Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r9I9SnJf099N7OVhLzl3rAHLERU.roa
File: r9I9SnJf099N7OVhLzl3rAHLERU.roa (raw, json)
Hash identifier: GHFfa9qp0rqDhN+B8aDm2HE6GafGG0AgOtt+kMRELaE=
Subject key identifier: AF:D2:3D:4A:72:5F:D3:DF:4D:EC:E5:61:2F:39:77:AC:01:CB:11:15
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195888C486609D2CD76999C08AE3C5DC0CC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r9I9SnJf099N7OVhLzl3rAHLERU.roa
Signing time: Wed 12 Mar 2025 04:10:49 +0000
ROA not before: Wed 12 Mar 2025 04:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:88:8c:48:66:09:d2:cd:76:99:9c:08:ae:3c:5d:c0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 04:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afd23d4a725fd3df4dece5612f3977ac01cb1115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:57:b3:d6:94:c7:5d:24:da:52:94:fb:b9:7c:
5f:fd:74:4c:05:2c:b9:c8:92:4f:d4:19:f9:5b:c1:
5d:81:9f:0d:78:0f:36:f5:23:9c:32:ed:f2:f1:82:
77:e9:6c:ba:94:1f:60:b0:b6:6d:ec:1e:37:3b:93:
5f:bc:ad:9f:66:e1:3f:a6:3d:f5:92:de:d2:c6:34:
61:fa:c1:27:cc:a5:4f:77:a1:65:6f:ce:5e:66:16:
93:4b:7f:bb:d5:d8:c7:5a:1d:7a:32:77:11:99:42:
e3:d2:72:46:0f:f1:6f:de:cb:83:fc:98:82:71:75:
04:3c:03:31:3f:ef:d0:ee:6f:35:10:5f:93:c7:03:
6f:a9:87:0f:5b:78:52:b2:8b:17:ed:bd:e0:1c:c5:
84:fa:ea:26:ce:26:5f:25:24:60:a7:61:a5:fc:71:
38:c3:ea:c4:ae:7f:c2:4f:cf:47:46:20:00:9f:95:
d3:b0:7c:2c:39:47:b7:55:60:5a:ff:9e:00:88:d9:
cc:4e:e0:d1:14:d8:92:f7:50:ac:f9:7e:17:70:7c:
48:49:ab:9d:18:23:6f:20:23:30:7d:d8:40:6b:e2:
87:46:8e:43:3f:79:54:e8:48:86:0a:bb:37:17:80:
82:98:ac:d3:f0:26:2e:e7:6a:dd:3c:b0:fd:2c:e8:
e4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D2:3D:4A:72:5F:D3:DF:4D:EC:E5:61:2F:39:77:AC:01:CB:11:15
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/r9I9SnJf099N7OVhLzl3rAHLERU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
1f:72:8b:43:5d:f2:c0:3e:36:06:d9:3e:49:23:85:93:c4:5d:
9c:46:c0:10:66:be:73:6d:f2:11:24:6c:0f:5f:3f:84:4b:6f:
58:16:ce:bd:92:ba:73:6d:c7:05:8c:be:7c:d0:9a:ce:a4:31:
76:ce:86:8b:21:92:9c:3f:3f:29:2f:85:71:1a:b2:fc:3c:56:
c6:2e:8a:fa:6a:dc:fa:b1:2d:94:6b:fb:54:e0:20:0d:fb:55:
a5:07:f8:19:20:48:91:1d:52:eb:8c:f0:1c:36:a1:dd:67:32:
df:d1:56:45:95:93:f0:35:6f:4c:5b:f0:b1:ed:34:1b:a4:ff:
35:61:6e:b5:13:75:62:ff:19:35:34:14:fa:61:6e:56:b6:96:
9f:25:0a:bf:6a:b1:c4:d6:81:46:da:0f:15:d5:0c:77:27:67:
2c:4a:4e:3b:06:e1:c1:d9:b1:64:02:a2:bf:b1:c5:08:af:50:
21:42:0a:7e:56:0b:9f:15:ec:0b:9a:93:a6:51:5f:94:19:d0:
9a:e6:76:f3:5f:f1:2f:79:b4:e3:e2:7a:7a:65:22:17:b6:b6:
1c:e3:19:91:e5:81:c7:9c:b0:03:33:29:4d:f8:80:3a:a1:58:
3c:13:50:bd:ee:54:14:a5:0c:60:ea:d0:6c:51:5c:86:56:bc:
7c:3e:8f:5c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWIjEhmCdLNdpmcCK48XcDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMDQxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmQyM2Q0YTcyNWZkM2RmNGRlY2U1NjEyZjM5NzdhYzAxY2IxMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Fez1pTHXSTaUpT7uXxf/XRMBSy5
yJJP1Bn5W8FdgZ8NeA829SOcMu3y8YJ36Wy6lB9gsLZt7B43O5NfvK2fZuE/pj31
kt7SxjRh+sEnzKVPd6Flb85eZhaTS3+71djHWh16MncRmULj0nJGD/Fv3suD/JiC
cXUEPAMxP+/Q7m81EF+TxwNvqYcPW3hSsosX7b3gHMWE+uomziZfJSRgp2Gl/HE4
w+rErn/CT89HRiAAn5XTsHwsOUe3VWBa/54AiNnMTuDRFNiS91Cs+X4XcHxISaud
GCNvICMwfdhAa+KHRo5DP3lU6EiGCrs3F4CCmKzT8CYu52rdPLD9LOjkZwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFK/SPUpyX9PfTezlYS85d6wByxEVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvcjlJOVNuSmYwOTlON09WaEx6bDNyQUhMRVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAH3KLQ13ywD42Btk+SSOFk8Rd
nEbAEGa+c23yESRsD18/hEtvWBbOvZK6c23HBYy+fNCazqQxds6GiyGSnD8/KS+F
cRqy/DxWxi6K+mrc+rEtlGv7VOAgDftVpQf4GSBIkR1S64zwHDah3Wcy39FWRZWT
8DVvTFvwse00G6T/NWFutRN1Yv8ZNTQU+mFuVraWnyUKv2qxxNaBRtoPFdUMdydn
LEpOOwbhwdmxZAKiv7HFCK9QIUIKflYLnxXsC5qTplFflBnQmuZ281/xL3m04+J6
emUiF7a2HOMZkeWBx5ywAzMpTfiAOqFYPBNQve5UFKUMYOrQbFFchla8fD6PXA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:29:46 2025 by rpki-client