Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dJhI5VEoVC-IbpxkaqRjwGhJqmY.roa
File: dJhI5VEoVC-IbpxkaqRjwGhJqmY.roa (raw, json)
Hash identifier: 7qX0JTtcKUxJ2XTzUwlC11tf5RJk9NFzMiqw3O4a+CA=
Subject key identifier: 74:98:48:E5:51:28:54:2F:88:6E:9C:64:6A:A4:63:C0:68:49:AA:66
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019573B6E19BF0676E76712C8F11E3526C19
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dJhI5VEoVC-IbpxkaqRjwGhJqmY.roa
Signing time: Sat 08 Mar 2025 03:05:19 +0000
ROA not before: Sat 08 Mar 2025 03:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:73b6:589c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:73:b6:e1:9b:f0:67:6e:76:71:2c:8f:11:e3:52:6c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 8 03:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=749848e55128542f886e9c646aa463c06849aa66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:58:14:d8:00:56:f0:26:ca:0c:8e:99:45:
96:28:16:aa:96:e1:a6:53:fb:f7:13:0e:94:f8:fc:
da:6a:dd:d3:21:b5:fb:ff:b0:e3:e7:e2:68:01:69:
b1:c4:b9:c0:18:ad:64:04:06:01:55:92:59:90:d7:
9d:b9:3b:47:0b:44:2c:5a:d6:1b:10:e4:2d:2b:99:
dc:5f:b1:1b:43:c2:84:15:f9:b8:71:09:02:bb:e0:
2f:03:5e:21:b5:b6:60:9c:d1:10:ff:01:1a:be:d2:
e3:cc:e9:41:10:c5:42:a2:89:f2:fa:43:b1:1a:d1:
17:2a:f4:b6:4a:10:aa:18:52:5d:9e:fc:6a:68:8b:
8f:0c:12:8c:fb:45:9a:64:c8:48:6c:3e:4f:0b:de:
b9:0d:92:1f:5b:ef:c0:8d:79:22:46:b7:03:ae:35:
49:5b:b4:27:e7:e2:c2:ca:0d:ce:41:3a:81:08:66:
dd:12:66:b7:7f:67:11:bf:f1:02:e5:bd:0e:a9:0b:
ad:bf:81:e3:4a:b1:1c:71:6d:47:21:8c:3e:15:40:
e0:c1:66:98:0f:b2:f8:5e:f8:2e:a0:94:21:25:6d:
2b:ea:96:0d:06:90:5f:a7:01:a5:38:0e:5b:af:26:
ea:96:a6:a4:5f:c1:4c:d5:00:ae:fe:c4:c4:45:92:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:98:48:E5:51:28:54:2F:88:6E:9C:64:6A:A4:63:C0:68:49:AA:66
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/dJhI5VEoVC-IbpxkaqRjwGhJqmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:73b6:589c/128
Signature Algorithm: sha256WithRSAEncryption
05:30:7b:b1:0f:fd:38:ea:61:5b:a7:5c:49:97:58:10:a2:e5:
1c:e1:05:18:0f:7e:89:02:af:c5:3d:da:56:b4:fb:f1:4a:7c:
2b:4d:7c:32:c0:79:c6:22:36:d7:52:89:a2:3f:99:9d:e3:23:
b3:a9:3c:1e:fc:25:ef:4e:98:3e:99:47:32:78:f7:22:62:2e:
56:86:d1:ff:fb:0b:11:1c:d4:15:b9:20:78:88:25:82:70:ea:
85:e2:86:93:8d:ad:17:32:8f:d3:9f:20:52:36:9f:8c:42:b8:
84:d2:58:ad:6b:7c:50:8e:bd:32:8e:e9:5f:18:f0:f2:38:e7:
25:f9:c9:2c:f2:f5:f8:64:22:d0:d0:90:e0:01:1e:ef:92:18:
ba:4c:61:64:4a:e9:fe:96:a1:ff:3f:3c:be:7b:42:b3:37:c5:
08:56:de:71:39:37:3e:fd:f0:28:be:ab:0f:e0:a3:07:24:ce:
ec:80:55:71:4c:e7:4b:11:76:5c:a1:db:e0:0b:6a:2c:2e:b7:
20:f1:67:4a:8c:1c:81:94:28:a1:54:2f:c5:10:8d:18:fb:f3:
9f:2d:98:93:1f:db:f6:86:78:08:41:dd:2f:8f:39:07:8c:6e:
f5:8b:c3:ea:b1:c1:7b:07:cf:ae:2f:97:ad:f5:84:60:31:07:
d6:7c:23:18
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVztuGb8GdudnEsjxHjUmwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA4MDMwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDk4NDhlNTUxMjg1NDJmODg2ZTljNjQ2YWE0NjNjMDY4NDlhYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvlYFNgAVvAmygyOmUWWKBaqluGm
U/v3Ew6U+Pzaat3TIbX7/7Dj5+JoAWmxxLnAGK1kBAYBVZJZkNeduTtHC0QsWtYb
EOQtK5ncX7EbQ8KEFfm4cQkCu+AvA14htbZgnNEQ/wEavtLjzOlBEMVCoony+kOx
GtEXKvS2ShCqGFJdnvxqaIuPDBKM+0WaZMhIbD5PC965DZIfW+/AjXkiRrcDrjVJ
W7Qn5+LCyg3OQTqBCGbdEma3f2cRv/EC5b0OqQutv4HjSrEccW1HIYw+FUDgwWaY
D7L4XvguoJQhJW0r6pYNBpBfpwGlOA5brybqlqakX8FM1QCu/sTERZKzQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHSYSOVRKFQviG6cZGqkY8BoSapmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZEpoSTVWRW9WQy1JYnB4a2FxUmp3R2hKcW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVc7ZYnDANBgkqhkiG9w0BAQsFAAOCAQEABTB7sQ/9OOphW6dcSZdYEKLl
HOEFGA9+iQKvxT3aVrT78Up8K018MsB5xiI211KJoj+ZneMjs6k8Hvwl706YPplH
Mnj3ImIuVobR//sLERzUFbkgeIglgnDqheKGk42tFzKP058gUjafjEK4hNJYrWt8
UI69Mo7pXxjw8jjnJfnJLPL1+GQi0NCQ4AEe75IYukxhZErp/pah/z88vntCszfF
CFbecTk3Pv3wKL6rD+CjByTO7IBVcUznSxF2XKHb4AtqLC63IPFnSowcgZQooVQv
xRCNGPvzny2Ykx/b9oZ4CEHdL485B4xu9YvD6rHBewfPri+XrfWEYDEH1nwjGA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:09:03 2025 by rpki-client