Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Uj_5dJT__mJe4eBy1omBj6getzs.roa
File: Uj_5dJT__mJe4eBy1omBj6getzs.roa (raw, json)
Hash identifier: xothjsY6OUIjlnQaC2bOMRiPSllERLYVs+yOqp8iJ7o=
Subject key identifier: 52:3F:F9:74:94:FF:FE:62:5E:E1:E0:72:D6:89:81:8F:A8:1E:B7:3B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959F4CDE68E52043F494527F3A55AD4EBC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Uj_5dJT__mJe4eBy1omBj6getzs.roa
Signing time: Sun 16 Mar 2025 14:12:49 +0000
ROA not before: Sun 16 Mar 2025 14:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:4c:de:68:e5:20:43:f4:94:52:7f:3a:55:ad:4e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 14:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=523ff97494fffe625ee1e072d689818fa81eb73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c3:e0:42:c4:b7:de:dd:19:60:87:64:cd:5d:
ac:1e:8f:48:20:a8:fe:a5:26:10:7d:4c:c4:a3:c6:
a3:36:6f:20:ca:bb:3e:45:22:dc:74:8d:23:c5:4b:
bb:49:f6:08:12:da:3d:f8:31:75:ce:a8:5a:e8:b1:
b1:bd:88:06:2d:3f:91:d3:96:03:41:69:dd:65:55:
dc:14:15:f5:f0:4b:8d:09:77:52:c3:9e:d3:8b:e4:
d0:94:72:59:df:4d:3a:1d:02:25:f4:26:f0:c0:33:
da:f3:22:e4:65:0d:e7:f6:56:d4:86:6e:93:5d:18:
03:2d:46:f2:47:26:b6:ea:e5:71:b0:88:37:d2:1e:
74:c1:3a:a2:76:99:41:e0:29:8f:04:43:9d:11:5f:
42:b1:f6:e3:41:f9:24:c2:30:4e:c7:fc:1d:3f:bb:
57:66:86:dd:da:68:e8:60:37:32:37:57:50:e1:d2:
f5:2f:ed:f0:a8:ee:16:8d:16:08:d0:0f:67:00:57:
5f:3a:2c:a1:42:c6:bb:74:36:0e:2b:fd:a2:60:85:
c1:b5:34:65:df:26:c0:38:b2:6f:33:2b:c0:35:d1:
8d:01:4e:29:20:e0:71:e9:ea:d0:44:a0:b0:7c:57:
ff:68:50:52:fa:6b:e1:99:ca:c5:8d:de:3b:e2:d3:
c2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3F:F9:74:94:FF:FE:62:5E:E1:E0:72:D6:89:81:8F:A8:1E:B7:3B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Uj_5dJT__mJe4eBy1omBj6getzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
66:cd:73:3e:93:60:6c:4d:62:e9:f0:ae:d1:6f:d0:1f:0f:b8:
16:0f:7a:d7:4e:8f:c1:61:02:09:d2:c9:fe:f7:e2:96:19:7d:
71:73:12:f1:45:af:fd:b6:bb:ef:fa:14:9e:18:83:6c:67:04:
80:71:d8:3a:ff:37:83:ce:e7:ec:2e:be:d6:15:50:66:3f:1a:
a3:d5:ee:ec:ae:b7:89:5c:a7:81:13:79:5d:5b:49:97:62:1b:
51:1f:21:8d:20:b2:10:67:db:ac:4f:93:cf:01:01:56:09:0e:
47:23:e6:ec:14:68:e0:6c:b9:0b:d3:2f:90:18:c8:56:fb:08:
38:c4:6c:16:1f:a4:62:a8:70:93:a8:44:3c:c9:cb:09:0f:85:
e9:b0:fc:36:b5:46:23:54:c7:e2:54:52:fd:2c:ac:4e:d8:9f:
64:f4:83:c0:98:9c:0d:01:f7:fc:a4:dc:7c:35:6c:64:51:c4:
9f:31:e5:78:7d:9a:d4:8a:80:31:87:50:21:f0:82:41:29:cf:
e6:6e:e3:8c:77:7c:d0:a2:32:7c:c9:dc:e6:35:ab:23:00:25:
37:2c:4d:8c:1d:25:ac:9d:bb:3c:17:69:e0:7c:6b:32:94:0c:
01:50:d2:84:67:75:e1:1a:68:b5:f2:f3:cf:d6:d0:36:65:a4:
4a:a6:13:ec
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWfTN5o5SBD9JRSfzpVrU68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTQxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNmZjk3NDk0ZmZmZTYyNWVlMWUwNzJkNjg5ODE4ZmE4MWViNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMPgQsS33t0ZYIdkzV2sHo9IIKj+
pSYQfUzEo8ajNm8gyrs+RSLcdI0jxUu7SfYIEto9+DF1zqha6LGxvYgGLT+R05YD
QWndZVXcFBX18EuNCXdSw57Ti+TQlHJZ3006HQIl9CbwwDPa8yLkZQ3n9lbUhm6T
XRgDLUbyRya26uVxsIg30h50wTqidplB4CmPBEOdEV9CsfbjQfkkwjBOx/wdP7tX
Zobd2mjoYDcyN1dQ4dL1L+3wqO4WjRYI0A9nAFdfOiyhQsa7dDYOK/2iYIXBtTRl
3ybAOLJvMyvANdGNAU4pIOBx6erQRKCwfFf/aFBS+mvhmcrFjd474tPC/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFI/+XSU//5iXuHgctaJgY+oHrc7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVWpfNWRKVF9fbUplNGVCeTFvbUJqNmdldHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAZs1zPpNgbE1i6fCu0W/QHw+4
Fg96106PwWECCdLJ/vfilhl9cXMS8UWv/ba77/oUnhiDbGcEgHHYOv83g87n7C6+
1hVQZj8ao9Xu7K63iVyngRN5XVtJl2IbUR8hjSCyEGfbrE+TzwEBVgkORyPm7BRo
4Gy5C9MvkBjIVvsIOMRsFh+kYqhwk6hEPMnLCQ+F6bD8NrVGI1TH4lRS/SysTtif
ZPSDwJicDQH3/KTcfDVsZFHEnzHleH2a1IqAMYdQIfCCQSnP5m7jjHd80KIyfMnc
5jWrIwAlNyxNjB0lrJ27PBdp4HxrMpQMAVDShGd14RpotfLzz9bQNmWkSqYT7A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:23:59 2025 by rpki-client