Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o1hx9l1yTfcNwzBch6VKrl2p8s8.roa
File: o1hx9l1yTfcNwzBch6VKrl2p8s8.roa (raw, json)
Hash identifier: 6m4t+dKopbbjY+Slwupq5i46cQP6mJDwANE/Lk3p3aM=
Subject key identifier: A3:58:71:F6:5D:72:4D:F7:0D:C3:30:5C:87:A5:4A:AE:5D:A9:F2:CF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0193B977E42EB58DD45219FB9DFC072A6959
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o1hx9l1yTfcNwzBch6VKrl2p8s8.roa
Signing time: Thu 12 Dec 2024 06:04:22 +0000
ROA not before: Thu 12 Dec 2024 06:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:193:b977:d129/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:77:e4:2e:b5:8d:d4:52:19:fb:9d:fc:07:2a:69:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Dec 12 06:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a35871f65d724df70dc3305c87a54aae5da9f2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:35:0d:af:c1:22:02:99:08:12:e8:ff:47:
02:da:e2:42:f1:11:23:ba:48:e2:3c:bb:e0:f4:ae:
71:fd:91:cd:d2:9c:a3:27:d9:36:c6:b4:45:13:c9:
24:8d:d5:44:66:7b:d7:91:8c:04:c7:01:12:02:8f:
9f:96:28:7a:e6:65:dc:ef:2e:bc:77:45:86:8d:dd:
e8:ff:e8:9c:70:04:b6:de:f7:f7:ab:2b:b4:e3:05:
56:1e:5e:4f:33:96:8b:64:dc:e9:b0:d8:0e:75:5d:
d8:73:9b:f3:2e:61:f9:ca:f4:37:f8:ed:81:89:b7:
ad:9f:74:46:99:9f:08:7f:0a:96:34:6d:78:73:3a:
7f:77:d7:f7:4a:77:9e:df:b8:22:e3:04:6c:12:26:
f7:82:91:a2:33:cd:b8:74:e3:e2:93:38:f9:e4:4b:
f9:87:51:b0:11:41:a7:88:dc:05:58:d5:86:82:90:
a1:b4:3e:bd:53:b3:6b:71:ba:ea:61:c5:c2:82:4b:
d5:25:51:88:22:56:8b:75:3b:f3:f7:8e:9c:cf:a2:
3e:68:af:81:f8:9a:56:c2:9a:e9:7a:3e:96:fd:a7:
d8:24:c2:0d:8d:87:4c:17:b8:74:3e:59:db:69:22:
bc:3f:f3:7a:a0:66:cb:e2:2b:78:c9:2f:e3:8a:9d:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:58:71:F6:5D:72:4D:F7:0D:C3:30:5C:87:A5:4A:AE:5D:A9:F2:CF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/o1hx9l1yTfcNwzBch6VKrl2p8s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:193:b977:d129/128
Signature Algorithm: sha256WithRSAEncryption
3d:db:bd:8b:32:a3:e8:30:28:52:80:c1:ce:fd:0a:a7:54:16:
70:01:6b:bd:bf:1a:bb:97:d5:0e:01:56:ba:0e:fd:67:5b:ba:
55:dc:d0:0c:44:e9:74:cb:1f:2c:c7:2a:42:8f:d4:a8:01:e1:
60:e2:c8:1b:ad:33:a2:72:e9:d7:f3:9d:22:88:2f:74:9c:a4:
7d:91:f1:a2:aa:d7:f4:99:87:92:8b:55:24:7f:bd:16:d1:80:
76:c3:3a:2f:af:ba:59:39:10:a0:a8:89:08:64:64:0d:f6:88:
f7:2e:aa:e9:d7:58:72:48:1b:5d:86:58:e6:fa:bd:e6:42:0b:
63:fe:44:d0:aa:ee:79:90:e4:5b:bf:1a:04:e0:6a:94:e4:6f:
91:06:41:38:fc:32:cc:7a:5c:ad:73:98:2d:cd:e2:ef:85:24:
f9:b7:ad:17:01:34:17:9f:28:f3:e2:f4:1b:e4:b8:7d:3c:48:
5f:25:5e:0e:81:08:6e:3f:64:e3:a3:4c:19:40:ce:6a:62:1d:
48:3f:6b:b3:ff:0d:e9:8e:1a:d0:23:62:8a:6e:3d:7e:c1:3a:
a1:71:16:2e:5f:cc:9a:6b:b1:00:e9:64:29:f9:66:4b:b2:5a:
5a:fb:38:22:14:11:ce:9c:ab:66:d3:d1:7d:a1:44:8f:86:59:
09:b5:aa:f7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZO5d+QutY3UUhn7nfwHKmlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMjEyMDYwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU4NzFmNjVkNzI0ZGY3MGRjMzMwNWM4N2E1NGFhZTVkYTlmMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9A1Da/BIgKZCBLo/0cC2uJC8REj
ukjiPLvg9K5x/ZHN0pyjJ9k2xrRFE8kkjdVEZnvXkYwExwESAo+flih65mXc7y68
d0WGjd3o/+iccAS23vf3qyu04wVWHl5PM5aLZNzpsNgOdV3Yc5vzLmH5yvQ3+O2B
ibetn3RGmZ8IfwqWNG14czp/d9f3Snee37gi4wRsEib3gpGiM824dOPikzj55Ev5
h1GwEUGniNwFWNWGgpChtD69U7NrcbrqYcXCgkvVJVGIIlaLdTvz946cz6I+aK+B
+JpWwprpej6W/afYJMINjYdMF7h0PlnbaSK8P/N6oGbL4it4yS/jip0bXwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKNYcfZdck33DcMwXIelSq5dqfLPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbzFoeDlsMXlUZmNOd3pCY2g2VktybDJwOHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGTuXfRKTANBgkqhkiG9w0BAQsFAAOCAQEAPdu9izKj6DAoUoDBzv0Kp1QW
cAFrvb8au5fVDgFWug79Z1u6VdzQDETpdMsfLMcqQo/UqAHhYOLIG60zonLp1/Od
IogvdJykfZHxoqrX9JmHkotVJH+9FtGAdsM6L6+6WTkQoKiJCGRkDfaI9y6q6ddY
ckgbXYZY5vq95kILY/5E0KrueZDkW78aBOBqlORvkQZBOPwyzHpcrXOYLc3i74Uk
+betFwE0F58o8+L0G+S4fTxIXyVeDoEIbj9k46NMGUDOamIdSD9rs/8N6Y4a0CNi
im49fsE6oXEWLl/MmmuxAOlkKflmS7JaWvs4IhQRzpyrZtPRfaFEj4ZZCbWq9w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:06:15 2025 by rpki-client