Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h7BgpUidbqimj0ANZOMAUUySwjc.roa
File: h7BgpUidbqimj0ANZOMAUUySwjc.roa (raw, json)
Hash identifier: b5mKRNtZ1Z/UqUYyewoYh6yNWste0doj+4NbkWO2uzo=
Subject key identifier: 87:B0:60:A5:48:9D:6E:A8:A6:8F:40:0D:64:E3:00:51:4C:92:C2:37
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01951997541395D928E25720D93CCD3D7584
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h7BgpUidbqimj0ANZOMAUUySwjc.roa
Signing time: Tue 18 Feb 2025 15:05:02 +0000
ROA not before: Tue 18 Feb 2025 15:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:1996:a87e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:97:54:13:95:d9:28:e2:57:20:d9:3c:cd:3d:75:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 18 15:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87b060a5489d6ea8a68f400d64e300514c92c237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:be:d8:80:88:c9:a3:f2:f5:93:8e:f0:57:65:
75:3c:fe:68:33:33:8b:2c:ee:a1:9d:ad:74:45:02:
7a:40:d9:ac:b4:d1:f4:62:7a:36:91:61:39:23:95:
e6:7b:ba:e1:ab:00:b2:9a:b3:6a:22:ed:84:8f:0d:
71:7d:9f:53:19:a5:db:5e:2e:7b:82:2b:82:03:68:
c5:02:dc:81:66:dc:5b:c3:9d:b3:89:ac:a3:21:76:
19:ad:11:2d:7a:ac:67:1e:4e:cf:ba:52:ec:b8:7e:
b4:f6:a3:bd:15:9f:e8:90:7d:be:e6:2a:23:f6:a7:
48:a7:86:00:a3:c8:f7:7a:61:f0:f7:a4:52:bb:41:
8f:de:74:b1:5e:a5:d9:2d:8b:64:cf:ce:f1:cc:b4:
80:62:16:52:c3:28:e2:2f:1c:6d:41:c0:71:51:16:
95:36:aa:6e:f3:d5:b3:30:31:0f:3c:cb:c8:6f:a0:
be:25:1c:57:a3:f4:fb:36:a9:08:11:9d:04:fa:10:
ef:95:3d:60:af:ba:24:74:d1:a6:6e:ba:8b:96:8a:
0f:95:a0:e0:f7:59:5b:8a:c6:ed:8e:7f:a4:a5:8f:
4c:4c:31:04:83:68:1d:89:dc:b6:1c:2c:87:d7:3c:
ea:53:f7:00:97:2c:4f:34:8d:62:e0:5f:45:de:5e:
fc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B0:60:A5:48:9D:6E:A8:A6:8F:40:0D:64:E3:00:51:4C:92:C2:37
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h7BgpUidbqimj0ANZOMAUUySwjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:1996:a87e/128
Signature Algorithm: sha256WithRSAEncryption
3a:b6:88:3b:af:3f:b1:3b:5c:c3:48:a2:3d:49:1d:e6:aa:2c:
52:bb:74:c7:60:5f:e1:e9:5a:f6:d0:ce:93:26:08:be:f1:11:
2f:10:77:dc:04:f9:ad:18:36:bf:05:1b:6e:db:e9:50:e0:f0:
39:c1:97:37:62:09:eb:d3:b4:18:53:17:16:43:5a:2d:02:79:
b0:bc:9f:d1:1a:b0:01:ab:49:43:75:b1:42:3b:de:f3:93:cc:
fb:a0:15:23:35:94:8c:73:da:2e:ad:b9:d1:38:4d:aa:9c:cb:
46:5d:9e:bb:10:fa:5e:b9:42:b4:87:5e:e2:b6:4c:a1:8b:c6:
9c:53:b3:83:02:ac:b2:7f:26:8f:48:19:e8:08:a1:a4:ed:e7:
dc:21:45:ad:0d:94:88:8e:93:c3:fa:a8:e7:2f:f2:81:64:5f:
f2:7d:48:03:56:2e:c8:fe:9c:19:27:3a:06:bf:e9:c3:07:8b:
2a:31:11:b8:1f:89:84:d6:4d:2e:b0:c3:2b:cc:e6:0e:07:3d:
87:53:a0:51:47:b6:96:25:58:88:43:b6:c3:eb:de:28:3c:64:
46:2d:e3:32:11:cf:43:7d:ce:ef:fa:90:95:4d:31:7d:f8:af:
d2:d0:27:34:79:40:7b:78:24:7e:34:e0:8b:d4:af:e7:d0:f2:
cf:64:0c:71
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUZl1QTldko4lcg2TzNPXWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE4MTUwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IwNjBhNTQ4OWQ2ZWE4YTY4ZjQwMGQ2NGUzMDA1MTRjOTJjMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs77YgIjJo/L1k47wV2V1PP5oMzOL
LO6hna10RQJ6QNmstNH0Yno2kWE5I5Xme7rhqwCymrNqIu2Ejw1xfZ9TGaXbXi57
giuCA2jFAtyBZtxbw52ziayjIXYZrREteqxnHk7PulLsuH609qO9FZ/okH2+5ioj
9qdIp4YAo8j3emHw96RSu0GP3nSxXqXZLYtkz87xzLSAYhZSwyjiLxxtQcBxURaV
Nqpu89WzMDEPPMvIb6C+JRxXo/T7NqkIEZ0E+hDvlT1gr7okdNGmbrqLlooPlaDg
91lbisbtjn+kpY9MTDEEg2gdidy2HCyH1zzqU/cAlyxPNI1i4F9F3l78zQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIewYKVInW6opo9ADWTjAFFMksI3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaDdCZ3BVaWRicWltajBBTlpPTUFVVXlTd2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVGZaofjANBgkqhkiG9w0BAQsFAAOCAQEAOraIO68/sTtcw0iiPUkd5qos
Urt0x2Bf4ela9tDOkyYIvvERLxB33AT5rRg2vwUbbtvpUODwOcGXN2IJ69O0GFMX
FkNaLQJ5sLyf0RqwAatJQ3WxQjve85PM+6AVIzWUjHPaLq250ThNqpzLRl2euxD6
XrlCtIde4rZMoYvGnFOzgwKssn8mj0gZ6AihpO3n3CFFrQ2UiI6Tw/qo5y/ygWRf
8n1IA1YuyP6cGSc6Br/pwweLKjERuB+JhNZNLrDDK8zmDgc9h1OgUUe2liVYiEO2
w+veKDxkRi3jMhHPQ33O7/qQlU0xffiv0tAnNHlAe3gkfjTgi9Sv59Dyz2QMcQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:42:52 2025 by rpki-client