Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b6DZygS-rPJs5n9R2Hipmy7l074.roa
File: b6DZygS-rPJs5n9R2Hipmy7l074.roa (raw, json)
Hash identifier: YYPX9BDvBJX2z+jyLxbLueZ+XW0JxFsRKFyz1EQREr8=
Subject key identifier: 6F:A0:D9:CA:04:BE:AC:F2:6C:E6:7F:51:D8:78:A9:9B:2E:E5:D3:BE
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A696B6FBB3F52ADF0131B4547DC2245D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b6DZygS-rPJs5n9R2Hipmy7l074.roa
Signing time: Tue 18 Mar 2025 00:10:49 +0000
ROA not before: Tue 18 Mar 2025 00:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a6:96:b6:fb:b3:f5:2a:df:01:31:b4:54:7d:c2:24:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 18 00:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fa0d9ca04beacf26ce67f51d878a99b2ee5d3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:34:3a:65:93:c9:6e:f5:4d:b0:04:28:39:71:
75:de:8a:b8:40:ad:a7:52:b5:2b:eb:c2:15:81:0a:
3e:37:a4:51:57:2b:13:23:71:6c:48:72:70:65:f0:
07:77:2b:cc:f1:41:aa:c2:ca:7f:27:b9:d1:7c:4c:
e6:f5:c8:92:33:b9:67:54:e1:5b:cd:3d:31:b3:3e:
ad:6e:7c:1f:fc:48:a0:b3:69:97:e5:07:8b:8d:c7:
7a:cd:8e:a3:fb:48:f4:4b:09:7e:cf:03:7d:fb:54:
93:73:56:98:f0:02:75:d2:65:af:5e:cf:9e:a1:c5:
02:4e:fd:d0:40:41:5c:87:70:0d:26:a8:e0:1b:e7:
90:90:44:ad:8a:7d:78:a4:52:95:fa:90:e2:2a:a7:
59:6e:8f:af:e8:81:91:e8:31:01:76:a6:9b:26:65:
4d:f2:18:61:e0:b1:b5:63:b1:63:4e:cb:d3:88:a5:
80:6e:d7:b3:80:23:41:82:6d:bf:3d:58:a2:75:28:
d1:fb:a1:ae:27:e9:68:3d:f0:d5:c3:35:12:d1:22:
44:bc:91:33:29:ca:ce:ff:a1:52:fb:0d:a8:13:16:
f4:30:38:43:df:48:03:d6:7c:7a:2e:a8:17:6f:40:
7e:7b:b8:b4:a2:13:b5:ed:9c:5d:8e:de:87:9a:d4:
ef:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A0:D9:CA:04:BE:AC:F2:6C:E6:7F:51:D8:78:A9:9B:2E:E5:D3:BE
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/b6DZygS-rPJs5n9R2Hipmy7l074.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
4f:4f:6b:6a:11:3e:8c:dd:82:1f:15:1c:6e:39:84:35:b0:f5:
66:b9:05:46:df:90:d8:68:b2:55:51:8a:a7:74:c2:04:b1:3d:
b5:ad:1b:e1:99:69:bb:1c:41:c8:88:b4:e3:b4:d2:47:d6:dd:
e2:bc:2e:2d:fb:93:d4:c4:45:96:b8:d2:fc:01:52:6d:d2:49:
90:b2:4d:22:28:80:4c:e4:35:ac:37:4a:31:21:75:8a:50:22:
e6:c6:10:28:59:ac:13:5a:ef:10:1a:b0:8b:9b:1e:ea:63:83:
79:63:a2:2a:b3:c3:b9:74:a4:26:35:3f:ef:fd:39:6e:b1:f9:
1e:dc:f2:72:39:be:05:d6:9f:50:a9:f3:3f:89:f8:13:60:70:
75:82:57:a0:e3:a9:5f:10:8c:58:0d:e5:e4:9e:04:f2:8d:0f:
27:20:ec:7e:64:18:17:7e:b4:18:2f:aa:ad:b0:21:28:7b:a0:
07:30:25:36:27:ca:19:04:cd:35:53:df:ae:81:88:3a:25:c6:
4a:6a:9b:18:8d:f1:f9:46:85:2a:f0:3b:56:e8:3c:00:e2:2e:
36:df:a9:5a:74:32:44:e5:8b:3e:35:0f:d6:c4:a1:0c:a8:7e:
69:d8:09:0a:0f:77:aa:57:8c:da:8f:56:6f:69:d6:48:46:d4:
fb:60:bc:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWmlrb7s/Uq3wExtFR9wiRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE4MDAxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmEwZDljYTA0YmVhY2YyNmNlNjdmNTFkODc4YTk5YjJlZTVkM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTQ6ZZPJbvVNsAQoOXF13oq4QK2n
UrUr68IVgQo+N6RRVysTI3FsSHJwZfAHdyvM8UGqwsp/J7nRfEzm9ciSM7lnVOFb
zT0xsz6tbnwf/Eigs2mX5QeLjcd6zY6j+0j0Swl+zwN9+1STc1aY8AJ10mWvXs+e
ocUCTv3QQEFch3ANJqjgG+eQkEStin14pFKV+pDiKqdZbo+v6IGR6DEBdqabJmVN
8hhh4LG1Y7FjTsvTiKWAbtezgCNBgm2/PViidSjR+6GuJ+loPfDVwzUS0SJEvJEz
KcrO/6FS+w2oExb0MDhD30gD1nx6LqgXb0B+e7i0ohO17Zxdjt6HmtTveQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFG+g2coEvqzybOZ/Udh4qZsu5dO+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYjZEWnlnUy1yUEpzNW45UjJIaXBteTdsMDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAT09rahE+jN2CHxUcbjmENbD1
ZrkFRt+Q2GiyVVGKp3TCBLE9ta0b4ZlpuxxByIi047TSR9bd4rwuLfuT1MRFlrjS
/AFSbdJJkLJNIiiATOQ1rDdKMSF1ilAi5sYQKFmsE1rvEBqwi5se6mODeWOiKrPD
uXSkJjU/7/05brH5Htzycjm+BdafUKnzP4n4E2BwdYJXoOOpXxCMWA3l5J4E8o0P
JyDsfmQYF360GC+qrbAhKHugBzAlNifKGQTNNVPfroGIOiXGSmqbGI3x+UaFKvA7
Vug8AOIuNt+pWnQyROWLPjUP1sShDKh+adgJCg93qleM2o9Wb2nWSEbU+2C8ug==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:14:54 2025 by rpki-client