Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQBKq6-UX6volo4uakrFRGZ2BGw.roa
File: aQBKq6-UX6volo4uakrFRGZ2BGw.roa (raw, json)
Hash identifier: VVNG/rasd3QSGdO/a0RKO7VJgKmPrXQar8nuaBwqzBs=
Subject key identifier: 69:00:4A:AB:AF:94:5F:AB:E8:96:8E:2E:6A:4A:C5:44:66:76:04:6C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01957D27E038B5B41DCD313C7606C99E34F7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQBKq6-UX6volo4uakrFRGZ2BGw.roa
Signing time: Sun 09 Mar 2025 23:05:20 +0000
ROA not before: Sun 09 Mar 2025 23:05:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:7d27:134e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7d:27:e0:38:b5:b4:1d:cd:31:3c:76:06:c9:9e:34:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 9 23:05:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69004aabaf945fabe8968e2e6a4ac5446676046c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f3:4f:36:df:c7:50:8e:1a:36:90:de:7b:bf:
0b:86:8d:d2:66:c1:11:e1:81:98:55:fa:04:a5:62:
30:7a:96:3f:a9:a7:91:1f:b6:e8:a1:b3:00:25:ea:
a1:a6:c0:07:7c:92:16:01:db:af:ab:65:40:e2:19:
75:a4:a1:b4:68:77:2a:b8:94:95:69:d7:14:64:95:
58:0d:c6:56:18:09:df:50:10:bd:d4:b7:6e:0b:1e:
74:0a:e5:36:c8:f2:4c:33:15:87:c4:a4:6c:80:b8:
cd:83:ac:80:4d:3a:80:48:ef:90:66:fe:38:b9:ab:
9e:26:12:e6:06:80:f2:a3:10:48:c7:25:31:ef:72:
d4:84:8b:51:8f:c3:3f:50:65:ab:52:87:8d:20:cd:
83:aa:94:90:12:ce:30:cc:b3:70:7d:1d:e8:04:fa:
0d:8d:87:23:71:4a:e9:13:5f:ac:29:82:af:1f:c1:
1b:9b:8d:b7:91:af:d1:d6:51:3a:79:6b:10:ce:b2:
bc:fa:ab:ca:93:e4:61:e9:72:07:d5:fb:11:f4:58:
ba:8f:79:be:7b:cc:aa:d2:e2:d7:70:25:b0:9d:00:
c3:f4:c2:ff:a1:a6:00:05:99:f7:d9:3f:a7:7e:19:
69:b5:b0:a2:4c:c2:84:f4:6d:75:b4:7f:2d:1e:25:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:00:4A:AB:AF:94:5F:AB:E8:96:8E:2E:6A:4A:C5:44:66:76:04:6C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQBKq6-UX6volo4uakrFRGZ2BGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:7d27:134e/128
Signature Algorithm: sha256WithRSAEncryption
04:b4:fd:c9:e5:c9:1b:45:ad:eb:d3:97:6a:fe:1c:2e:a2:c4:
72:fd:1e:ff:c6:9b:d1:71:07:bb:26:61:ac:cf:b3:64:1e:33:
7c:8f:3e:a6:ce:79:af:b8:d2:3b:87:b0:fe:f5:88:90:12:0d:
bb:3a:d7:50:ee:91:45:a1:fd:cb:96:37:c5:03:72:28:1e:d1:
36:26:b9:a3:b6:77:0a:ea:ce:be:ba:61:08:c7:12:3a:33:46:
c2:f7:1f:ee:95:4e:d1:a7:db:38:0b:61:6e:15:31:b8:87:97:
86:75:db:30:d6:ca:2b:6a:9a:0b:e1:ef:ef:ae:82:f6:b2:8f:
6d:36:c8:af:f1:83:b9:8a:72:fe:86:4c:8d:82:f3:6d:25:21:
7c:43:6c:20:71:6b:0c:be:5c:61:82:72:60:eb:86:42:53:d1:
c8:b0:8c:14:b1:e4:4f:22:8f:b2:94:fb:fe:2d:06:b5:bb:a5:
41:aa:f8:12:f7:0c:6a:b9:03:c0:d5:ca:db:c5:ee:7f:32:0d:
bc:91:45:25:9f:18:8a:25:76:d6:66:29:21:7f:94:5b:18:c6:
3a:db:9c:15:07:b3:73:32:df:84:39:a0:f3:14:14:08:f6:fe:
e8:8d:7f:60:2b:14:d8:c1:c8:d9:24:fc:4c:de:79:54:eb:fa:
16:bf:a8:f3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZV9J+A4tbQdzTE8dgbJnjT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA5MjMwNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAwNGFhYmFmOTQ1ZmFiZTg5NjhlMmU2YTRhYzU0NDY2NzYwNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfNPNt/HUI4aNpDee78Lho3SZsER
4YGYVfoEpWIwepY/qaeRH7boobMAJeqhpsAHfJIWAduvq2VA4hl1pKG0aHcquJSV
adcUZJVYDcZWGAnfUBC91LduCx50CuU2yPJMMxWHxKRsgLjNg6yATTqASO+QZv44
uaueJhLmBoDyoxBIxyUx73LUhItRj8M/UGWrUoeNIM2DqpSQEs4wzLNwfR3oBPoN
jYcjcUrpE1+sKYKvH8Ebm423ka/R1lE6eWsQzrK8+qvKk+Rh6XIH1fsR9Fi6j3m+
e8yq0uLXcCWwnQDD9ML/oaYABZn32T+nfhlptbCiTMKE9G11tH8tHiXBEQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGkASquvlF+r6JaOLmpKxURmdgRsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYVFCS3E2LVVYNnZvbG80dWFrckZSR1oyQkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVfScTTjANBgkqhkiG9w0BAQsFAAOCAQEABLT9yeXJG0Wt69OXav4cLqLE
cv0e/8ab0XEHuyZhrM+zZB4zfI8+ps55r7jSO4ew/vWIkBINuzrXUO6RRaH9y5Y3
xQNyKB7RNia5o7Z3CurOvrphCMcSOjNGwvcf7pVO0afbOAthbhUxuIeXhnXbMNbK
K2qaC+Hv766C9rKPbTbIr/GDuYpy/oZMjYLzbSUhfENsIHFrDL5cYYJyYOuGQlPR
yLCMFLHkTyKPspT7/i0GtbulQar4EvcMarkDwNXK28XufzINvJFFJZ8YiiV21mYp
IX+UWxjGOtucFQezczLfhDmg8xQUCPb+6I1/YCsU2MHI2ST8TN55VOv6Fr+o8w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:13:06 2025 by rpki-client