Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uV4bBhzDqdsAdDiUFSrJzqfa_D0.roa
File: uV4bBhzDqdsAdDiUFSrJzqfa_D0.roa (raw, json)
Hash identifier: ivKByw7Y6MWZf+EfrUFWPFeRBqyFcGV2t4DmouqyqBo=
Subject key identifier: B9:5E:1B:06:1C:C3:A9:DB:00:74:38:94:15:2A:C9:CE:A7:DA:FC:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195433812200B67E160D72E828E86B291D6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uV4bBhzDqdsAdDiUFSrJzqfa_D0.roa
Signing time: Wed 26 Feb 2025 17:05:02 +0000
ROA not before: Wed 26 Feb 2025 17:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:4337:5c18/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:38:12:20:0b:67:e1:60:d7:2e:82:8e:86:b2:91:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 26 17:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b95e1b061cc3a9db00743894152ac9cea7dafc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:21:d9:d0:f2:68:bd:9a:dd:7d:cb:d3:50:5a:
67:b4:11:3e:01:01:aa:08:61:22:62:38:f3:b7:85:
7a:5c:d4:1f:c9:c0:af:3e:2d:b1:94:92:80:77:33:
53:ea:04:db:7f:0e:2a:d9:f3:c5:02:de:12:96:db:
fe:5b:12:3c:2e:34:e9:f9:ae:79:28:4e:08:44:e4:
75:5a:16:7e:5a:9c:2d:7f:f3:ee:83:4f:51:08:9d:
e5:8e:a6:4a:0a:e6:37:ed:81:d9:71:35:67:6a:ec:
78:4a:48:73:ae:c8:58:a2:e9:69:cc:7b:42:f3:a1:
18:88:07:1a:0b:c5:40:9f:96:f3:31:6c:19:5e:5e:
c9:69:b3:97:a7:d3:6e:7e:dd:6f:cf:95:2b:17:0f:
d2:4e:ca:67:cd:17:35:3a:ce:12:b2:9d:11:49:d2:
0d:ed:93:9e:01:19:31:56:f3:ea:32:c2:ad:f6:7b:
af:5a:23:ac:1c:bb:63:ee:7d:6c:30:da:fb:6d:b2:
c5:30:b3:6a:1a:44:7b:71:71:18:69:00:c5:89:ad:
7f:91:94:63:ae:ce:78:40:31:e5:31:42:86:eb:2f:
07:7c:48:46:6e:9e:17:83:b4:eb:12:48:7e:25:76:
ca:bd:8a:56:d0:a0:e6:ed:9b:64:d3:b7:9e:44:cc:
a8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5E:1B:06:1C:C3:A9:DB:00:74:38:94:15:2A:C9:CE:A7:DA:FC:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uV4bBhzDqdsAdDiUFSrJzqfa_D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:4337:5c18/128
Signature Algorithm: sha256WithRSAEncryption
83:2b:6c:a8:30:1b:60:22:ce:1e:77:2d:d3:5f:2f:55:03:db:
95:19:b1:3c:1c:7c:ac:1c:7f:3e:e3:f3:e6:a3:5d:76:59:50:
b6:f5:67:b0:d8:ec:12:13:b8:be:a1:10:54:58:e8:71:5b:eb:
0f:aa:a1:68:49:59:56:7e:c5:72:dd:29:bb:f6:15:61:08:3c:
74:61:21:61:04:f9:6f:f1:f7:5b:98:ba:b3:80:1c:6d:27:07:
cd:36:a8:f3:0c:17:a2:d9:d4:da:e8:30:90:1a:34:57:76:1f:
49:f3:d7:98:37:2c:7e:3b:1d:a5:76:6a:ce:66:6c:5c:f8:3d:
64:07:7c:13:c0:c6:ad:5d:fc:6f:16:b8:ae:1f:e9:6b:d2:34:
f8:c6:fd:a6:df:2c:32:5b:ee:de:4d:06:df:53:92:73:d3:3e:
a3:0a:fd:7f:13:52:13:e2:1f:e5:6a:dd:9e:f4:c6:ed:14:2b:
88:6f:dc:fe:3c:24:24:4a:9a:1e:29:bb:70:f9:92:d5:87:c0:
ea:84:a1:bb:77:18:a9:db:1f:3a:3c:fe:8a:ec:90:08:46:04:
58:34:97:f0:e0:0d:22:61:e6:e4:cd:4e:ac:ec:e0:98:86:ff:
25:13:a3:c4:c2:8e:88:80:52:35:2f:04:c2:6d:98:d3:3e:db:
68:58:26:78
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVDOBIgC2fhYNcugo6GspHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjI2MTcwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTVlMWIwNjFjYzNhOWRiMDA3NDM4OTQxNTJhYzljZWE3ZGFmYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyHZ0PJovZrdfcvTUFpntBE+AQGq
CGEiYjjzt4V6XNQfycCvPi2xlJKAdzNT6gTbfw4q2fPFAt4Sltv+WxI8LjTp+a55
KE4IROR1WhZ+Wpwtf/Pug09RCJ3ljqZKCuY37YHZcTVnaux4SkhzrshYoulpzHtC
86EYiAcaC8VAn5bzMWwZXl7JabOXp9Nuft1vz5UrFw/STspnzRc1Os4Ssp0RSdIN
7ZOeARkxVvPqMsKt9nuvWiOsHLtj7n1sMNr7bbLFMLNqGkR7cXEYaQDFia1/kZRj
rs54QDHlMUKG6y8HfEhGbp4Xg7TrEkh+JXbKvYpW0KDm7Ztk07eeRMyoywIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLleGwYcw6nbAHQ4lBUqyc6n2vw9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdVY0YkJoekRxZHNBZERpVUZTckp6cWZhX0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVQzdcGDANBgkqhkiG9w0BAQsFAAOCAQEAgytsqDAbYCLOHnct018vVQPb
lRmxPBx8rBx/PuPz5qNddllQtvVnsNjsEhO4vqEQVFjocVvrD6qhaElZVn7Fct0p
u/YVYQg8dGEhYQT5b/H3W5i6s4AcbScHzTao8wwXotnU2ugwkBo0V3YfSfPXmDcs
fjsdpXZqzmZsXPg9ZAd8E8DGrV38bxa4rh/pa9I0+Mb9pt8sMlvu3k0G31OSc9M+
owr9fxNSE+If5WrdnvTG7RQriG/c/jwkJEqaHim7cPmS1YfA6oShu3cYqdsfOjz+
iuyQCEYEWDSX8OANImHm5M1OrOzgmIb/JROjxMKOiIBSNS8Ewm2Y0z7baFgmeA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:16:04 2025 by rpki-client