Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ldobqlfSfpRm0uS0GUaMeWqpLcs.roa
File: ldobqlfSfpRm0uS0GUaMeWqpLcs.roa (raw, json)
Hash identifier: KrKn6WBc4zo3lbghu9wLtlRnU6REbffMEoFK3MFNl20=
Subject key identifier: 95:DA:1B:AA:57:D2:7E:94:66:D2:E4:B4:19:46:8C:79:6A:A9:2D:CB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019593EBAB0B2FF2EC857DF543D1A075CA44
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ldobqlfSfpRm0uS0GUaMeWqpLcs.roa
Signing time: Fri 14 Mar 2025 09:10:50 +0000
ROA not before: Fri 14 Mar 2025 09:10:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:eb:ab:0b:2f:f2:ec:85:7d:f5:43:d1:a0:75:ca:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 14 09:10:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95da1baa57d27e9466d2e4b419468c796aa92dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d3:4f:18:13:93:4e:79:13:0d:03:8e:90:9b:
4e:88:90:16:a8:99:a3:aa:d5:f0:f7:00:0a:af:b8:
9f:0f:a7:dd:ce:dc:a6:98:09:76:87:4e:0d:d3:aa:
dd:50:02:93:83:97:31:a7:80:e2:43:8b:53:9c:95:
9c:67:e2:79:9b:2e:07:be:48:8a:a9:e8:07:98:76:
af:36:59:b5:de:2e:ce:45:8d:4d:5f:14:77:56:a3:
91:df:99:0a:0c:01:24:7c:95:3b:9a:a0:c2:6f:f8:
a6:63:b4:60:ae:17:b0:2b:c5:4b:c4:66:b6:ff:be:
ab:08:bb:63:33:45:a2:e7:83:db:12:2d:8e:68:45:
66:70:f1:67:5b:3e:a0:42:54:82:58:e0:49:b4:e7:
7b:12:50:ba:c5:c0:2e:70:f7:19:34:3f:41:e1:73:
f9:f9:05:c4:2c:eb:72:2c:7a:32:a9:c0:3f:7f:1c:
eb:e4:3b:4c:04:2f:a3:93:17:70:2f:16:e6:22:95:
66:e2:ac:53:03:95:a6:c4:df:7c:25:5c:ad:f1:95:
f3:3a:84:dd:ec:60:61:a0:35:2b:48:ce:8a:bf:80:
39:e1:36:70:1e:91:b6:07:3b:6f:16:80:44:c7:51:
29:34:58:22:d3:4e:df:da:f6:9f:19:d4:7c:b3:e3:
af:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DA:1B:AA:57:D2:7E:94:66:D2:E4:B4:19:46:8C:79:6A:A9:2D:CB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/ldobqlfSfpRm0uS0GUaMeWqpLcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
1b:f3:c3:6c:bb:5d:81:f4:f7:8d:e6:fc:f4:e1:06:de:99:37:
3b:8c:0b:37:f0:24:48:df:1a:01:69:fc:74:9e:85:87:36:d9:
95:bc:76:ab:63:e5:a3:8f:aa:d4:55:40:8b:82:00:28:22:a8:
41:32:b9:3d:07:3a:46:b8:55:94:41:8a:a8:c0:ff:b7:96:b6:
ab:6a:51:4b:96:43:f7:94:4a:1c:85:22:b8:d8:07:8c:53:1c:
cd:89:20:ec:ac:7d:c8:5d:82:25:3a:85:fa:78:56:8e:ae:87:
78:83:5c:6a:dd:2e:01:aa:b7:71:c4:3e:f0:5b:b5:8b:01:bf:
39:2e:6b:07:73:b1:9f:e5:b8:1d:41:e4:0e:f2:2d:b8:b8:ac:
f2:42:db:9c:1f:62:e0:b0:eb:1b:e5:9b:d9:93:b2:28:02:e8:
f4:47:f7:10:2c:b3:46:4b:ab:99:42:6a:43:5a:66:50:ee:55:
fa:94:86:07:81:a6:86:7e:c0:8f:e4:70:6c:f1:38:32:85:c5:
4c:45:ae:ae:de:ab:b0:80:0d:88:76:0c:17:09:e7:fe:c4:d8:
12:d2:e1:d6:7f:17:81:19:97:4b:9d:61:ea:bf:dd:d0:56:a9:
74:71:73:48:e6:d9:44:dd:14:d4:1f:59:b4:6f:c1:61:1d:ca:
c0:85:b0:20
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWT66sLL/LshX31Q9GgdcpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE0MDkxMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRhMWJhYTU3ZDI3ZTk0NjZkMmU0YjQxOTQ2OGM3OTZhYTkyZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodNPGBOTTnkTDQOOkJtOiJAWqJmj
qtXw9wAKr7ifD6fdztymmAl2h04N06rdUAKTg5cxp4DiQ4tTnJWcZ+J5my4HvkiK
qegHmHavNlm13i7ORY1NXxR3VqOR35kKDAEkfJU7mqDCb/imY7RgrhewK8VLxGa2
/76rCLtjM0Wi54PbEi2OaEVmcPFnWz6gQlSCWOBJtOd7ElC6xcAucPcZND9B4XP5
+QXELOtyLHoyqcA/fxzr5DtMBC+jkxdwLxbmIpVm4qxTA5WmxN98JVyt8ZXzOoTd
7GBhoDUrSM6Kv4A54TZwHpG2BztvFoBEx1EpNFgi007f2vafGdR8s+OvawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJXaG6pX0n6UZtLktBlGjHlqqS3LMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbGRvYnFsZlNmcFJtMHVTMEdVYU1lV3FwTGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAG/PDbLtdgfT3jeb89OEG3pk3
O4wLN/AkSN8aAWn8dJ6FhzbZlbx2q2Plo4+q1FVAi4IAKCKoQTK5PQc6RrhVlEGK
qMD/t5a2q2pRS5ZD95RKHIUiuNgHjFMczYkg7Kx9yF2CJTqF+nhWjq6HeINcat0u
Aaq3ccQ+8Fu1iwG/OS5rB3Oxn+W4HUHkDvItuLis8kLbnB9i4LDrG+Wb2ZOyKALo
9Ef3ECyzRkurmUJqQ1pmUO5V+pSGB4Gmhn7Aj+RwbPE4MoXFTEWurt6rsIANiHYM
Fwnn/sTYEtLh1n8XgRmXS51h6r/d0FapdHFzSObZRN0U1B9ZtG/BYR3KwIWwIA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:08 2025 by rpki-client