Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h4JeQjOt2pbvdKtzLfkaaEqKPI8.roa
File: h4JeQjOt2pbvdKtzLfkaaEqKPI8.roa (raw, json)
Hash identifier: 37vY1UZoM6ZJvkPk9QEXsz810zwrFPLEZle7GTf32Ds=
Subject key identifier: 87:82:5E:42:33:AD:DA:96:EF:74:AB:73:2D:F9:1A:68:4A:8A:3C:8F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A73C6CFD339B90EB680642F39D1E4206
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h4JeQjOt2pbvdKtzLfkaaEqKPI8.roa
Signing time: Tue 18 Mar 2025 03:11:49 +0000
ROA not before: Tue 18 Mar 2025 03:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a7:3c:6c:fd:33:9b:90:eb:68:06:42:f3:9d:1e:42:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 18 03:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87825e4233adda96ef74ab732df91a684a8a3c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f0:80:58:52:8c:63:9a:37:dc:da:9e:d8:dc:
3d:c3:e4:98:bf:3d:fa:08:4b:e0:0b:58:48:16:76:
2b:e4:69:d5:46:c9:77:71:35:2b:3d:7c:37:9d:d9:
05:63:7a:96:84:7b:8c:ed:d4:34:43:cd:ec:5f:12:
14:40:be:d0:a2:11:4f:06:5e:ed:09:90:fe:b6:2e:
f8:c1:05:b6:e8:97:d3:5a:76:5f:86:87:ed:19:60:
e6:69:b5:ae:6a:47:69:f2:05:34:7d:3f:23:13:fb:
d5:cb:ea:8f:87:e6:5e:a5:31:b2:12:af:c6:c1:eb:
19:1a:8a:4e:24:e1:4f:6e:38:32:c6:43:6c:ca:db:
0b:ea:e4:0c:8a:1b:1d:57:5f:48:13:21:31:b6:bb:
92:54:5b:37:28:c9:9d:16:08:a9:c0:66:1f:f4:47:
6c:17:bc:b4:b4:d2:7e:7f:26:e6:b5:b7:41:a8:28:
b0:44:aa:9f:2a:7e:3d:00:c3:03:90:47:b3:2c:83:
b5:88:14:90:f6:36:97:33:42:29:9b:0d:76:f8:5a:
b7:48:f0:98:41:86:1a:a0:1b:aa:1e:f3:5a:7c:71:
c8:88:bd:48:eb:24:07:50:f8:c7:ff:d1:47:af:1e:
66:b9:4b:c8:aa:1e:4c:5a:b9:47:d7:7c:08:11:18:
32:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:82:5E:42:33:AD:DA:96:EF:74:AB:73:2D:F9:1A:68:4A:8A:3C:8F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h4JeQjOt2pbvdKtzLfkaaEqKPI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
5e:0b:47:8e:6b:fe:ce:af:6e:30:61:d2:b9:1e:42:1f:87:84:
be:8e:3e:65:2f:83:08:67:15:cd:da:cd:5b:4d:50:59:21:65:
33:5b:95:da:99:73:a2:b6:5a:99:76:47:ae:ad:fe:e1:53:2f:
5b:33:2d:d5:ff:56:7f:25:d8:1c:0e:28:6f:1e:aa:c7:36:66:
25:65:fb:c7:87:47:48:a0:b8:29:95:f9:d0:13:bd:0a:f2:06:
db:a2:80:71:1b:c5:0e:cb:f7:7b:2e:97:4c:61:fb:69:4c:36:
bd:2d:51:71:63:fb:1c:90:54:00:9b:6b:f4:3e:8e:8c:78:2c:
c1:e4:6d:13:00:bd:29:27:74:c7:ca:c4:c6:ec:ea:85:fc:72:
8b:4c:8d:ca:b5:2e:b2:83:a5:5e:8c:40:04:8e:e9:8e:c0:fb:
fe:95:3f:c1:8b:93:2b:e4:38:a8:2d:19:81:9f:30:80:0d:58:
5f:cf:5e:2f:7c:19:08:e8:1f:28:ce:08:cc:4e:b3:3b:ba:e1:
75:d8:38:0a:0a:44:3b:8c:e2:1d:47:b2:18:4c:fc:93:e2:92:
40:62:3d:9f:c9:78:a0:61:c4:2e:b9:4a:f2:d1:a6:7c:77:7b:
d4:45:cd:4f:31:4e:67:4d:e8:43:a6:e7:88:60:04:1d:7b:af:
80:96:47:7d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWnPGz9M5uQ62gGQvOdHkIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE4MDMxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzgyNWU0MjMzYWRkYTk2ZWY3NGFiNzMyZGY5MWE2ODRhOGEzYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/CAWFKMY5o33Nqe2Nw9w+SYvz36
CEvgC1hIFnYr5GnVRsl3cTUrPXw3ndkFY3qWhHuM7dQ0Q83sXxIUQL7QohFPBl7t
CZD+ti74wQW26JfTWnZfhoftGWDmabWuakdp8gU0fT8jE/vVy+qPh+ZepTGyEq/G
wesZGopOJOFPbjgyxkNsytsL6uQMihsdV19IEyExtruSVFs3KMmdFgipwGYf9Eds
F7y0tNJ+fybmtbdBqCiwRKqfKn49AMMDkEezLIO1iBSQ9jaXM0Ipmw12+Fq3SPCY
QYYaoBuqHvNafHHIiL1I6yQHUPjH/9FHrx5muUvIqh5MWrlH13wIERgycwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIeCXkIzrdqW73Srcy35GmhKijyPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaDRKZVFqT3QycGJ2ZEt0ekxma2FhRXFLUEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAXgtHjmv+zq9uMGHSuR5CH4eE
vo4+ZS+DCGcVzdrNW01QWSFlM1uV2plzorZamXZHrq3+4VMvWzMt1f9WfyXYHA4o
bx6qxzZmJWX7x4dHSKC4KZX50BO9CvIG26KAcRvFDsv3ey6XTGH7aUw2vS1RcWP7
HJBUAJtr9D6OjHgsweRtEwC9KSd0x8rExuzqhfxyi0yNyrUusoOlXoxABI7pjsD7
/pU/wYuTK+Q4qC0ZgZ8wgA1YX89eL3wZCOgfKM4IzE6zO7rhddg4CgpEO4ziHUey
GEz8k+KSQGI9n8l4oGHELrlK8tGmfHd71EXNTzFOZ03oQ6bniGAEHXuvgJZHfQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:19:52 2025 by rpki-client