Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sHIuqIX9zMM0tdLoDusR6riKqtE.roa
File: sHIuqIX9zMM0tdLoDusR6riKqtE.roa (raw, json)
Hash identifier: tmj5WoCyuoiH72irC/cWepKmPfomJVAR1eZxSTyRLrY=
Subject key identifier: B0:72:2E:A8:85:FD:CC:C3:34:B5:D2:E8:0E:EB:11:EA:B8:8A:AA:D1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943517C9B565392A75A7C1BB60C124E7D7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sHIuqIX9zMM0tdLoDusR6riKqtE.roa
Signing time: Sun 05 Jan 2025 06:12:18 +0000
ROA not before: Sun 05 Jan 2025 06:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:17:c9:b5:65:39:2a:75:a7:c1:bb:60:c1:24:e7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 5 06:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0722ea885fdccc334b5d2e80eeb11eab88aaad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f1:32:39:05:7f:53:df:c9:4e:2a:09:5f:af:
bb:c0:4f:b4:60:57:07:cf:d7:7a:8e:83:e9:94:80:
8e:c1:80:6f:99:98:f9:df:cd:20:fb:f7:f1:17:05:
bd:42:3a:63:1a:4d:63:82:89:54:8a:ff:ce:09:31:
93:2b:aa:df:97:a0:1d:82:83:1f:d2:9d:aa:7d:eb:
be:76:c2:8b:fa:7e:bc:66:f9:b5:66:a4:84:1f:b0:
b5:ec:4c:20:c1:97:de:ce:d5:18:8b:c2:ed:d5:d9:
a0:6a:81:95:c9:c4:3b:4e:da:a7:2c:20:6d:e0:78:
91:9c:d0:7a:cf:8e:93:80:c3:f4:e6:96:b4:48:65:
53:3d:67:f2:d2:5b:76:22:ed:db:b9:76:c8:03:34:
b5:ea:c8:97:f6:88:46:ab:ac:81:7d:e4:65:e3:54:
dd:bd:09:56:d2:b9:7d:ce:7e:2c:fe:f5:0f:18:a6:
e9:0c:ad:9e:48:8b:7e:1d:9f:1c:8b:3e:be:e9:12:
40:e4:27:f8:6d:49:f7:bf:8a:de:f4:8a:07:87:ef:
a9:c3:8c:8c:cc:4f:50:d3:1b:76:6b:59:c0:18:b1:
4f:a5:53:40:6b:c2:21:a6:d8:27:c4:be:88:4e:78:
4e:a5:12:75:f7:6c:d4:32:44:13:b8:37:23:48:12:
78:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:72:2E:A8:85:FD:CC:C3:34:B5:D2:E8:0E:EB:11:EA:B8:8A:AA:D1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/sHIuqIX9zMM0tdLoDusR6riKqtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
40:d8:6a:71:72:e7:e9:d2:4a:d8:14:6a:7f:8c:6a:d2:ca:39:
67:82:e8:85:af:6e:80:62:35:e9:1b:e1:fe:21:10:94:11:cb:
52:64:3a:2f:f8:e5:73:cd:8b:3e:b9:5e:80:d3:c5:19:d6:27:
08:29:a7:f1:91:99:13:ca:c6:45:2b:eb:4c:97:78:60:9f:56:
9d:84:14:e7:00:3d:a6:09:03:45:e1:50:38:70:89:14:b7:2b:
10:00:51:e3:22:5f:8d:b6:35:d7:4b:e0:dc:58:ac:65:c1:23:
03:57:aa:bd:b9:0b:f2:b9:13:88:64:08:6f:a7:0a:0a:14:8a:
59:d8:4a:e9:4f:1f:73:c9:88:bc:9c:42:b1:9e:e7:ea:cb:b0:
22:2e:89:77:e4:42:6a:12:41:24:2a:2d:33:75:0c:db:53:3e:
dd:78:e3:ea:19:10:c4:3e:bc:3f:c1:0e:48:5b:46:3b:48:46:
6f:72:8f:24:c5:aa:eb:6f:e7:a6:97:ac:77:8c:4f:ec:3c:95:
28:fe:ec:7c:ca:a7:3e:b7:31:ae:54:f2:d5:c4:82:97:5f:c2:
65:fb:f4:f2:8d:c2:a6:83:a1:04:87:93:06:95:69:ec:40:5d:
e3:f0:88:e2:cd:a1:5b:3d:31:80:81:fa:54:88:59:3d:19:e9:
82:55:7c:aa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ1F8m1ZTkqdafBu2DBJOfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA1MDYxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDcyMmVhODg1ZmRjY2MzMzRiNWQyZTgwZWViMTFlYWI4OGFhYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfEyOQV/U9/JTioJX6+7wE+0YFcH
z9d6joPplICOwYBvmZj5380g+/fxFwW9QjpjGk1jgolUiv/OCTGTK6rfl6AdgoMf
0p2qfeu+dsKL+n68Zvm1ZqSEH7C17EwgwZfeztUYi8Lt1dmgaoGVycQ7TtqnLCBt
4HiRnNB6z46TgMP05pa0SGVTPWfy0lt2Iu3buXbIAzS16siX9ohGq6yBfeRl41Td
vQlW0rl9zn4s/vUPGKbpDK2eSIt+HZ8ciz6+6RJA5Cf4bUn3v4re9IoHh++pw4yM
zE9Q0xt2a1nAGLFPpVNAa8IhptgnxL6ITnhOpRJ192zUMkQTuDcjSBJ4pQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLByLqiF/czDNLXS6A7rEeq4iqrRMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvc0hJdXFJWDl6TU0wdGRMb0R1c1I2cmlLcXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAQNhqcXLn6dJK2BRqf4xq0so5
Z4Loha9ugGI16Rvh/iEQlBHLUmQ6L/jlc82LPrlegNPFGdYnCCmn8ZGZE8rGRSvr
TJd4YJ9WnYQU5wA9pgkDReFQOHCJFLcrEABR4yJfjbY110vg3FisZcEjA1eqvbkL
8rkTiGQIb6cKChSKWdhK6U8fc8mIvJxCsZ7n6suwIi6Jd+RCahJBJCotM3UM21M+
3Xjj6hkQxD68P8EOSFtGO0hGb3KPJMWq62/nppesd4xP7DyVKP7sfMqnPrcxrlTy
1cSCl1/CZfv08o3CpoOhBIeTBpVp7EBd4/CI4s2hWz0xgIH6VIhZPRnpglV8qg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:53:33 2025 by rpki-client