Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uPGhb7gwFUogbBSE4qjuKQqe-qU.roa
File: uPGhb7gwFUogbBSE4qjuKQqe-qU.roa (raw, json)
Hash identifier: WiW0+1X/tzPyWtoNT/zec5hMIiGkpf1Hjfxk4ondd40=
Subject key identifier: B8:F1:A1:6F:B8:30:15:4A:20:6C:14:84:E2:A8:EE:29:0A:9E:FA:A5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195707EE7D313A58F12E1320F0C7043C857
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uPGhb7gwFUogbBSE4qjuKQqe-qU.roa
Signing time: Fri 07 Mar 2025 12:05:19 +0000
ROA not before: Fri 07 Mar 2025 12:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:707e:6aff/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:7e:e7:d3:13:a5:8f:12:e1:32:0f:0c:70:43:c8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 7 12:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8f1a16fb830154a206c1484e2a8ee290a9efaa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:aa:89:ef:fb:b6:b4:ff:7a:ed:27:95:9b:
c4:73:d9:83:a8:5a:74:84:9c:d1:90:20:20:fc:08:
af:d0:dd:51:a9:91:18:77:f6:2d:3e:ab:71:07:cf:
f0:46:96:da:65:64:d5:cf:6b:a7:e5:a1:a6:05:27:
ae:0d:4e:d9:da:c0:33:2c:d3:00:89:ea:d6:8c:c4:
fe:37:36:c8:5b:89:fa:45:f8:f3:ce:57:60:fc:d9:
d5:b2:5f:74:28:c9:37:33:32:b9:a8:7c:0b:a8:54:
cf:a2:97:a2:07:10:dc:94:9a:35:20:38:46:0f:76:
88:b3:57:4d:b0:e5:74:4d:fc:28:a4:4f:85:96:c3:
d6:3d:f9:f6:3a:e0:30:2e:21:0d:64:51:e8:1d:16:
db:29:b9:c5:37:2a:0c:cf:f6:2a:9f:d1:c4:42:67:
7f:d7:5f:67:49:6b:57:36:15:18:59:8a:d3:f3:c1:
cf:56:34:84:4b:f7:ef:a3:67:19:52:a3:da:47:31:
30:1e:60:88:ca:5a:65:34:3c:d5:62:68:6b:03:45:
0e:95:73:f7:dd:59:93:15:fc:f5:37:66:0f:36:b0:
0c:15:c0:78:ff:bc:2b:92:cc:7a:fe:92:bb:a0:63:
fb:39:68:4a:ea:60:6e:f2:75:d3:36:20:97:62:0e:
c2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F1:A1:6F:B8:30:15:4A:20:6C:14:84:E2:A8:EE:29:0A:9E:FA:A5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uPGhb7gwFUogbBSE4qjuKQqe-qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:707e:6aff/128
Signature Algorithm: sha256WithRSAEncryption
13:52:33:65:8c:f4:4a:60:3a:2b:95:27:e5:6a:8c:17:73:39:
38:af:6d:25:c9:60:f8:36:56:e2:1e:f2:5d:4e:b6:8a:16:ac:
9e:99:01:94:54:46:73:5f:61:35:31:18:bd:53:1f:1f:47:30:
ad:03:d8:62:6e:b3:ff:bb:3b:5a:0f:b4:af:55:b4:45:bb:f1:
c1:fd:f1:63:6a:89:85:5b:d7:1b:2d:c7:a5:8f:11:71:37:f4:
7f:c8:67:7d:32:e5:09:39:43:42:1e:9f:50:1e:a5:0e:0d:3e:
87:0d:d4:a8:b9:72:a1:aa:b9:1d:7e:eb:8c:53:a6:5e:e1:02:
3f:33:56:d0:6a:44:15:78:73:6e:8f:16:0f:8a:92:14:f6:8b:
8d:ef:1b:0c:ee:b7:04:b0:db:f0:44:b6:87:a0:5b:ba:3b:03:
54:47:65:0c:db:42:9a:a5:98:1f:7d:4f:b8:59:f5:8b:57:0e:
a3:55:bc:25:dd:43:48:f4:8d:76:78:cc:50:99:9b:e8:9e:01:
ec:e8:46:85:88:bd:34:73:23:b2:b2:3a:a4:41:9f:19:b6:aa:
a1:bb:67:00:60:83:76:9a:51:7f:78:1e:30:bb:12:1e:99:01:
02:c0:72:36:75:da:f3:9b:a9:1a:d4:05:6d:bb:e1:64:ec:87:
de:e2:9e:47
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZVwfufTE6WPEuEyDwxwQ8hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzA3MTIwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGYxYTE2ZmI4MzAxNTRhMjA2YzE0ODRlMmE4ZWUyOTBhOWVmYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5iqie/7trT/eu0nlZvEc9mDqFp0
hJzRkCAg/Aiv0N1RqZEYd/YtPqtxB8/wRpbaZWTVz2un5aGmBSeuDU7Z2sAzLNMA
ierWjMT+NzbIW4n6Rfjzzldg/NnVsl90KMk3MzK5qHwLqFTPopeiBxDclJo1IDhG
D3aIs1dNsOV0TfwopE+FlsPWPfn2OuAwLiENZFHoHRbbKbnFNyoMz/Yqn9HEQmd/
119nSWtXNhUYWYrT88HPVjSES/fvo2cZUqPaRzEwHmCIylplNDzVYmhrA0UOlXP3
3VmTFfz1N2YPNrAMFcB4/7wrksx6/pK7oGP7OWhK6mBu8nXTNiCXYg7CcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLjxoW+4MBVKIGwUhOKo7ikKnvqlMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdVBHaGI3Z3dGVW9nYkJTRTRxanVLUXFlLXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVcH5q/zANBgkqhkiG9w0BAQsFAAOCAQEAE1IzZYz0SmA6K5Un5WqMF3M5
OK9tJclg+DZW4h7yXU62ihasnpkBlFRGc19hNTEYvVMfH0cwrQPYYm6z/7s7Wg+0
r1W0Rbvxwf3xY2qJhVvXGy3HpY8RcTf0f8hnfTLlCTlDQh6fUB6lDg0+hw3UqLly
oaq5HX7rjFOmXuECPzNW0GpEFXhzbo8WD4qSFPaLje8bDO63BLDb8ES2h6BbujsD
VEdlDNtCmqWYH31PuFn1i1cOo1W8Jd1DSPSNdnjMUJmb6J4B7OhGhYi9NHMjsrI6
pEGfGbaqobtnAGCDdppRf3geMLsSHpkBAsByNnXa85upGtQFbbvhZOyH3uKeRw==
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:00:14 2025 by rpki-client