Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j2tKYRImICO1ROtvYNBeLUOE6gU.roa
File: j2tKYRImICO1ROtvYNBeLUOE6gU.roa (raw, json)
Hash identifier: 5tfjnvDnmhblda6GJaiVRnt+8fB8EoH8Pp5bFkR5LgU=
Subject key identifier: 8F:6B:4A:61:12:26:20:23:B5:44:EB:6F:60:D0:5E:2D:43:84:EA:05
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195926CF8258E537D0D4AF255D42617A904
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j2tKYRImICO1ROtvYNBeLUOE6gU.roa
Signing time: Fri 14 Mar 2025 02:12:49 +0000
ROA not before: Fri 14 Mar 2025 02:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:92:6c:f8:25:8e:53:7d:0d:4a:f2:55:d4:26:17:a9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 02:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f6b4a6112262023b544eb6f60d05e2d4384ea05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ac:9e:ab:4e:f6:81:14:99:54:82:66:ed:77:
e7:96:22:5c:bb:07:3f:46:68:c1:13:4c:3f:8b:94:
74:48:2c:7d:ec:2e:d6:d6:ea:3a:93:b6:55:04:2c:
99:f5:18:cb:c4:6e:44:f4:7c:b6:06:68:e4:04:3e:
24:fc:0a:d7:a3:77:df:65:89:92:f2:05:75:51:90:
33:d3:0d:25:5d:28:de:c5:2e:82:af:01:da:ca:a3:
b0:11:dd:8f:49:9c:c7:49:7e:af:a5:9a:39:79:27:
7d:21:2b:d1:93:63:48:8a:bf:fa:52:46:35:b2:d4:
de:eb:81:a9:5e:90:78:8d:4f:f1:37:7f:1f:04:4e:
3b:b5:84:93:2e:89:7f:77:c3:b5:3b:9f:5a:1b:65:
ba:f9:f6:a3:2f:0b:87:da:3f:59:03:28:44:06:59:
5d:17:b0:bc:50:29:8c:5b:6b:ff:90:47:ca:19:6c:
29:c8:65:b3:9f:58:78:35:74:af:d3:82:fa:1e:c7:
aa:2e:22:f1:c9:b7:b0:6e:a9:6d:ad:7b:3e:11:9d:
a0:35:71:31:82:a0:cd:df:03:25:10:aa:5a:0f:4a:
6c:41:b2:44:d8:03:f4:59:ce:c8:7a:42:b1:27:da:
d4:13:fa:72:c9:2e:ab:94:7d:fb:1b:1a:52:7c:86:
20:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6B:4A:61:12:26:20:23:B5:44:EB:6F:60:D0:5E:2D:43:84:EA:05
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/j2tKYRImICO1ROtvYNBeLUOE6gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
3f:c6:53:35:5f:b3:53:7b:8b:6a:cc:d4:29:5c:46:c6:4f:88:
c6:1f:26:c6:f5:62:21:21:59:3e:5b:dc:96:34:7a:d0:05:b1:
e2:5a:f5:99:cb:8d:7a:d5:5d:68:15:23:94:08:bd:5b:e3:6c:
39:34:a6:88:39:9e:52:24:3f:7d:6e:6e:9f:44:96:32:8b:6b:
30:ad:62:d6:92:a5:78:5d:98:64:57:ce:fc:08:9b:59:91:03:
14:02:c1:22:46:d0:dc:cc:ac:01:0a:2f:8f:db:98:99:e7:ec:
b0:43:07:f9:0c:87:45:e7:03:44:a7:3b:3b:bd:30:84:1c:08:
8c:ed:4f:d2:a5:b9:6f:f8:dc:6d:30:c6:ae:d9:9b:f6:3f:8c:
5f:4f:56:d4:8c:cc:00:f3:d8:93:e1:76:e7:5a:8e:f1:4e:46:
fc:c7:5c:e4:ba:55:26:25:67:94:c9:5a:29:37:cb:78:db:b1:
30:71:5b:43:55:4a:6c:5e:33:a0:9f:26:29:3b:be:7e:8a:05:
bd:1c:7d:be:57:9c:f7:eb:bb:e9:cc:90:ee:59:60:04:fc:e8:
44:5f:e2:47:11:bd:0c:30:b5:21:9d:1f:58:8e:fb:62:25:46:
73:6b:af:e1:af:d3:85:5d:c6:ef:56:2b:ef:a2:4a:41:f5:56:
92:22:f4:8b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWSbPgljlN9DUryVdQmF6kEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MDIxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZiNGE2MTEyMjYyMDIzYjU0NGViNmY2MGQwNWUyZDQzODRlYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqyeq072gRSZVIJm7XfnliJcuwc/
RmjBE0w/i5R0SCx97C7W1uo6k7ZVBCyZ9RjLxG5E9Hy2BmjkBD4k/ArXo3ffZYmS
8gV1UZAz0w0lXSjexS6CrwHayqOwEd2PSZzHSX6vpZo5eSd9ISvRk2NIir/6UkY1
stTe64GpXpB4jU/xN38fBE47tYSTLol/d8O1O59aG2W6+fajLwuH2j9ZAyhEBlld
F7C8UCmMW2v/kEfKGWwpyGWzn1h4NXSv04L6HseqLiLxybewbqltrXs+EZ2gNXEx
gqDN3wMlEKpaD0psQbJE2AP0Wc7IekKxJ9rUE/pyyS6rlH37GxpSfIYgMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI9rSmESJiAjtUTrb2DQXi1DhOoFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvajJ0S1lSSW1JQ08xUk90dllOQmVMVU9FNmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAP8ZTNV+zU3uLaszUKVxGxk+I
xh8mxvViISFZPlvcljR60AWx4lr1mcuNetVdaBUjlAi9W+NsOTSmiDmeUiQ/fW5u
n0SWMotrMK1i1pKleF2YZFfO/AibWZEDFALBIkbQ3MysAQovj9uYmefssEMH+QyH
RecDRKc7O70whBwIjO1P0qW5b/jcbTDGrtmb9j+MX09W1IzMAPPYk+F251qO8U5G
/Mdc5LpVJiVnlMlaKTfLeNuxMHFbQ1VKbF4zoJ8mKTu+fooFvRx9vlec9+u76cyQ
7llgBPzoRF/iRxG9DDC1IZ0fWI77YiVGc2uv4a/ThV3G71Yr76JKQfVWkiL0iw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:47 2025 by rpki-client