Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qU7isBs5htdWiTQ28StzHCe5bV4.roa
File: qU7isBs5htdWiTQ28StzHCe5bV4.roa (raw, json)
Hash identifier: uR1UsPyc1D5IQ03FKQeU1u5m8ls1YAOn+NduI9hvOIA=
Subject key identifier: A9:4E:E2:B0:1B:39:86:D7:56:89:34:36:F1:2B:73:1C:27:B9:6D:5E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959D5728C9886B8C51E0F27203254321F7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qU7isBs5htdWiTQ28StzHCe5bV4.roa
Signing time: Sun 16 Mar 2025 05:04:49 +0000
ROA not before: Sun 16 Mar 2025 05:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
2001:67c:64:ffff:0:195:9d57:424/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9d:57:28:c9:88:6b:8c:51:e0:f2:72:03:25:43:21:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 05:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a94ee2b01b3986d756893436f12b731c27b96d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:43:56:5a:d8:da:30:86:3a:7e:c1:62:00:
af:a1:5e:17:6c:b0:d1:ff:ca:3f:4e:4b:e1:8c:94:
b1:a0:93:f9:af:0f:e2:79:fd:66:14:7c:ef:1c:78:
5d:93:f0:5c:3f:7c:db:fc:d7:8e:29:cc:8f:2a:57:
d8:56:52:7f:fa:62:33:88:10:a5:d2:95:b0:86:82:
83:93:e6:6d:35:99:40:f6:26:00:6f:87:b6:1b:06:
3f:56:67:93:ca:1d:00:69:31:cf:b5:52:b0:93:18:
00:fa:dd:b5:bd:f9:94:e6:9c:50:ac:69:75:64:71:
e5:f1:1f:cd:4c:3f:d3:13:ee:06:3c:30:ab:be:bb:
33:ba:31:e4:de:62:9d:b3:0b:5b:27:cb:92:e3:09:
f7:3b:3e:60:93:4f:e5:a3:d1:27:c0:c6:e0:f9:7d:
95:29:1d:c9:8d:4c:cb:b3:1a:0c:89:f8:e9:b9:14:
d0:c3:94:5d:55:5f:43:15:bf:b3:f0:ab:b1:43:74:
9a:70:32:e5:b6:1b:4f:18:7c:3b:28:2f:51:06:ac:
ef:d0:99:d2:e8:36:13:76:23:ff:ad:f6:0e:1c:10:
60:38:a6:dd:f5:b4:87:28:b1:ca:76:d2:18:9c:6f:
d2:27:84:b1:08:cf:5e:ad:f7:86:15:c8:e7:d2:b1:
ea:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4E:E2:B0:1B:39:86:D7:56:89:34:36:F1:2B:73:1C:27:B9:6D:5E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/qU7isBs5htdWiTQ28StzHCe5bV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
2001:67c:64:ffff:0:195:9d57:424/128
Signature Algorithm: sha256WithRSAEncryption
42:54:56:7b:49:6e:e6:0a:ca:e1:9f:bc:ef:09:f7:79:f2:c7:
1c:5e:37:6e:c1:1b:60:9c:60:47:7d:63:1f:b5:b5:84:6f:23:
b6:d4:a9:76:a3:1e:f8:14:83:ca:3b:31:15:c8:b3:14:da:de:
9f:71:58:63:f7:49:4b:d3:ba:68:ed:da:04:fb:63:e0:37:ed:
f4:c5:dd:45:51:74:0c:05:81:ca:47:64:68:3b:7e:88:c2:20:
a6:db:ca:02:c3:38:b4:6f:ef:92:71:90:f8:b2:28:ac:bb:d6:
38:67:6a:a4:b0:a7:6c:4f:e8:8e:f3:28:46:59:d5:9e:a0:1f:
a9:75:4a:14:65:08:0a:76:99:36:fe:0e:c2:11:d0:a1:e0:f3:
7b:b1:4e:1b:44:c1:8a:20:9f:da:33:05:2f:ef:aa:24:c3:7b:
4d:96:93:b7:eb:5c:98:30:be:ae:7e:01:4a:f9:fc:bc:a8:d1:
23:64:a9:60:95:db:95:75:6a:67:15:c2:6c:6c:ca:9e:c2:d0:
46:5e:08:84:7d:10:e8:87:ba:8a:d6:2b:b2:fa:e6:c6:b1:16:
dc:62:7b:f8:9e:67:9c:f2:4b:68:53:de:2b:fa:21:82:cf:0d:
d0:e2:1d:98:93:da:90:b3:ee:d0:8d:86:86:cd:52:d7:ed:69:
3b:85:84:ca
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWdVyjJiGuMUeDycgMlQyH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MDUwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRlZTJiMDFiMzk4NmQ3NTY4OTM0MzZmMTJiNzMxYzI3Yjk2ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhhDVlrY2jCGOn7BYgCvoV4XbLDR
/8o/TkvhjJSxoJP5rw/ief1mFHzvHHhdk/BcP3zb/NeOKcyPKlfYVlJ/+mIziBCl
0pWwhoKDk+ZtNZlA9iYAb4e2GwY/VmeTyh0AaTHPtVKwkxgA+t21vfmU5pxQrGl1
ZHHl8R/NTD/TE+4GPDCrvrszujHk3mKdswtbJ8uS4wn3Oz5gk0/lo9EnwMbg+X2V
KR3JjUzLsxoMifjpuRTQw5RdVV9DFb+z8KuxQ3SacDLlthtPGHw7KC9RBqzv0JnS
6DYTdiP/rfYOHBBgOKbd9bSHKLHKdtIYnG/SJ4SxCM9erfeGFcjn0rHqgwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKlO4rAbOYbXVok0NvErcxwnuW1eMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcVU3aXNCczVodGRXaVRRMjhTdHpIQ2U1YlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGVhs9jDAMRACABBnwAZP//AAABlZ1XBCQwDQYJKoZIhvcNAQELBQADggEB
AEJUVntJbuYKyuGfvO8J93nyxxxeN27BG2CcYEd9Yx+1tYRvI7bUqXajHvgUg8o7
MRXIsxTa3p9xWGP3SUvTumjt2gT7Y+A37fTF3UVRdAwFgcpHZGg7fojCIKbbygLD
OLRv75JxkPiyKKy71jhnaqSwp2xP6I7zKEZZ1Z6gH6l1ShRlCAp2mTb+DsIR0KHg
83uxThtEwYogn9ozBS/vqiTDe02Wk7frXJgwvq5+AUr5/Lyo0SNkqWCV25V1amcV
wmxsyp7C0EZeCIR9EOiHuorWK7L65saxFtxie/ieZ5zyS2hT3iv6IYLPDdDiHZiT
2pCz7tCNhobNUtftaTuFhMo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:26 2025 by rpki-client