Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cpBj_H5Mq9Gv95UA3xkH-JIirlY.roa
File: cpBj_H5Mq9Gv95UA3xkH-JIirlY.roa (raw, json)
Hash identifier: 05KALCjHYaoIE8V8NaJqpvMQveotmTVVQyGJcZBEIhg=
Subject key identifier: 72:90:63:FC:7E:4C:AB:D1:AF:F7:95:00:DF:19:07:F8:92:22:AE:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019586985A9DCB5EB98F46FDABC74B90C944
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cpBj_H5Mq9Gv95UA3xkH-JIirlY.roa
Signing time: Tue 11 Mar 2025 19:04:46 +0000
ROA not before: Tue 11 Mar 2025 19:04:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:8697:fd1b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:98:5a:9d:cb:5e:b9:8f:46:fd:ab:c7:4b:90:c9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 11 19:04:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=729063fc7e4cabd1aff79500df1907f89222ae56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:b9:99:46:aa:54:1a:82:b6:43:d4:e5:78:
fc:d7:0b:44:64:cf:62:54:4d:b4:45:7d:18:48:f6:
fc:7b:12:8e:e0:35:4e:fd:07:b6:8f:0b:e4:8f:a6:
3c:72:e9:a0:36:12:54:a8:f5:4f:5c:8b:69:ce:82:
1e:32:7a:c6:6d:4e:a1:7c:8b:75:31:27:7e:16:86:
b1:e7:a0:fe:3f:c5:71:09:71:4b:09:30:48:e7:65:
ba:99:2f:35:b3:c0:17:52:ce:43:74:eb:37:55:52:
6d:27:2e:6b:82:e7:f4:55:8f:08:39:60:72:82:23:
f0:50:5b:73:d7:ac:1f:06:2d:c2:c8:56:00:5e:7b:
6a:41:f1:32:5e:a8:8a:94:49:63:a3:c9:f1:c8:d9:
d6:3a:4c:56:25:03:1d:23:bb:80:e0:36:92:22:a4:
51:3a:fc:11:cd:e6:33:90:43:91:59:cb:0e:64:ce:
b4:fa:30:88:56:22:1a:3c:81:26:38:e7:e7:9a:65:
92:9c:15:44:79:ac:7c:fe:cb:35:4f:44:ca:d0:98:
03:9d:97:ad:f4:72:aa:7b:d6:1f:82:2c:ef:26:88:
4e:7c:54:21:e0:34:d6:37:8c:c5:8b:86:c4:dc:c9:
d4:6e:0c:20:d6:e3:97:01:aa:fd:20:5a:dd:b0:d6:
76:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:90:63:FC:7E:4C:AB:D1:AF:F7:95:00:DF:19:07:F8:92:22:AE:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/cpBj_H5Mq9Gv95UA3xkH-JIirlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:8697:fd1b/128
Signature Algorithm: sha256WithRSAEncryption
61:ec:97:f0:bb:f6:fa:75:4d:32:8f:dc:03:09:87:86:27:34:
10:48:a9:a1:ab:f1:1f:90:64:6f:95:61:9f:25:6f:a2:91:60:
53:26:fc:38:67:d1:4f:67:57:43:66:b3:dc:6b:64:bc:23:8d:
8c:5a:a6:47:9e:18:1f:12:2a:f4:0e:3d:7b:54:ba:82:5e:f6:
d8:47:91:e6:3e:1a:0e:12:07:93:3a:89:09:e4:dc:52:72:88:
c7:f4:d8:9f:61:20:8e:56:dc:2d:6b:1b:6e:5c:2f:ca:c2:46:
86:61:55:7a:f1:a9:ef:a3:f3:71:e2:88:10:0f:fb:34:c0:1e:
5b:34:6e:83:bb:6a:44:bb:b8:78:41:cd:eb:77:bc:cc:88:38:
26:3b:2a:d0:08:81:19:27:6f:90:16:7f:a1:3a:ce:55:95:8f:
74:d4:89:03:8e:69:dc:76:0f:d8:93:51:90:d1:0a:28:19:f7:
d0:80:ee:0b:3c:90:4c:79:84:3e:a3:2e:15:6e:8a:2b:65:c4:
13:d8:dc:ed:68:0f:49:24:ef:fd:25:2a:c2:c8:1c:7b:d2:f4:
34:59:c3:72:30:f0:34:33:87:ae:a8:ed:ad:d4:cb:6c:9b:dc:
73:cc:ff:c2:a9:9d:4b:ca:7a:6a:59:9a:6f:39:3c:27:61:3a:
b2:67:e7:ca
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWGmFqdy165j0b9q8dLkMlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzExMTkwNDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjkwNjNmYzdlNGNhYmQxYWZmNzk1MDBkZjE5MDdmODkyMjJhZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUu5mUaqVBqCtkPU5Xj81wtEZM9i
VE20RX0YSPb8exKO4DVO/Qe2jwvkj6Y8cumgNhJUqPVPXItpzoIeMnrGbU6hfIt1
MSd+Foax56D+P8VxCXFLCTBI52W6mS81s8AXUs5DdOs3VVJtJy5rguf0VY8IOWBy
giPwUFtz16wfBi3CyFYAXntqQfEyXqiKlEljo8nxyNnWOkxWJQMdI7uA4DaSIqRR
OvwRzeYzkEORWcsOZM60+jCIViIaPIEmOOfnmmWSnBVEeax8/ss1T0TK0JgDnZet
9HKqe9YfgizvJohOfFQh4DTWN4zFi4bE3MnUbgwg1uOXAar9IFrdsNZ2owIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHKQY/x+TKvRr/eVAN8ZB/iSIq5WMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvY3BCal9INU1xOUd2OTVVQTN4a0gtSklpcmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhpf9GzANBgkqhkiG9w0BAQsFAAOCAQEAYeyX8Lv2+nVNMo/cAwmHhic0
EEipoavxH5Bkb5VhnyVvopFgUyb8OGfRT2dXQ2az3GtkvCONjFqmR54YHxIq9A49
e1S6gl722EeR5j4aDhIHkzqJCeTcUnKIx/TYn2EgjlbcLWsbblwvysJGhmFVevGp
76PzceKIEA/7NMAeWzRug7tqRLu4eEHN63e8zIg4Jjsq0AiBGSdvkBZ/oTrOVZWP
dNSJA45p3HYP2JNRkNEKKBn30IDuCzyQTHmEPqMuFW6KK2XEE9jc7WgPSSTv/SUq
wsgce9L0NFnDcjDwNDOHrqjtrdTLbJvcc8z/wqmdS8p6almabzk8J2E6smfnyg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:15:50 2025 by rpki-client