Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdlL1FEL4WGo2fUR8xxYDiOeyLo.roa
File: YdlL1FEL4WGo2fUR8xxYDiOeyLo.roa (raw, json)
Hash identifier: lkDmzKR953GZ5EwWo2O1LsaVcJjs3cU5PO/fRnvPH8Q=
Subject key identifier: 61:D9:4B:D4:51:0B:E1:61:A8:D9:F5:11:F3:1C:58:0E:23:9E:C8:BA
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A51805E25258E2B21207A1024187047C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdlL1FEL4WGo2fUR8xxYDiOeyLo.roa
Signing time: Mon 17 Mar 2025 17:12:49 +0000
ROA not before: Mon 17 Mar 2025 17:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:18:05:e2:52:58:e2:b2:12:07:a1:02:41:87:04:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 17 17:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61d94bd4510be161a8d9f511f31c580e239ec8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:91:4f:f9:59:71:15:53:f6:cd:55:a6:14:08:
4c:95:e7:ed:fc:71:f9:36:a9:1a:fe:b4:69:16:bb:
2d:91:f4:f1:14:d8:ea:62:be:43:52:46:78:d1:57:
89:6d:9d:a5:c1:f6:fd:c6:ad:96:c3:0e:6a:b2:03:
dc:23:54:1a:12:c9:6d:db:a9:73:b7:68:f4:5b:e9:
2d:68:07:e3:2f:9a:16:c0:ba:0f:b0:74:ff:5a:1b:
56:63:5f:6b:e3:e1:23:41:6f:f9:31:67:0f:17:16:
9a:22:12:04:6d:6d:be:65:1a:65:28:03:01:10:de:
50:f4:d4:6b:f7:a3:dc:be:e1:00:79:ee:94:6d:7c:
46:b9:b0:e5:bc:8c:4e:9f:c5:91:f4:62:fa:ef:05:
71:a4:14:84:49:9e:87:4f:d8:dc:73:78:76:c4:a3:
d0:e3:89:c4:85:b4:04:aa:25:e5:e9:31:c4:f2:ec:
cf:20:38:ee:2a:c4:c2:26:b1:20:a5:79:fc:ea:fe:
b3:ea:15:a1:b1:a4:07:0e:25:eb:24:78:9d:4d:a2:
43:05:20:a9:00:81:c7:b0:8c:ba:3c:15:0c:c9:09:
fa:e6:fd:5c:04:aa:b5:9f:8c:d8:31:8c:ff:c9:41:
92:dc:84:2a:84:15:87:f2:ec:3a:5a:3b:b8:e1:a6:
54:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D9:4B:D4:51:0B:E1:61:A8:D9:F5:11:F3:1C:58:0E:23:9E:C8:BA
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YdlL1FEL4WGo2fUR8xxYDiOeyLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
80:71:f6:f9:34:f7:4c:87:3d:3d:bf:6a:87:e7:14:b8:86:a3:
c3:d1:80:bb:86:f2:55:1f:89:ca:62:b0:ee:3a:9b:e4:6a:e1:
27:e8:11:b5:f2:bc:60:bf:35:a5:dc:be:2e:2e:01:39:e0:25:
f5:82:0a:1c:d8:0f:a4:d9:ee:24:35:4b:b9:c7:ac:fd:9c:e9:
3a:c0:c4:16:da:94:52:65:9f:75:22:ea:27:1b:c3:bb:0a:21:
d6:47:5d:de:3d:b6:24:41:0a:e9:21:ff:77:5f:28:06:37:80:
48:04:2a:56:fa:98:48:da:54:d9:13:55:68:a7:7d:05:c6:9c:
2f:81:37:01:30:f0:6b:73:ef:ad:1f:38:60:1c:28:bf:50:87:
19:5f:f5:44:c1:19:85:65:7a:2e:c3:5c:74:8c:06:80:8e:5a:
4c:e4:e3:9b:a1:08:33:df:72:51:af:27:df:40:c5:83:ad:8a:
4a:81:87:e5:cf:cb:3a:70:c3:5b:3d:d2:7f:e3:eb:96:52:ec:
1c:2b:75:c1:1a:e7:bd:35:73:d2:d2:ac:66:82:38:87:43:19:
68:a3:21:ab:7a:b9:9e:b2:f2:d2:80:d4:c2:66:1c:22:15:24:
1a:da:08:9b:77:d8:21:ef:2f:d2:a1:09:0a:a3:92:9f:07:57:
36:33:b6:e2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWlGAXiUljishIHoQJBhwR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE3MTcxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ5NGJkNDUxMGJlMTYxYThkOWY1MTFmMzFjNTgwZTIzOWVjOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZFP+VlxFVP2zVWmFAhMleft/HH5
Nqka/rRpFrstkfTxFNjqYr5DUkZ40VeJbZ2lwfb9xq2Www5qsgPcI1QaEslt26lz
t2j0W+ktaAfjL5oWwLoPsHT/WhtWY19r4+EjQW/5MWcPFxaaIhIEbW2+ZRplKAMB
EN5Q9NRr96PcvuEAee6UbXxGubDlvIxOn8WR9GL67wVxpBSESZ6HT9jcc3h2xKPQ
44nEhbQEqiXl6THE8uzPIDjuKsTCJrEgpXn86v6z6hWhsaQHDiXrJHidTaJDBSCp
AIHHsIy6PBUMyQn65v1cBKq1n4zYMYz/yUGS3IQqhBWH8uw6Wju44aZUzQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGHZS9RRC+FhqNn1EfMcWA4jnsi6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWWRsTDFGRUw0V0dvMmZVUjh4eFlEaU9leUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAgHH2+TT3TIc9Pb9qh+cUuIaj
w9GAu4byVR+JymKw7jqb5GrhJ+gRtfK8YL81pdy+Li4BOeAl9YIKHNgPpNnuJDVL
uces/ZzpOsDEFtqUUmWfdSLqJxvDuwoh1kdd3j22JEEK6SH/d18oBjeASAQqVvqY
SNpU2RNVaKd9BcacL4E3ATDwa3PvrR84YBwov1CHGV/1RMEZhWV6LsNcdIwGgI5a
TOTjm6EIM99yUa8n30DFg62KSoGH5c/LOnDDWz3Sf+PrllLsHCt1wRrnvTVz0tKs
ZoI4h0MZaKMhq3q5nrLy0oDUwmYcIhUkGtoIm3fYIe8v0qEJCqOSnwdXNjO24g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:08:12 2025 by rpki-client