Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zipHz62ICYlCaDCuS-xP_ke3TmI.roa
File: zipHz62ICYlCaDCuS-xP_ke3TmI.roa (raw, json)
Hash identifier: BzYTrN6tLT9AKZpClwXBT/fvuEWWq/k5U8mnVhSjmLY=
Subject key identifier: CE:2A:47:CF:AD:88:09:89:42:68:30:AE:4B:EC:4F:FE:47:B7:4E:62
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01958EFE10EC2B259D6FDC3A911FBBD7CB9D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zipHz62ICYlCaDCuS-xP_ke3TmI.roa
Signing time: Thu 13 Mar 2025 10:12:49 +0000
ROA not before: Thu 13 Mar 2025 10:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:fe:10:ec:2b:25:9d:6f:dc:3a:91:1f:bb:d7:cb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 13 10:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce2a47cfad880989426830ae4bec4ffe47b74e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:25:f2:c1:3a:95:ab:b4:07:be:c4:d4:4d:
a4:eb:95:8d:2c:7e:17:00:ff:e5:fe:62:60:34:bb:
ac:c9:2d:0a:7a:78:3e:1c:af:87:61:c2:6d:f6:9a:
82:e6:4a:bb:6c:e0:1e:46:36:8b:fb:fa:6f:e5:18:
3b:90:22:50:b6:01:c5:5f:0c:8a:2f:0d:88:bc:f2:
90:8e:c6:f5:5a:e4:79:3c:ac:f9:e9:27:0e:90:5e:
07:36:82:fd:26:83:d7:c5:a8:11:ba:8b:a4:37:60:
a3:02:2e:ed:04:7c:30:2c:f8:35:9b:e0:9d:26:fc:
7f:d6:9a:ee:cc:94:96:2f:27:92:fa:1f:51:90:75:
fc:9b:0d:3d:67:89:e9:db:3d:2a:48:60:b1:a5:d0:
52:e8:3c:c3:a6:3d:4b:ce:95:de:8d:08:08:83:e7:
a8:43:91:16:28:02:dc:3c:ec:71:fc:bc:4d:e6:7e:
4d:b3:6d:e2:70:c8:57:af:28:46:a2:53:ef:54:1c:
a3:04:56:4a:26:b7:c1:7a:47:5e:75:fe:7d:55:80:
65:ef:d5:0e:8b:4e:75:89:fe:4d:22:b2:89:68:03:
58:9a:9e:ba:04:00:05:55:b3:f4:70:19:2c:ff:66:
38:8c:d4:ee:57:3b:d9:98:7e:93:26:c4:a5:f9:a1:
ad:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2A:47:CF:AD:88:09:89:42:68:30:AE:4B:EC:4F:FE:47:B7:4E:62
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/zipHz62ICYlCaDCuS-xP_ke3TmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
16:4a:01:bd:66:8b:3b:a6:4c:ea:65:dd:3e:cb:13:7a:ef:2d:
4c:ef:89:44:ae:02:23:26:9e:e5:2d:e1:61:68:d0:fd:8d:21:
c7:0e:c5:0d:9c:15:7b:6d:82:01:f3:57:fd:c7:bf:0b:cd:9a:
aa:3e:b3:08:f8:af:1d:46:df:03:cd:9e:c0:0d:a5:aa:16:c8:
d3:d4:2a:49:07:6a:ec:28:8c:66:a5:52:18:dd:b8:15:a4:c8:
c8:91:46:73:26:3e:ea:14:45:19:fd:af:14:0e:7f:7a:62:e7:
a5:75:10:a2:99:b7:fc:00:35:13:63:b0:28:a2:43:25:9c:f6:
9d:d5:7b:0a:4b:e9:f2:f5:1c:13:e7:f7:b9:a3:b7:fc:69:62:
88:89:fa:84:f4:53:e9:1a:48:5a:6e:26:47:8d:ee:9d:ef:a4:
9f:6e:45:cd:a8:5a:40:83:de:0b:10:c7:57:7f:77:52:84:28:
15:1e:52:71:15:4b:bd:64:cc:5e:94:b1:6b:56:17:f9:5e:13:
79:54:b8:b8:05:45:a3:d7:4c:b6:7f:20:ab:4a:c0:13:c2:09:
cf:98:dc:ff:25:b1:8d:ff:81:c5:be:c2:08:f0:88:c5:45:d2:
1d:9e:33:b0:0d:dd:8a:29:fa:19:0b:e4:c1:42:a9:44:68:d0:
37:ab:a8:c0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWO/hDsKyWdb9w6kR+718udMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzEzMTAxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTJhNDdjZmFkODgwOTg5NDI2ODMwYWU0YmVjNGZmZTQ3Yjc0ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3gl8sE6lau0B77E1E2k65WNLH4X
AP/l/mJgNLusyS0Keng+HK+HYcJt9pqC5kq7bOAeRjaL+/pv5Rg7kCJQtgHFXwyK
Lw2IvPKQjsb1WuR5PKz56ScOkF4HNoL9JoPXxagRuoukN2CjAi7tBHwwLPg1m+Cd
Jvx/1pruzJSWLyeS+h9RkHX8mw09Z4np2z0qSGCxpdBS6DzDpj1LzpXejQgIg+eo
Q5EWKALcPOxx/LxN5n5Ns23icMhXryhGolPvVByjBFZKJrfBekdedf59VYBl79UO
i051if5NIrKJaANYmp66BAAFVbP0cBks/2Y4jNTuVzvZmH6TJsSl+aGt6QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM4qR8+tiAmJQmgwrkvsT/5Ht05iMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvemlwSHo2MklDWWxDYURDdVMteFBfa2UzVG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAFkoBvWaLO6ZM6mXdPssTeu8t
TO+JRK4CIyae5S3hYWjQ/Y0hxw7FDZwVe22CAfNX/ce/C82aqj6zCPivHUbfA82e
wA2lqhbI09QqSQdq7CiMZqVSGN24FaTIyJFGcyY+6hRFGf2vFA5/emLnpXUQopm3
/AA1E2OwKKJDJZz2ndV7Ckvp8vUcE+f3uaO3/GliiIn6hPRT6RpIWm4mR43une+k
n25FzahaQIPeCxDHV393UoQoFR5ScRVLvWTMXpSxa1YX+V4TeVS4uAVFo9dMtn8g
q0rAE8IJz5jc/yWxjf+Bxb7CCPCIxUXSHZ4zsA3diin6GQvkwUKpRGjQN6uowA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:07:24 2025 by rpki-client