Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa
File: 1l1IJAekOO519VcTxHwn6-u9zQc.roa (raw, json)
Hash identifier: V/l7+bTYZdTN60PUFHtM93VO4WfYcmdKe/NrUSsgjJc=
Subject key identifier: D6:5D:48:24:07:A4:38:EE:75:F5:57:13:C4:7C:27:EB:EB:BD:CD:07
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019602D5D313F6C0363592CCF98B58CA7B06
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa
Signing time: Fri 04 Apr 2025 22:04:49 +0000
ROA not before: Fri 04 Apr 2025 22:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:2d5:3ffa/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:02:d5:d3:13:f6:c0:36:35:92:cc:f9:8b:58:ca:7b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 4 22:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d65d482407a438ee75f55713c47c27ebebbdcd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:18:4c:65:50:1f:48:12:85:55:3e:6e:b5:dc:
f6:a6:1c:4a:65:6a:a9:db:4a:45:b3:2a:1e:08:bc:
19:93:48:e1:f9:39:fa:cb:90:6d:e1:0b:0f:2a:31:
4e:b8:ec:da:28:40:0f:38:87:0f:4c:f5:7c:5e:f2:
a5:21:fd:7c:7b:22:d2:ec:2c:63:9b:8c:94:b6:36:
44:97:64:bd:aa:e3:8c:ad:b0:7c:42:6a:7c:e1:3e:
81:83:24:05:35:cb:31:87:65:e3:c3:58:a2:a7:5e:
2a:4d:ce:e1:3d:4a:19:43:45:e5:01:a9:b3:f8:a3:
1a:fe:1a:79:6e:aa:18:d8:d7:c4:71:1f:68:dd:b3:
67:9a:b3:b0:0b:a6:01:2f:3d:cf:ba:31:55:86:1c:
99:9a:27:c9:1b:1f:9f:29:36:16:ff:10:0c:19:d9:
34:9f:5c:ed:37:77:12:c8:24:da:27:b8:41:44:c8:
0e:b7:dd:01:07:2b:63:3c:8d:3f:b5:77:ff:b4:81:
db:4f:7b:f5:9a:f9:48:f6:a8:44:46:1c:c9:ef:56:
bc:b6:1a:2a:7d:b5:cf:fb:d0:2b:d2:91:90:43:a1:
e2:a8:1e:e4:d7:3a:fd:b4:14:af:f7:bd:a9:36:e6:
05:17:38:5d:11:84:09:0f:29:37:68:db:ee:da:cc:
dc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5D:48:24:07:A4:38:EE:75:F5:57:13:C4:7C:27:EB:EB:BD:CD:07
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/1l1IJAekOO519VcTxHwn6-u9zQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:2d5:3ffa/128
Signature Algorithm: sha256WithRSAEncryption
44:a6:eb:6a:00:4b:36:3d:88:f1:44:10:1f:fc:d6:f8:0d:90:
5b:e8:58:ec:4f:29:0b:c2:f7:60:7f:2c:c2:6f:20:66:94:37:
cc:cb:40:49:5a:88:cc:1a:ce:25:69:78:d8:f7:6e:d4:18:bf:
89:f2:3c:36:0a:a6:6f:af:1f:72:11:ac:db:1f:62:c8:9e:24:
da:fb:9a:93:c6:f2:6f:6f:43:71:7c:ed:1f:9a:0e:92:47:82:
71:4b:94:cc:b8:fb:ab:d6:f7:c5:ab:b6:52:e0:1b:24:19:bd:
3e:3d:7a:7e:ad:3e:5f:2e:23:db:94:4a:01:13:ad:7d:28:fd:
8c:f3:97:8d:6c:d5:64:9f:85:7b:4c:23:15:a2:d7:e5:82:fd:
71:c7:4c:85:d7:21:b9:48:e9:8c:a7:97:26:02:3d:01:cb:b7:
2d:59:42:35:fb:81:2f:ef:74:8e:30:13:8e:41:c5:5b:26:22:
6c:7b:29:ab:49:54:59:74:e3:12:2c:b9:20:2c:70:1d:9f:e5:
e1:53:cb:eb:a0:f5:ad:e4:88:ad:ca:92:34:f7:80:d1:7f:77:
eb:b5:66:a5:e4:bd:09:40:5d:d8:ef:0e:5f:f5:34:cc:89:ba:
13:90:2b:78:06:e8:41:ab:8a:b3:f7:a5:9c:3a:be:05:ad:bf:
86:a3:37:71
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYC1dMT9sA2NZLM+YtYynsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDA0MjIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVkNDgyNDA3YTQzOGVlNzVmNTU3MTNjNDdjMjdlYmViYmRjZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRhMZVAfSBKFVT5utdz2phxKZWqp
20pFsyoeCLwZk0jh+Tn6y5Bt4QsPKjFOuOzaKEAPOIcPTPV8XvKlIf18eyLS7Cxj
m4yUtjZEl2S9quOMrbB8Qmp84T6BgyQFNcsxh2Xjw1iip14qTc7hPUoZQ0XlAamz
+KMa/hp5bqoY2NfEcR9o3bNnmrOwC6YBLz3PujFVhhyZmifJGx+fKTYW/xAMGdk0
n1ztN3cSyCTaJ7hBRMgOt90BBytjPI0/tXf/tIHbT3v1mvlI9qhERhzJ71a8thoq
fbXP+9Ar0pGQQ6HiqB7k1zr9tBSv972pNuYFFzhdEYQJDyk3aNvu2szcawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNZdSCQHpDjudfVXE8R8J+vrvc0HMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvMWwxSUpBZWtPTzUxOVZjVHhId242LXU5elFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWAtU/+jANBgkqhkiG9w0BAQsFAAOCAQEARKbragBLNj2I8UQQH/zW+A2Q
W+hY7E8pC8L3YH8swm8gZpQ3zMtASVqIzBrOJWl42Pdu1Bi/ifI8Ngqmb68fchGs
2x9iyJ4k2vuak8byb29DcXztH5oOkkeCcUuUzLj7q9b3xau2UuAbJBm9Pj16fq0+
Xy4j25RKAROtfSj9jPOXjWzVZJ+Fe0wjFaLX5YL9ccdMhdchuUjpjKeXJgI9Acu3
LVlCNfuBL+90jjATjkHFWyYibHspq0lUWXTjEiy5ICxwHZ/l4VPL66D1reSIrcqS
NPeA0X9367VmpeS9CUBd2O8OX/U0zIm6E5AreAboQauKs/elnDq+Ba2/hqM3cQ==
-----END CERTIFICATE-----
Generated at Wed Jun 18 14:09:57 2025 by rpki-client