Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/guA3Rr6xDKhhlGC26ia2putSHaU.roa
File: guA3Rr6xDKhhlGC26ia2putSHaU.roa (raw, json)
Hash identifier: UGN0cFxx6BY5jio2WIxlrHj/kl6rY4xn6FPfjfPoL/4=
Subject key identifier: 82:E0:37:46:BE:B1:0C:A8:61:94:60:B6:EA:26:B6:A6:EB:52:1D:A5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958B20617A1E41E606BC4C00D493C7F26F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/guA3Rr6xDKhhlGC26ia2putSHaU.roa
Signing time: Wed 12 Mar 2025 16:11:49 +0000
ROA not before: Wed 12 Mar 2025 16:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:20:61:7a:1e:41:e6:06:bc:4c:00:d4:93:c7:f2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 16:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82e03746beb10ca8619460b6ea26b6a6eb521da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:a0:02:f4:a2:f3:34:92:d1:4f:c5:05:7f:
86:f6:4a:5f:a4:39:fa:09:40:8c:de:bf:d9:88:96:
e7:24:f6:a9:22:57:bb:2e:39:d8:a9:f7:88:57:d7:
95:87:2e:ed:02:df:fb:29:79:e5:af:bf:06:21:02:
9a:30:27:57:18:b5:54:cd:d4:48:1d:ef:9d:27:2c:
83:c5:1e:4e:b3:41:ab:a6:04:f6:5f:66:f4:23:57:
5d:8e:99:85:42:7b:61:38:ee:e2:66:fa:db:a0:88:
37:a4:a0:03:79:ed:d4:2d:d7:79:1d:84:ef:fd:53:
af:9b:7f:6e:15:72:8b:70:ed:35:df:40:e5:8f:62:
17:f3:52:e8:c9:5f:ac:3e:4f:94:d0:20:7d:a0:5a:
47:ad:9b:bf:8d:83:6b:79:bb:20:2f:df:42:48:13:
8c:65:52:b4:f3:76:29:1e:a7:79:ec:ec:f9:c0:34:
c1:d1:16:7d:1f:30:2c:c7:10:06:85:52:ed:07:2b:
b6:b5:9a:87:cf:58:b0:16:97:cc:a9:c0:9e:4b:34:
a7:0f:96:cc:48:16:1b:75:53:08:b0:de:78:2d:8b:
f7:1e:ca:25:26:ea:08:f6:5b:1c:8c:78:2a:6d:4f:
53:9f:d6:dd:28:e6:8f:a1:68:98:82:45:a0:16:6f:
00:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E0:37:46:BE:B1:0C:A8:61:94:60:B6:EA:26:B6:A6:EB:52:1D:A5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/guA3Rr6xDKhhlGC26ia2putSHaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
3b:4d:5c:4e:a7:c7:bd:14:17:ed:43:7b:38:e3:82:f9:38:59:
46:c8:c9:bd:13:67:13:ee:7f:9b:da:0d:2d:28:08:e3:5f:2f:
a9:d8:dc:69:7f:66:aa:fb:32:8d:4e:33:2f:09:30:cc:2c:e4:
d8:bb:fa:59:fc:d4:ef:8b:b0:ab:64:ea:e6:ea:4b:4b:70:56:
83:b2:40:9d:33:09:41:1c:ea:7f:a5:a2:26:5b:fa:ba:2f:4d:
fd:21:e4:70:ea:70:4c:e4:f5:56:59:82:c7:75:9b:12:0d:8f:
c3:47:13:58:b5:c0:99:0c:83:bf:32:99:30:0a:ed:76:39:e7:
b4:64:92:6c:ed:0e:ca:25:3e:b4:a0:e4:6b:85:4e:8a:79:70:
b3:26:ce:9e:bb:f7:65:01:83:35:16:49:34:b2:34:29:c5:cc:
d9:93:d1:f0:60:47:b5:98:1a:ba:9a:d9:47:c1:dd:a6:56:01:
69:8f:72:ee:9d:86:1b:1e:40:05:bb:2f:32:43:75:e3:f5:9a:
bd:fe:ef:a5:a1:d3:e0:c7:22:89:20:8c:ab:6f:1b:a1:11:02:
51:6d:18:fd:d5:81:cd:0a:6a:9c:96:e9:c3:ac:82:4b:1e:c4:
19:26:91:30:98:4a:6f:85:00:b0:1c:d8:7e:03:fc:c9:df:f5:
24:9b:4c:26
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWLIGF6HkHmBrxMANSTx/JvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMTYxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUwMzc0NmJlYjEwY2E4NjE5NDYwYjZlYTI2YjZhNmViNTIxZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0mgAvSi8zSS0U/FBX+G9kpfpDn6
CUCM3r/ZiJbnJPapIle7LjnYqfeIV9eVhy7tAt/7KXnlr78GIQKaMCdXGLVUzdRI
He+dJyyDxR5Os0GrpgT2X2b0I1ddjpmFQnthOO7iZvrboIg3pKADee3ULdd5HYTv
/VOvm39uFXKLcO0130Dlj2IX81LoyV+sPk+U0CB9oFpHrZu/jYNrebsgL99CSBOM
ZVK083YpHqd57Oz5wDTB0RZ9HzAsxxAGhVLtByu2tZqHz1iwFpfMqcCeSzSnD5bM
SBYbdVMIsN54LYv3HsolJuoI9lscjHgqbU9Tn9bdKOaPoWiYgkWgFm8AxwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFILgN0a+sQyoYZRgtuomtqbrUh2lMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ3VBM1JyNnhES2hobEdDMjZpYTJwdXRTSGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAO01cTqfHvRQX7UN7OOOC+ThZ
RsjJvRNnE+5/m9oNLSgI418vqdjcaX9mqvsyjU4zLwkwzCzk2Lv6WfzU74uwq2Tq
5upLS3BWg7JAnTMJQRzqf6WiJlv6ui9N/SHkcOpwTOT1VlmCx3WbEg2Pw0cTWLXA
mQyDvzKZMArtdjnntGSSbO0OyiU+tKDka4VOinlwsybOnrv3ZQGDNRZJNLI0KcXM
2ZPR8GBHtZgauprZR8HdplYBaY9y7p2GGx5ABbsvMkN14/Wavf7vpaHT4MciiSCM
q28boRECUW0Y/dWBzQpqnJbpw6yCSx7EGSaRMJhKb4UAsBzYfgP8yd/1JJtMJg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:28:45 2025 by rpki-client