Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h_b3KrZM50i-X5zVyDRqzoXEGvw.roa
File: h_b3KrZM50i-X5zVyDRqzoXEGvw.roa (raw, json)
Hash identifier: 8kgUR3Tg2TiJCim9Y2muoR1shodsAacSLgbBGqDl95M=
Subject key identifier: 87:F6:F7:2A:B6:4C:E7:48:BE:5F:9C:D5:C8:34:6A:CE:85:C4:1A:FC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A3CD843A326EAE55287F055644ED0ADE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h_b3KrZM50i-X5zVyDRqzoXEGvw.roa
Signing time: Mon 17 Mar 2025 11:11:49 +0000
ROA not before: Mon 17 Mar 2025 11:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:cd:84:3a:32:6e:ae:55:28:7f:05:56:44:ed:0a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 17 11:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f6f72ab64ce748be5f9cd5c8346ace85c41afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:de:6b:97:e0:f3:bc:5d:b5:d7:08:a1:99:6d:
94:a0:cf:23:1b:95:0a:ce:25:49:cf:7e:ad:3a:11:
b1:18:6a:52:e5:0b:48:a5:f5:53:ad:97:87:e0:2b:
e9:c5:f7:e0:c5:7f:80:a3:eb:cb:d4:cf:08:80:0c:
99:50:9b:47:5d:af:23:28:86:f9:5e:73:2d:0e:b4:
d2:45:94:25:8f:9e:28:a5:87:b6:26:ee:dd:9b:8f:
e1:11:6c:90:20:80:52:88:04:6c:a3:95:df:71:73:
8d:0e:24:c9:22:f9:bb:77:43:e8:ed:ea:2f:f4:5c:
06:9d:47:0a:50:5f:d9:72:65:89:1d:b4:e5:10:3a:
da:3a:80:6b:13:2e:c0:ca:39:71:34:91:b4:51:86:
a9:f7:2d:53:82:77:76:0b:cc:9f:8e:d1:0e:df:c0:
5b:18:e5:c1:bf:89:68:c3:b7:8d:c1:2a:01:78:4d:
5a:05:30:d2:d7:c0:a5:67:58:7c:f8:61:06:49:15:
49:4c:55:cf:c0:62:f7:cf:83:77:94:36:db:6b:25:
cf:54:2e:5d:33:59:0e:8f:96:75:33:af:84:14:7b:
d6:c2:1f:65:86:c8:be:76:5b:a3:cf:d9:6d:1b:a7:
02:40:5d:6f:4e:30:cd:8f:7e:b0:78:7b:e3:ab:39:
47:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F6:F7:2A:B6:4C:E7:48:BE:5F:9C:D5:C8:34:6A:CE:85:C4:1A:FC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/h_b3KrZM50i-X5zVyDRqzoXEGvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
99:b1:4a:47:70:a0:16:5c:92:12:47:dd:37:46:2f:a1:e3:89:
9d:28:4f:5f:87:c2:87:80:d0:63:53:19:e9:d9:4d:8e:1d:de:
a2:d6:de:56:1b:54:d7:15:05:5e:f9:58:7b:63:9a:8e:96:21:
9e:8e:40:67:bc:c4:50:7d:e3:92:76:3a:58:33:ff:76:d1:70:
ad:95:65:bb:54:7a:cb:26:c7:36:87:ef:d9:28:ee:d3:0a:e6:
ae:58:85:98:59:5f:ea:1b:49:fd:40:fc:c7:9c:63:7e:fb:ed:
d4:8f:d0:82:24:01:f9:78:64:b4:c2:a5:44:a0:d6:62:5e:3f:
c8:76:3e:f6:d1:29:d4:da:07:8d:29:57:ea:ba:0c:a5:03:13:
6b:5a:dc:00:00:d3:84:98:a7:db:d7:89:d9:81:87:1c:7b:ae:
46:97:48:c1:2e:15:51:66:13:68:8f:cd:8f:cf:dd:ad:fb:d9:
89:72:c8:07:ad:01:c0:0d:c1:b8:2a:1b:0c:a4:6a:ae:81:01:
bc:1f:ca:bf:cc:1d:0b:c3:fe:2d:a9:86:69:b2:ef:52:ef:cc:
dc:9d:6b:40:f5:0f:c4:eb:95:d2:bd:4c:bc:93:aa:da:f5:30:
e7:0f:65:7c:c9:72:b8:d9:44:4b:d0:bf:fe:b6:a0:56:71:b0:
f5:34:17:9f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWjzYQ6Mm6uVSh/BVZE7QreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE3MTExMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y2ZjcyYWI2NGNlNzQ4YmU1ZjljZDVjODM0NmFjZTg1YzQxYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7N5rl+DzvF211wihmW2UoM8jG5UK
ziVJz36tOhGxGGpS5QtIpfVTrZeH4CvpxffgxX+Ao+vL1M8IgAyZUJtHXa8jKIb5
XnMtDrTSRZQlj54opYe2Ju7dm4/hEWyQIIBSiARso5XfcXONDiTJIvm7d0Po7eov
9FwGnUcKUF/ZcmWJHbTlEDraOoBrEy7AyjlxNJG0UYap9y1Tgnd2C8yfjtEO38Bb
GOXBv4low7eNwSoBeE1aBTDS18ClZ1h8+GEGSRVJTFXPwGL3z4N3lDbbayXPVC5d
M1kOj5Z1M6+EFHvWwh9lhsi+dlujz9ltG6cCQF1vTjDNj36weHvjqzlHgwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIf29yq2TOdIvl+c1cg0as6FxBr8MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaF9iM0tyWk01MGktWDV6VnlEUnF6b1hFR3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAmbFKR3CgFlySEkfdN0YvoeOJ
nShPX4fCh4DQY1MZ6dlNjh3eotbeVhtU1xUFXvlYe2OajpYhno5AZ7zEUH3jknY6
WDP/dtFwrZVlu1R6yybHNofv2Sju0wrmrliFmFlf6htJ/UD8x5xjfvvt1I/QgiQB
+XhktMKlRKDWYl4/yHY+9tEp1NoHjSlX6roMpQMTa1rcAADThJin29eJ2YGHHHuu
RpdIwS4VUWYTaI/Nj8/drfvZiXLIB60BwA3BuCobDKRqroEBvB/Kv8wdC8P+LamG
abLvUu/M3J1rQPUPxOuV0r1MvJOq2vUw5w9lfMlyuNlES9C//ragVnGw9TQXnw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:58:56 2025 by rpki-client