Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t94Hv1um1iLQrPd6KQe7iEGGjd0.roa
File: t94Hv1um1iLQrPd6KQe7iEGGjd0.roa (raw, json)
Hash identifier: r09QkRWiEGDenqyUJXdS+KOiUSh9kmphsww6bkWLeLQ=
Subject key identifier: B7:DE:07:BF:5B:A6:D6:22:D0:AC:F7:7A:29:07:BB:88:41:86:8D:DD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01959D965544EC79B2B120A563FD607D122A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t94Hv1um1iLQrPd6KQe7iEGGjd0.roa
Signing time: Sun 16 Mar 2025 06:13:49 +0000
ROA not before: Sun 16 Mar 2025 06:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9d:96:55:44:ec:79:b2:b1:20:a5:63:fd:60:7d:12:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 16 06:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7de07bf5ba6d622d0acf77a2907bb8841868ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:53:b8:b6:1a:58:f2:00:13:d2:01:95:05:
91:cf:fe:ce:43:db:61:12:cb:4b:a7:5f:c0:16:a5:
10:fe:f0:d7:dd:d3:21:e4:e0:94:a2:55:81:e0:c5:
17:65:48:60:db:b4:73:18:0c:c5:47:ea:f0:a0:d6:
69:b9:ec:54:bf:18:85:cb:12:4e:3f:ab:54:19:21:
1b:6f:4e:c0:8e:7d:83:8d:e8:c3:a4:86:6b:7a:d1:
03:cc:77:63:78:7e:c4:13:0b:1a:0b:86:68:60:8a:
f8:ab:bd:1c:03:c4:ba:1a:d3:ba:89:57:e9:3c:bd:
38:de:8b:15:9a:f1:c0:4e:13:e8:2b:6c:f0:9e:55:
07:97:ab:9a:25:1f:31:77:ae:12:ce:53:c6:7c:ec:
f7:3a:3a:28:68:44:7b:f7:98:80:34:13:26:57:61:
6e:3f:ce:e8:0b:82:79:0d:bb:b2:ef:d7:8d:45:80:
5f:d0:6f:69:7b:df:95:33:d5:1d:11:f4:58:84:53:
08:84:14:6f:06:af:c6:3c:8c:cb:ae:21:b4:d4:7e:
c5:d6:f2:ca:d4:fa:85:54:24:1d:03:0a:3b:59:88:
84:c7:05:50:db:f0:59:fb:70:e8:d1:df:ef:df:13:
b0:5a:f1:53:50:01:2e:09:47:f6:2e:42:36:06:89:
1b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DE:07:BF:5B:A6:D6:22:D0:AC:F7:7A:29:07:BB:88:41:86:8D:DD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/t94Hv1um1iLQrPd6KQe7iEGGjd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
38:25:89:bc:9a:1a:2e:af:4e:32:1f:1a:54:b6:34:0c:2c:df:
92:9a:5e:99:c8:b9:76:ef:55:91:39:9b:d6:32:71:e9:21:86:
88:04:54:6b:4a:3f:40:73:92:12:30:cb:75:f6:28:34:01:80:
2d:bc:25:79:51:77:e9:c1:af:26:fb:9e:9d:f3:41:ba:cf:44:
d9:4e:ce:7f:fd:9c:08:13:00:8e:77:e7:eb:cf:95:c2:9d:1b:
b7:a5:22:97:c1:c9:dd:1c:63:67:e2:c3:c8:1f:af:0a:f9:23:
d2:3c:f4:4d:93:81:2a:39:ba:05:95:db:38:09:44:44:53:20:
1e:38:1a:8c:10:4c:7f:2a:98:de:44:3b:88:9c:7b:42:8c:4a:
1e:1c:26:9d:67:bd:4d:79:f3:a3:ca:c2:3e:29:85:e7:82:80:
21:c4:08:5b:d5:b4:fa:ba:cb:fd:17:15:47:3e:a3:73:88:4f:
90:b2:7e:07:b9:0b:66:25:52:7e:0c:14:26:f1:f5:73:11:13:
bb:db:72:ee:8e:89:10:b2:23:95:35:01:ec:ae:70:1a:6a:22:
a9:34:b0:5f:72:f3:74:0d:2f:17:9f:e4:82:3d:c5:42:86:61:
d4:52:d6:49:2c:fd:6f:42:a4:d7:84:54:50:a5:b2:2c:94:49:
dd:ac:82:61
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWdllVE7HmysSClY/1gfRIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE2MDYxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2RlMDdiZjViYTZkNjIyZDBhY2Y3N2EyOTA3YmI4ODQxODY4ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTxTuLYaWPIAE9IBlQWRz/7OQ9th
EstLp1/AFqUQ/vDX3dMh5OCUolWB4MUXZUhg27RzGAzFR+rwoNZpuexUvxiFyxJO
P6tUGSEbb07Ajn2DjejDpIZretEDzHdjeH7EEwsaC4ZoYIr4q70cA8S6GtO6iVfp
PL043osVmvHAThPoK2zwnlUHl6uaJR8xd64SzlPGfOz3OjooaER795iANBMmV2Fu
P87oC4J5Dbuy79eNRYBf0G9pe9+VM9UdEfRYhFMIhBRvBq/GPIzLriG01H7F1vLK
1PqFVCQdAwo7WYiExwVQ2/BZ+3Do0d/v3xOwWvFTUAEuCUf2LkI2BokbkwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLfeB79bptYi0Kz3eikHu4hBho3dMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdDk0SHYxdW0xaUxRclBkNktRZTdpRUdHamQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAOCWJvJoaLq9OMh8aVLY0DCzf
kppemci5du9VkTmb1jJx6SGGiARUa0o/QHOSEjDLdfYoNAGALbwleVF36cGvJvue
nfNBus9E2U7Of/2cCBMAjnfn68+Vwp0bt6Uil8HJ3RxjZ+LDyB+vCvkj0jz0TZOB
Kjm6BZXbOAlERFMgHjgajBBMfyqY3kQ7iJx7QoxKHhwmnWe9TXnzo8rCPimF54KA
IcQIW9W0+rrL/RcVRz6jc4hPkLJ+B7kLZiVSfgwUJvH1cxETu9ty7o6JELIjlTUB
7K5wGmoiqTSwX3LzdA0vF5/kgj3FQoZh1FLWSSz9b0Kk14RUUKWyLJRJ3ayCYQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:14:27 2025 by rpki-client