46:bc:10:df:50:af:
0c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AE:27:DE:11:E2:F7:C5:CA:4C:C4:CA:F6:E0:A7:A7:E4:85:5D:3E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ua4n3hHi98XKTMTK9uCnp-SFXT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:e6e:5440/128
Signature Algorithm: sha256WithRSAEncryption
2a:86:e9:81:26:81:ba:b7:e9:9e:d5:c3:b6:62:bc:fd:8a:c3:
be:75:a7:f6:eb:87:4a:1f:86:64:72:13:60:35:b6:0c:59:71:
4c:1a:16:cd:b4:1e:50:79:c1:99:59:76:a7:4c:cb:f6:72:3c:
28:19:0e:2e:f1:1a:f9:c6:6b:d5:ff:04:83:6c:ff:09:ce:14:
4b:70:f5:55:28:ea:d8:6c:a1:3c:0a:9a:d5:65:42:aa:09:90:
be:cf:74:58:dd:50:e0:95:8e:4d:ba:ed:4b:d9:af:52:82:0a:
5a:8a:8a:a9:b5:5a:15:d4:dd:c3:ba:e8:a5:49:36:73:ed:f0:
3e:f6:fc:29:5e:13:0f:86:db:93:d3:39:9c:fb:41:11:b2:b2:
bf:9a:11:9c:73:9c:63:e5:fc:0f:ff:ab:36:51:38:59:f9:7c:
36:8d:fa:d3:bb:95:df:9e:82:c6:a0:a9:32:fc:a8:68:4e:54:
a5:51:09:aa:98:f7:a8:1a:95:b1:09:04:a8:86:21:df:d1:09:
ec:c0:c1:81:96:21:88:76:f3:87:90:28:5e:8e:e7:00:b5:92:
71:fb:48:51:3f:ac:45:e1:8a:c4:e8:5a:44:2a:a3:29:d3:bc:
a8:df:e0:8a:8c:15:70:2b:94:ea:11:74:06:be:b1:09:98:de:
76:75:e8:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUObuHs/3J7xLKjpT3OjpkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE2MTEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWFlMjdkZTExZTJmN2M1Y2E0Y2M0Y2FmNmUwYTdhN2U0ODU1ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMo+BbdEpxkj19xVgN80GGdeIdA1
cVNPVY7B3ZnT7ELYvDjNK5vsTMA24KDWhYEE7PPsPITv3LzBZm7DvO6JApHqqyIV
aOuvjBRGiORdNvtS9X+aJQTqbwEs8ZKLv/gsn0vO/9hA5vB/B6VZz7qs9vs4FPZR
zRlsOKPKhBJhHQJysvHO6zP8DVuuFP+hSOfmSQADDvfSiN0KS8jQ5vySZikvv9s0
6UcPLpE7oyILIi0jV43NHop35YrO8QiQKGgekCGxec4hIoVK9zaEd4oQDvORKOC5
rLWkE+pe6yoWdonS0zgWeoiTUJPZtU4PceqV8ouC0z7j+aBGvBDfUK8MbQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFGuJ94R4vfFykzEyvbgp6fkhV0+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVWE0bjNoSGk5OFhLVE1USzl1Q25wLVNGWFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVDm5UQDANBgkqhkiG9w0BAQsFAAOCAQEAKobpgSaBurfpntXDtmK8/YrD
vnWn9uuHSh+GZHITYDW2DFlxTBoWzbQeUHnBmVl2p0zL9nI8KBkOLvEa+cZr1f8E
g2z/Cc4US3D1VSjq2GyhPAqa1WVCqgmQvs90WN1Q4JWOTbrtS9mvUoIKWoqKqbVa
FdTdw7ropUk2c+3wPvb8KV4TD4bbk9M5nPtBEbKyv5oRnHOcY+X8D/+rNlE4Wfl8
No3607uV356CxqCpMvyoaE5UpVEJqpj3qBqVsQkEqIYh39EJ7MDBgZYhiHbzh5Ao
Xo7nALWScftIUT+sReGKxOhaRCqjKdO8qN/giowVcCuU6hF0Br6xCZjednXo5g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:42:56 2025 by rpki-client