Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hrTMJEFPudeGHk1ePJcYOK_shDk.roa
File: hrTMJEFPudeGHk1ePJcYOK_shDk.roa (raw, json)
Hash identifier: izh6bZLKuLF0BWrGpNWTlYbk1n/GTcmKvHS7E7vaLFk=
Subject key identifier: 86:B4:CC:24:41:4F:B9:D7:86:1E:4D:5E:3C:97:18:38:AF:EC:84:39
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01956AEAB04188B7C8751FACA90F1CE4307A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hrTMJEFPudeGHk1ePJcYOK_shDk.roa
Signing time: Thu 06 Mar 2025 10:05:20 +0000
ROA not before: Thu 06 Mar 2025 10:05:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:6ae9:c7e6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:ea:b0:41:88:b7:c8:75:1f:ac:a9:0f:1c:e4:30:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 6 10:05:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86b4cc24414fb9d7861e4d5e3c971838afec8439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d3:4c:7e:25:f6:02:72:03:2e:2a:fb:26:0c:
48:26:42:1a:ed:56:e0:80:60:df:86:71:b4:f3:d7:
a6:3e:5c:de:23:5d:ac:a5:a5:31:70:cc:25:04:d5:
90:e4:46:77:b5:d4:60:f1:34:25:43:ea:ef:60:9b:
ff:09:3a:ca:2d:1b:d6:aa:7f:44:7d:ae:72:51:1e:
77:e1:8d:3d:4f:83:0f:ab:26:db:58:cb:e6:ab:bf:
eb:dc:a5:51:aa:1c:44:be:18:54:19:1f:0e:7a:bd:
d2:02:cb:46:8d:7a:66:ce:92:58:5f:b8:fd:1f:0d:
0e:af:77:95:82:69:c3:b6:37:6e:b1:71:7e:8b:61:
0e:04:1d:a0:aa:8b:eb:5b:f8:4b:b6:68:e5:08:cc:
d7:d2:e6:c5:a4:93:e9:6b:4f:24:38:80:d6:b5:3d:
2b:f6:1d:f1:92:02:b9:bf:f8:da:fc:93:ea:c7:bb:
11:29:ff:31:29:a3:2f:62:d7:22:08:5b:62:f2:5b:
81:0f:d6:5a:66:a0:03:a8:1b:46:90:75:17:b1:7b:
db:40:1c:d3:a8:bb:13:a3:67:33:af:b4:e8:1d:d1:
f8:5d:0e:08:68:7b:2a:d0:be:5f:e8:7d:2e:1a:f9:
4e:9b:04:ef:43:3b:64:13:b2:73:e1:1d:7d:70:92:
89:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B4:CC:24:41:4F:B9:D7:86:1E:4D:5E:3C:97:18:38:AF:EC:84:39
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hrTMJEFPudeGHk1ePJcYOK_shDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:6ae9:c7e6/128
Signature Algorithm: sha256WithRSAEncryption
95:e1:98:88:0e:d5:07:97:11:b7:1e:53:84:0e:58:21:85:6b:
8d:3d:3a:60:b8:42:55:88:39:28:45:ec:d6:6c:f7:75:73:f2:
07:01:6e:bb:51:cc:85:2e:fd:43:b2:c0:4b:bc:93:30:7c:06:
bb:7d:7e:07:62:f0:ff:d9:14:c4:e9:d0:4e:fe:19:d4:66:7a:
ec:1a:4d:e3:01:aa:ad:37:48:d2:34:73:db:c7:c2:5e:ef:68:
06:30:ed:5d:9c:b0:bd:51:a3:1c:33:9f:ce:98:77:c6:11:bc:
59:e4:a4:b9:8d:f4:4c:32:b7:e3:7a:c3:83:33:b1:f0:ac:03:
a4:89:e7:2c:e8:18:9f:9c:2f:4f:8f:e7:6d:75:6b:ff:71:5c:
5f:86:b4:a8:af:4d:b2:6d:c3:27:33:9c:9b:e5:e0:79:d7:df:
71:ae:18:99:19:44:46:5b:d8:a2:d3:d7:20:91:52:c1:1b:13:
81:3c:ef:dc:f7:3d:61:7c:51:ce:c4:2b:88:19:fa:5a:89:d1:
f7:cc:85:00:fb:8e:a3:b8:53:3b:b4:4e:be:87:96:f2:c8:72:
2d:7e:af:91:37:57:19:f5:c4:a6:de:19:d9:f1:4f:17:20:43:
dd:24:a5:c4:b7:24:3a:30:50:e7:43:a9:8d:1b:5e:4b:2c:5f:
cb:f9:a9:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVq6rBBiLfIdR+sqQ8c5DB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA2MTAwNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI0Y2MyNDQxNGZiOWQ3ODYxZTRkNWUzYzk3MTgzOGFmZWM4NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9NMfiX2AnIDLir7JgxIJkIa7Vbg
gGDfhnG089emPlzeI12spaUxcMwlBNWQ5EZ3tdRg8TQlQ+rvYJv/CTrKLRvWqn9E
fa5yUR534Y09T4MPqybbWMvmq7/r3KVRqhxEvhhUGR8Oer3SAstGjXpmzpJYX7j9
Hw0Or3eVgmnDtjdusXF+i2EOBB2gqovrW/hLtmjlCMzX0ubFpJPpa08kOIDWtT0r
9h3xkgK5v/ja/JPqx7sRKf8xKaMvYtciCFti8luBD9ZaZqADqBtGkHUXsXvbQBzT
qLsTo2czr7ToHdH4XQ4IaHsq0L5f6H0uGvlOmwTvQztkE7Jz4R19cJKJ9wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIa0zCRBT7nXhh5NXjyXGDiv7IQ5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaHJUTUpFRlB1ZGVHSGsxZVBKY1lPS19zaERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVaunH5jANBgkqhkiG9w0BAQsFAAOCAQEAleGYiA7VB5cRtx5ThA5YIYVr
jT06YLhCVYg5KEXs1mz3dXPyBwFuu1HMhS79Q7LAS7yTMHwGu31+B2Lw/9kUxOnQ
Tv4Z1GZ67BpN4wGqrTdI0jRz28fCXu9oBjDtXZywvVGjHDOfzph3xhG8WeSkuY30
TDK343rDgzOx8KwDpInnLOgYn5wvT4/nbXVr/3FcX4a0qK9Nsm3DJzOcm+Xgedff
ca4YmRlERlvYotPXIJFSwRsTgTzv3Pc9YXxRzsQriBn6WonR98yFAPuOo7hTO7RO
voeW8shyLX6vkTdXGfXEpt4Z2fFPFyBD3SSlxLckOjBQ50OpjRteSyxfy/mpIA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:19:24 2025 by rpki-client