Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tItuJkaUkW6zpZU0IF5PcfPyUek.roa
File: tItuJkaUkW6zpZU0IF5PcfPyUek.roa (raw, json)
Hash identifier: SDAG5eQ1uMTer/pU4nsLW3IWQnNb+o4PkHuLUGqHgEU=
Subject key identifier: B4:8B:6E:26:46:94:91:6E:B3:A5:95:34:20:5E:4F:71:F3:F2:51:E9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019587B17935AE2AA093E5E67EC39A782666
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tItuJkaUkW6zpZU0IF5PcfPyUek.roa
Signing time: Wed 12 Mar 2025 00:11:49 +0000
ROA not before: Wed 12 Mar 2025 00:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:87:b1:79:35:ae:2a:a0:93:e5:e6:7e:c3:9a:78:26:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 12 00:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b48b6e264694916eb3a59534205e4f71f3f251e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:41:90:8c:04:74:3a:9b:ce:7e:09:d1:b8:f9:
fc:60:6d:2b:ff:64:0b:d8:9b:fd:83:b7:31:be:1c:
03:2a:a0:cf:d8:9b:56:0f:ef:0d:b0:5f:76:8c:ce:
f8:9e:2e:f3:0f:4a:bd:a4:c4:4b:78:0e:08:39:e6:
e2:e7:c9:d9:5f:89:e2:a1:cc:d7:a3:6a:b7:7d:7c:
4b:f2:a1:70:df:0c:0c:01:d9:e3:da:58:14:6c:1f:
67:41:bb:d8:e5:1a:01:d9:cb:b0:99:fc:96:50:2d:
f2:0e:73:38:df:eb:80:cb:5d:ea:48:84:c9:50:37:
7d:46:95:93:b0:1d:81:65:0a:2a:0c:bc:32:58:f9:
5c:f7:42:1e:88:5a:c8:97:3f:9f:25:3d:bf:74:83:
8d:a4:0e:f4:5d:a3:75:b5:97:5e:5b:22:d1:a7:10:
47:06:54:16:5c:39:ec:d8:4a:1c:e3:8d:73:a2:61:
ad:27:85:08:e7:21:d1:1d:ec:85:6a:f4:6b:18:59:
16:3a:9d:3c:6e:70:d4:e2:44:ed:01:6d:41:ef:f1:
31:19:6d:cd:63:8d:75:1b:f1:4a:8a:e3:20:ad:79:
8c:54:d8:e3:41:84:7a:6a:7b:07:7c:02:b6:d0:d5:
f3:b3:42:cb:d7:61:eb:b3:d8:e9:cd:35:c7:f8:61:
43:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8B:6E:26:46:94:91:6E:B3:A5:95:34:20:5E:4F:71:F3:F2:51:E9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/tItuJkaUkW6zpZU0IF5PcfPyUek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
60:dd:57:9d:d1:dc:5d:a4:bf:ca:22:34:80:6d:be:50:61:7c:
1f:97:7b:ab:d7:b3:30:6d:9f:e8:20:66:5c:44:f2:38:31:40:
ee:f3:f3:0f:fc:7a:9f:2f:8d:ec:58:65:99:6c:58:1b:c0:15:
cc:23:b2:28:fa:80:99:33:c4:e5:e1:8d:99:c7:c5:d7:84:16:
13:d0:af:ec:a4:1c:d8:4f:5f:9e:f3:ce:7c:53:ae:a8:81:a9:
9b:90:a4:5a:64:ca:a7:91:e9:82:8d:ec:2e:fa:1f:f5:00:9f:
49:25:01:0d:e7:ad:ee:ea:46:a8:59:8f:2f:ce:4e:a4:0b:7d:
1d:d1:f2:30:00:ae:9a:37:1b:82:91:e6:f9:83:3a:71:e3:8b:
05:63:8a:2d:3b:86:46:4c:40:36:21:b4:f9:07:62:80:13:bc:
c8:03:74:66:80:e8:50:0e:20:1f:13:c6:a7:db:d8:22:37:3f:
76:df:63:0f:92:c7:12:2c:de:93:cd:f1:3d:12:75:89:60:3b:
bb:05:b6:25:95:b1:a1:75:f6:7e:83:64:fc:78:0b:de:64:33:
b0:18:38:d9:c4:bc:60:cd:12:f6:30:94:b9:c9:43:a7:61:52:
67:73:3c:d5:0d:38:b8:f4:20:42:d7:b0:cc:22:7b:5f:e1:0f:
aa:50:2d:52
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWHsXk1riqgk+XmfsOaeCZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEyMDAxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhiNmUyNjQ2OTQ5MTZlYjNhNTk1MzQyMDVlNGY3MWYzZjI1MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90GQjAR0OpvOfgnRuPn8YG0r/2QL
2Jv9g7cxvhwDKqDP2JtWD+8NsF92jM74ni7zD0q9pMRLeA4IOebi58nZX4nioczX
o2q3fXxL8qFw3wwMAdnj2lgUbB9nQbvY5RoB2cuwmfyWUC3yDnM43+uAy13qSITJ
UDd9RpWTsB2BZQoqDLwyWPlc90IeiFrIlz+fJT2/dIONpA70XaN1tZdeWyLRpxBH
BlQWXDns2Eoc441zomGtJ4UI5yHRHeyFavRrGFkWOp08bnDU4kTtAW1B7/ExGW3N
Y411G/FKiuMgrXmMVNjjQYR6ansHfAK20NXzs0LL12Hrs9jpzTXH+GFDswIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLSLbiZGlJFus6WVNCBeT3Hz8lHpMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdEl0dUprYVVrVzZ6cFpVMElGNVBjZlB5VWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAYN1XndHcXaS/yiI0gG2+UGF8
H5d7q9ezMG2f6CBmXETyODFA7vPzD/x6ny+N7FhlmWxYG8AVzCOyKPqAmTPE5eGN
mcfF14QWE9Cv7KQc2E9fnvPOfFOuqIGpm5CkWmTKp5Hpgo3sLvof9QCfSSUBDeet
7upGqFmPL85OpAt9HdHyMACumjcbgpHm+YM6ceOLBWOKLTuGRkxANiG0+QdigBO8
yAN0ZoDoUA4gHxPGp9vYIjc/dt9jD5LHEizek83xPRJ1iWA7uwW2JZWxoXX2foNk
/HgL3mQzsBg42cS8YM0S9jCUuclDp2FSZ3M81Q04uPQgQtewzCJ7X+EPqlAtUg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:44 2025 by rpki-client