Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/e5bw3QgkVT7VbCSPTtRD5oM0DrM.roa
File: e5bw3QgkVT7VbCSPTtRD5oM0DrM.roa (raw, json)
Hash identifier: LwyJFcMlQ7d70b8gHM+1nLxHKYBmCnrN9SSwczkp/FU=
Subject key identifier: 7B:96:F0:DD:08:24:55:3E:D5:6C:24:8F:4E:D4:43:E6:83:34:0E:B3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A05F86C11FA20951EAC82EDCA8BF21CC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/e5bw3QgkVT7VbCSPTtRD5oM0DrM.roa
Signing time: Sun 16 Mar 2025 19:12:49 +0000
ROA not before: Sun 16 Mar 2025 19:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:5f:86:c1:1f:a2:09:51:ea:c8:2e:dc:a8:bf:21:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 19:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b96f0dd0824553ed56c248f4ed443e683340eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:f9:8d:8f:a0:fa:d3:c5:50:f9:a7:c0:9a:
fc:d3:1e:54:e0:d4:43:9f:40:38:7f:3f:bc:e9:2b:
11:f8:f2:14:a4:42:1c:93:56:45:5e:90:88:de:74:
18:5a:b3:b6:07:f6:f6:b5:16:a6:67:81:7d:23:7c:
53:ae:a5:73:c5:40:6b:f9:ab:6d:29:00:64:c2:b6:
39:6a:34:d8:b8:82:70:57:d9:4f:0f:d6:b6:db:2b:
77:9e:04:7d:0f:d4:76:f0:04:38:04:39:67:44:44:
9c:1c:c9:29:37:eb:b2:bf:88:06:e5:c8:65:10:2f:
d9:7c:15:c1:9e:f3:f0:7d:e8:2f:e0:c1:2a:f8:05:
c3:63:7a:e0:78:bb:50:8b:e9:62:90:de:25:f7:c9:
66:2b:39:97:64:5b:19:76:3e:4f:67:5b:5d:cb:e8:
a3:0f:ef:c6:96:7d:25:e0:99:00:15:07:3e:ff:5d:
27:ae:43:81:67:0a:ba:b9:07:6e:07:67:c1:ef:22:
0e:79:92:c2:a3:da:b1:8d:70:e6:ee:2c:33:fb:e9:
fa:2b:c0:b6:4f:44:ae:e0:22:c3:1e:cb:bf:80:e1:
20:27:e4:0c:ed:14:50:c0:e7:bb:d8:e0:a3:c6:22:
80:94:f0:9c:20:42:a1:86:2c:29:a5:91:c1:f1:ba:
8f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:96:F0:DD:08:24:55:3E:D5:6C:24:8F:4E:D4:43:E6:83:34:0E:B3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/e5bw3QgkVT7VbCSPTtRD5oM0DrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
57:2e:c2:fd:0c:3e:fc:4f:bc:76:f3:07:5e:5f:00:dc:89:73:
28:2f:a4:65:a6:e2:f6:c9:da:67:29:d4:28:10:55:13:a0:27:
86:24:b3:86:01:72:5f:28:af:9b:98:56:82:3b:dc:d2:31:c9:
34:21:36:58:7b:50:98:21:3c:a6:1c:70:64:13:0a:7c:36:61:
6d:83:b5:b7:34:f2:18:e8:cc:f8:fb:59:4a:aa:91:10:f2:ae:
68:b0:ac:38:a1:e9:9a:0f:1d:34:94:b2:3b:9c:e5:1c:99:a1:
18:87:09:31:44:85:4d:31:e0:8a:10:94:65:9a:2b:95:a3:0a:
40:0e:c2:e2:12:b0:95:c3:d5:c9:75:ea:6c:50:78:b5:35:14:
a4:6e:cc:db:d2:e2:57:64:6c:2c:f5:ea:71:a7:b4:8a:31:25:
9d:1a:e9:06:a1:91:1f:ee:51:44:ef:5c:27:8d:df:06:bd:4c:
88:59:3e:1b:be:c6:a7:3e:d5:c8:45:47:bf:bd:39:ef:53:ee:
cf:fa:44:0b:15:b7:6b:78:11:91:90:17:73:f3:1f:99:0c:3f:
f6:e5:ec:6f:6a:70:ef:fd:b3:9e:ba:94:c6:fd:98:e1:3d:6f:
e3:1e:41:4d:3d:83:8b:ec:ac:7c:6c:ea:6e:e8:b5:1a:f4:5c:
65:9a:5b:1d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWgX4bBH6IJUerILtyovyHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MTkxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjk2ZjBkZDA4MjQ1NTNlZDU2YzI0OGY0ZWQ0NDNlNjgzMzQwZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1b5jY+g+tPFUPmnwJr80x5U4NRD
n0A4fz+86SsR+PIUpEIck1ZFXpCI3nQYWrO2B/b2tRamZ4F9I3xTrqVzxUBr+att
KQBkwrY5ajTYuIJwV9lPD9a22yt3ngR9D9R28AQ4BDlnREScHMkpN+uyv4gG5chl
EC/ZfBXBnvPwfegv4MEq+AXDY3rgeLtQi+likN4l98lmKzmXZFsZdj5PZ1tdy+ij
D+/Gln0l4JkAFQc+/10nrkOBZwq6uQduB2fB7yIOeZLCo9qxjXDm7iwz++n6K8C2
T0Su4CLDHsu/gOEgJ+QM7RRQwOe72OCjxiKAlPCcIEKhhiwppZHB8bqP5QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHuW8N0IJFU+1Wwkj07UQ+aDNA6zMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZTVidzNRZ2tWVDdWYkNTUFR0UkQ1b00wRHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAVy7C/Qw+/E+8dvMHXl8A3Ilz
KC+kZabi9snaZynUKBBVE6AnhiSzhgFyXyivm5hWgjvc0jHJNCE2WHtQmCE8phxw
ZBMKfDZhbYO1tzTyGOjM+PtZSqqREPKuaLCsOKHpmg8dNJSyO5zlHJmhGIcJMUSF
TTHgihCUZZorlaMKQA7C4hKwlcPVyXXqbFB4tTUUpG7M29LiV2RsLPXqcae0ijEl
nRrpBqGRH+5RRO9cJ43fBr1MiFk+G77Gpz7VyEVHv70571Puz/pECxW3a3gRkZAX
c/MfmQw/9uXsb2pw7/2znrqUxv2Y4T1v4x5BTT2Di+ysfGzqbui1GvRcZZpbHQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:03:58 2025 by rpki-client