Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gFEXnRb8W1xf3Q6hfhpdFUKEm3w.roa
File: gFEXnRb8W1xf3Q6hfhpdFUKEm3w.roa (raw, json)
Hash identifier: lh+ImJvz0JNYrBia6klxTHK2xMJv7eLrT96HvJssJKs=
Subject key identifier: 80:51:17:9D:16:FC:5B:5C:5F:DD:0E:A1:7E:1A:5D:15:42:84:9B:7C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019592360A559332CF6D3A2E6770002BEF1F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gFEXnRb8W1xf3Q6hfhpdFUKEm3w.roa
Signing time: Fri 14 Mar 2025 01:12:49 +0000
ROA not before: Fri 14 Mar 2025 01:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:92:36:0a:55:93:32:cf:6d:3a:2e:67:70:00:2b:ef:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 01:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8051179d16fc5b5c5fdd0ea17e1a5d1542849b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:62:77:70:d6:7c:2d:41:c4:74:af:38:8e:dc:
c9:1a:96:95:93:51:54:60:9a:06:ec:79:9f:44:25:
03:7a:81:c0:81:21:a5:37:a8:ce:ca:43:8b:33:21:
e6:17:c2:47:dd:7a:f8:9a:e4:fd:d7:74:6d:92:a9:
cb:09:59:ae:7e:0c:22:a4:dc:e3:14:13:4f:8d:da:
e7:2a:d3:df:29:38:47:29:79:e5:b3:ef:41:02:fa:
d2:f2:44:83:03:6c:1f:99:41:55:aa:9f:1c:96:85:
f4:4a:69:cc:fc:e6:d8:8a:ce:b9:27:4c:0c:4d:7c:
8d:12:47:54:ce:86:ab:43:80:31:e2:6f:57:87:57:
27:db:36:71:78:22:d6:35:74:f1:c3:f6:60:0f:ae:
6f:4d:41:dd:93:f8:13:13:eb:c4:4c:04:e3:64:f6:
ef:5e:78:da:1e:7f:c0:51:d0:1d:dc:5e:6f:b8:37:
f6:9b:26:81:20:9e:a2:2e:d8:b8:2e:73:cc:17:f3:
a9:21:53:d5:59:af:0b:92:fc:e3:a9:8f:38:93:c6:
c9:ee:02:d8:11:6c:ab:76:19:f5:15:11:77:89:3e:
33:87:3d:e2:46:32:6b:41:29:49:4e:e7:94:d0:a8:
90:2a:b4:4a:2e:4a:29:a1:20:7c:05:7e:5b:85:2b:
e1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:51:17:9D:16:FC:5B:5C:5F:DD:0E:A1:7E:1A:5D:15:42:84:9B:7C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/gFEXnRb8W1xf3Q6hfhpdFUKEm3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
65:86:b4:79:a3:54:27:87:39:a6:89:c0:5c:84:01:84:00:12:
e9:38:85:65:76:6a:a5:3e:03:7c:a5:21:ed:3b:d1:bd:f8:50:
32:d7:d3:11:38:f5:3b:9c:49:2b:b0:3e:ec:74:0f:61:71:15:
f2:a5:23:cd:a0:a4:8a:ae:36:16:d4:f4:7c:ad:70:9e:cc:d6:
66:78:39:ed:b2:d4:28:3c:8c:c4:d3:76:9b:3d:d9:c7:ff:f5:
b1:d4:29:1a:f8:ea:14:d8:54:42:d1:a0:d4:45:68:ad:d1:ac:
f4:4a:27:23:d3:43:55:cb:38:1e:18:2b:16:9c:17:86:71:df:
67:51:7c:b5:78:03:81:4d:80:af:dc:85:fb:b2:90:32:e7:dc:
84:bb:2b:76:aa:83:60:6c:87:c7:69:7d:77:24:b4:a1:03:05:
e6:50:6e:19:49:ce:43:79:e3:51:13:8a:84:e0:b2:93:2c:42:
06:a0:18:e1:35:f1:a1:b7:05:16:14:f1:b6:34:72:d6:af:63:
fa:f5:e1:3f:f2:b9:93:e3:5e:ae:4d:3f:01:33:9d:24:a7:62:
32:a8:0b:b6:6f:61:e8:d1:5e:f9:1f:96:14:91:8d:59:77:a5:
7d:f2:47:5d:6c:ff:8c:bc:eb:f3:59:b5:b6:f1:22:36:ec:77:
bd:60:c7:f1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWSNgpVkzLPbTouZ3AAK+8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MDExMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUxMTc5ZDE2ZmM1YjVjNWZkZDBlYTE3ZTFhNWQxNTQyODQ5YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GJ3cNZ8LUHEdK84jtzJGpaVk1FU
YJoG7HmfRCUDeoHAgSGlN6jOykOLMyHmF8JH3Xr4muT913RtkqnLCVmufgwipNzj
FBNPjdrnKtPfKThHKXnls+9BAvrS8kSDA2wfmUFVqp8cloX0SmnM/ObYis65J0wM
TXyNEkdUzoarQ4Ax4m9Xh1cn2zZxeCLWNXTxw/ZgD65vTUHdk/gTE+vETATjZPbv
XnjaHn/AUdAd3F5vuDf2myaBIJ6iLti4LnPMF/OpIVPVWa8LkvzjqY84k8bJ7gLY
EWyrdhn1FRF3iT4zhz3iRjJrQSlJTueU0KiQKrRKLkopoSB8BX5bhSvhdQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIBRF50W/FtcX90OoX4aXRVChJt8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ0ZFWG5SYjhXMXhmM1E2aGZocGRGVUtFbTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAZYa0eaNUJ4c5ponAXIQBhAAS
6TiFZXZqpT4DfKUh7TvRvfhQMtfTETj1O5xJK7A+7HQPYXEV8qUjzaCkiq42FtT0
fK1wnszWZng57bLUKDyMxNN2mz3Zx//1sdQpGvjqFNhUQtGg1EVordGs9EonI9ND
Vcs4HhgrFpwXhnHfZ1F8tXgDgU2Ar9yF+7KQMufchLsrdqqDYGyHx2l9dyS0oQMF
5lBuGUnOQ3njUROKhOCykyxCBqAY4TXxobcFFhTxtjRy1q9j+vXhP/K5k+Nerk0/
ATOdJKdiMqgLtm9h6NFe+R+WFJGNWXelffJHXWz/jLzr81m1tvEiNux3vWDH8Q==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:18:27 2025 by rpki-client