Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lUmFvfeSWjqjgEe3H58bB0Rnkv8.roa
File: lUmFvfeSWjqjgEe3H58bB0Rnkv8.roa (raw, json)
Hash identifier: Ongf/v30zirgQGqEFRN8iwrGSujjx1rTURSmq29A1ZM=
Subject key identifier: 95:49:85:BD:F7:92:5A:3A:A3:80:47:B7:1F:9F:1B:07:44:67:92:FF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A8BCF1BD81099470E0C6BF8D85BE92F8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lUmFvfeSWjqjgEe3H58bB0Rnkv8.roa
Signing time: Tue 18 Mar 2025 10:11:49 +0000
ROA not before: Tue 18 Mar 2025 10:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:bc:f1:bd:81:09:94:70:e0:c6:bf:8d:85:be:92:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 18 10:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=954985bdf7925a3aa38047b71f9f1b07446792ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:c9:96:29:08:85:3b:f6:9e:9e:ce:e0:6a:
fd:e6:65:9c:24:06:41:e2:e2:46:b3:36:d8:2c:85:
3f:91:5b:30:20:46:0b:a8:6d:bd:08:31:c7:e7:aa:
04:27:41:9f:94:67:50:48:ac:b8:e2:bf:cc:b0:12:
18:ab:c0:16:7d:24:bd:c6:cf:d5:b5:39:ba:77:ff:
d5:a9:80:ba:fe:40:94:e3:fc:f5:d7:c7:66:e5:6e:
60:97:b2:20:29:9e:ca:43:9c:55:61:3e:c8:05:55:
2c:41:78:73:e9:5a:8f:3a:d2:0f:cd:1d:02:fd:11:
b5:70:7a:90:44:cd:3d:b9:87:75:65:b3:ff:8b:e3:
c3:d2:c9:a0:b1:03:fc:49:05:d8:3b:c9:11:54:57:
e2:74:e7:b0:c7:31:b2:25:25:c9:e7:76:ed:51:ab:
5c:cc:ca:6e:c9:18:63:39:68:88:09:9b:78:ad:91:
c9:f6:a4:5b:e1:4c:d2:6c:c1:37:19:fe:93:d7:38:
7c:f0:5c:9b:a6:ef:1d:3e:49:3c:43:9c:03:ba:13:
a7:6c:61:e1:cb:96:1d:20:6e:39:f8:51:dc:86:d6:
d3:0a:97:51:03:96:bf:ad:c3:c2:97:b6:f8:78:d8:
65:5b:87:96:4c:81:ac:2e:47:e5:c9:7e:f9:26:9c:
a2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:49:85:BD:F7:92:5A:3A:A3:80:47:B7:1F:9F:1B:07:44:67:92:FF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lUmFvfeSWjqjgEe3H58bB0Rnkv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
37:6d:11:90:37:68:df:48:83:0f:cd:76:da:eb:8f:d8:17:4d:
bb:ea:72:04:97:9f:fd:86:90:26:93:c0:fe:a1:76:cb:21:cb:
e2:57:34:b1:98:d5:90:37:86:87:fa:5b:8f:15:bc:c5:14:af:
03:d6:cf:62:ab:13:82:94:ff:73:c8:31:a9:df:70:39:21:e9:
21:8f:ce:57:3d:61:71:24:6f:44:81:aa:1f:10:6c:0b:b0:0c:
f9:91:0b:22:be:c9:84:de:6e:3d:66:1a:35:b5:0b:12:74:86:
27:44:c0:95:f3:2b:ed:82:04:ed:57:68:47:9d:8a:c0:ab:9c:
0d:f7:05:ed:2b:c5:d9:cf:87:64:0a:4f:88:e5:0f:67:7d:e6:
d8:38:4e:21:4d:ba:ea:1c:86:2a:88:2c:4c:7d:0b:d7:4d:77:
e8:d9:2c:22:38:5c:44:c7:69:8a:8f:09:5b:28:8f:4e:c6:0e:
c9:97:27:dd:fb:69:1a:5e:1e:16:7e:6e:65:97:58:73:2a:af:
06:c4:ca:f0:6b:43:aa:76:06:c4:24:8f:6f:c5:d9:e5:c2:29:
b9:c6:da:bf:c5:df:b9:28:83:23:6d:8a:aa:fa:ee:30:db:90:
ce:85:ee:1b:f2:b2:5c:2d:90:25:1a:00:4d:d2:90:9d:a9:ce:
fb:73:94:9b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWovPG9gQmUcODGv42FvpL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE4MTAxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ5ODViZGY3OTI1YTNhYTM4MDQ3YjcxZjlmMWIwNzQ0Njc5MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXvJlikIhTv2np7O4Gr95mWcJAZB
4uJGszbYLIU/kVswIEYLqG29CDHH56oEJ0GflGdQSKy44r/MsBIYq8AWfSS9xs/V
tTm6d//VqYC6/kCU4/z118dm5W5gl7IgKZ7KQ5xVYT7IBVUsQXhz6VqPOtIPzR0C
/RG1cHqQRM09uYd1ZbP/i+PD0smgsQP8SQXYO8kRVFfidOewxzGyJSXJ53btUatc
zMpuyRhjOWiICZt4rZHJ9qRb4UzSbME3Gf6T1zh88Fybpu8dPkk8Q5wDuhOnbGHh
y5YdIG45+FHchtbTCpdRA5a/rcPCl7b4eNhlW4eWTIGsLkflyX75Jpyi6wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJVJhb33klo6o4BHtx+fGwdEZ5L/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbFVtRnZmZVNXanFqZ0VlM0g1OGJCMFJua3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAN20RkDdo30iDD8122uuP2BdN
u+pyBJef/YaQJpPA/qF2yyHL4lc0sZjVkDeGh/pbjxW8xRSvA9bPYqsTgpT/c8gx
qd9wOSHpIY/OVz1hcSRvRIGqHxBsC7AM+ZELIr7JhN5uPWYaNbULEnSGJ0TAlfMr
7YIE7VdoR52KwKucDfcF7SvF2c+HZApPiOUPZ33m2DhOIU266hyGKogsTH0L1013
6NksIjhcRMdpio8JWyiPTsYOyZcn3ftpGl4eFn5uZZdYcyqvBsTK8GtDqnYGxCSP
b8XZ5cIpucbav8XfuSiDI22KqvruMNuQzoXuG/KyXC2QJRoATdKQnanO+3OUmw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:15:16 2025 by rpki-client