Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jLHBl6-s4NYvDNAMak4Qj9GkKP8.roa
File: jLHBl6-s4NYvDNAMak4Qj9GkKP8.roa (raw, json)
Hash identifier: VR/YDNuLn3TQM2eIjaOipKen5/ALks7NOlHpP6lHlmQ=
Subject key identifier: 8C:B1:C1:97:AF:AC:E0:D6:2F:0C:D0:0C:6A:4E:10:8F:D1:A4:28:FF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019503EB3CDA68F376674EA59E770C274D22
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jLHBl6-s4NYvDNAMak4Qj9GkKP8.roa
Signing time: Fri 14 Feb 2025 10:05:02 +0000
ROA not before: Fri 14 Feb 2025 10:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:3eb:c06/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:eb:3c:da:68:f3:76:67:4e:a5:9e:77:0c:27:4d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 14 10:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cb1c197aface0d62f0cd00c6a4e108fd1a428ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ec:89:53:dd:d6:67:ec:bc:7b:46:27:d5:de:
58:33:d7:d3:24:f2:48:c4:f3:ed:4f:ee:af:47:2d:
b5:23:4c:e6:19:49:28:03:56:03:25:15:af:26:b5:
7e:dd:02:a8:01:aa:19:23:1a:9d:8d:d9:96:e3:97:
d4:76:5b:08:53:92:5d:fe:15:62:da:3a:f0:41:49:
a7:b8:6e:51:85:a2:d2:3d:a6:30:5c:f0:3a:23:24:
f7:4b:ba:4c:a2:2d:6c:41:dd:08:ac:95:f3:34:d4:
51:50:fe:b2:a2:b7:ed:c0:9a:4e:55:8f:d5:af:a4:
46:6d:89:e3:62:b9:74:35:f1:cb:d8:57:fc:8f:ff:
5c:6a:a7:f1:52:f1:4c:46:49:60:63:c1:c6:86:2a:
18:c1:dc:e0:51:9d:3c:b0:b0:21:a8:ec:8b:c1:71:
9a:2b:d6:15:62:d0:61:97:df:f6:a7:8a:05:4a:4f:
e7:cc:ec:a4:02:e8:a1:56:81:df:8d:95:cd:e9:b9:
f6:3f:af:56:5d:5c:c9:d0:68:81:7c:df:6a:0d:0d:
89:a7:37:eb:f4:98:02:5b:07:2a:c0:7d:1c:0a:b9:
57:6f:f7:7f:26:1b:10:0b:2f:22:0b:0e:a0:cf:9f:
91:42:1e:4e:03:5a:15:d1:03:3f:8c:1a:e6:f9:b6:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B1:C1:97:AF:AC:E0:D6:2F:0C:D0:0C:6A:4E:10:8F:D1:A4:28:FF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jLHBl6-s4NYvDNAMak4Qj9GkKP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:3eb:c06/128
Signature Algorithm: sha256WithRSAEncryption
20:bc:fc:0b:37:85:82:f8:55:d4:93:fc:e1:6f:2c:00:2f:cd:
85:a7:c2:32:80:0b:f3:95:c1:33:c6:81:c2:5e:6b:c7:3d:c5:
bc:fd:78:3a:54:7d:16:4c:dc:d4:2f:66:9d:0c:9c:d1:7f:33:
0f:08:10:50:6d:9e:9e:46:a9:a7:16:18:e2:04:14:da:43:ee:
ac:c0:9c:b8:02:7c:a8:49:74:c4:24:af:53:2f:e1:f8:b3:a9:
81:8e:cd:87:f7:cd:ef:fa:03:28:0d:da:5d:03:ad:f0:fd:d7:
d7:d1:07:11:91:ad:3c:c4:87:d6:0c:11:5b:cf:a0:46:e6:3f:
72:1c:f1:b4:bd:b4:f5:5c:fb:42:0f:f2:66:bf:10:b7:60:b6:
cb:80:24:63:6b:97:19:65:76:43:8b:2a:11:aa:a7:16:8c:95:
90:5a:c9:05:0e:69:a0:0e:44:62:47:72:24:f6:17:f8:af:a2:
88:64:26:49:3b:58:fd:54:3c:f5:2a:f3:87:96:45:d5:45:ce:
3b:5d:7a:c2:b7:e6:61:36:75:d1:ab:df:01:69:bb:8f:44:2f:
bb:ca:f3:26:84:8b:34:78:0e:b2:96:91:78:5d:ea:2c:92:03:
4b:37:6f:b7:6b:d1:f2:70:42:66:55:df:93:b0:0d:64:a6:d0:
9d:6c:f8:93
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUD6zzaaPN2Z06lnncMJ00iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE0MTAwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2IxYzE5N2FmYWNlMGQ2MmYwY2QwMGM2YTRlMTA4ZmQxYTQyOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OyJU93WZ+y8e0Yn1d5YM9fTJPJI
xPPtT+6vRy21I0zmGUkoA1YDJRWvJrV+3QKoAaoZIxqdjdmW45fUdlsIU5Jd/hVi
2jrwQUmnuG5RhaLSPaYwXPA6IyT3S7pMoi1sQd0IrJXzNNRRUP6yorftwJpOVY/V
r6RGbYnjYrl0NfHL2Ff8j/9caqfxUvFMRklgY8HGhioYwdzgUZ08sLAhqOyLwXGa
K9YVYtBhl9/2p4oFSk/nzOykAuihVoHfjZXN6bn2P69WXVzJ0GiBfN9qDQ2Jpzfr
9JgCWwcqwH0cCrlXb/d/JhsQCy8iCw6gz5+RQh5OA1oV0QM/jBrm+bbyfwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIyxwZevrODWLwzQDGpOEI/RpCj/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvakxIQmw2LXM0Tll2RE5BTWFrNFFqOUdrS1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVA+sMBjANBgkqhkiG9w0BAQsFAAOCAQEAILz8CzeFgvhV1JP84W8sAC/N
hafCMoAL85XBM8aBwl5rxz3FvP14OlR9Fkzc1C9mnQyc0X8zDwgQUG2enkappxYY
4gQU2kPurMCcuAJ8qEl0xCSvUy/h+LOpgY7Nh/fN7/oDKA3aXQOt8P3X19EHEZGt
PMSH1gwRW8+gRuY/chzxtL209Vz7Qg/yZr8Qt2C2y4AkY2uXGWV2Q4sqEaqnFoyV
kFrJBQ5poA5EYkdyJPYX+K+iiGQmSTtY/VQ89Srzh5ZF1UXOO116wrfmYTZ10avf
AWm7j0Qvu8rzJoSLNHgOspaReF3qLJIDSzdvt2vR8nBCZlXfk7ANZKbQnWz4kw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:15:07 2025 by rpki-client