Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CarXEyqxcZOTkIzaF_tVvYsothA.roa
File: CarXEyqxcZOTkIzaF_tVvYsothA.roa (raw, json)
Hash identifier: xWpc/q4TXLB7YH1KdiEZ1sF9JeWxU15vapsO5Oo1s14=
Subject key identifier: 09:AA:D7:13:2A:B1:71:93:93:90:8C:DA:17:FB:55:BD:8B:28:B6:10
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01966AE7FBDDD97040097E0349CD307169B1
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CarXEyqxcZOTkIzaF_tVvYsothA.roa
Signing time: Fri 25 Apr 2025 03:05:10 +0000
ROA not before: Fri 25 Apr 2025 03:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:6ae7:3a31/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6a:e7:fb:dd:d9:70:40:09:7e:03:49:cd:30:71:69:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 25 03:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09aad7132ab1719393908cda17fb55bd8b28b610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f2:db:3f:35:86:07:c3:7b:aa:54:95:a8:ed:
e0:67:e7:36:24:70:17:ab:cf:73:74:26:6d:bf:7a:
56:bc:5e:fe:d1:05:28:e1:9b:ba:a0:8c:62:40:e5:
ee:15:cb:bd:f5:2d:00:d2:77:e0:0f:da:9f:13:a7:
dc:99:d2:3b:65:62:db:74:69:7b:3b:33:66:bc:e2:
96:f7:47:d1:b8:5c:7d:58:fd:46:0d:34:8a:57:10:
42:a4:23:d3:88:6b:4c:fd:5e:e8:eb:81:0d:99:ca:
bb:f9:19:ee:55:38:a3:1e:1b:a9:ef:e8:ab:d7:11:
8a:2b:7a:a6:af:9d:cc:42:e1:1a:25:7c:21:4f:6e:
54:2e:e6:7d:4a:aa:4e:5a:21:d9:2c:19:95:99:e4:
84:25:f3:c3:22:e0:ff:bd:f7:c8:7a:b4:b9:2b:27:
e3:eb:1f:03:9e:7b:f7:a1:ee:08:35:e1:7e:4d:66:
4f:62:aa:a4:63:8b:15:62:85:40:54:3d:be:23:ae:
8a:bc:1e:cc:66:55:d9:6f:77:f4:3f:40:3c:12:df:
22:ef:3f:e8:c4:17:1c:29:ec:13:88:ed:18:4b:8f:
9f:9c:b3:3a:37:3c:17:9b:47:50:72:f3:0c:8c:1b:
3c:14:e0:03:2e:d4:14:20:d5:69:1d:37:e3:d1:97:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AA:D7:13:2A:B1:71:93:93:90:8C:DA:17:FB:55:BD:8B:28:B6:10
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/CarXEyqxcZOTkIzaF_tVvYsothA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:6ae7:3a31/128
Signature Algorithm: sha256WithRSAEncryption
a4:49:94:e4:56:29:0b:2c:0c:32:be:69:70:14:db:ea:e0:c9:
81:b4:43:12:fa:0f:fd:0a:87:5f:40:8f:75:8d:41:25:ad:11:
1b:da:12:ac:53:b1:1c:09:68:ba:4f:d6:44:bb:f7:b4:46:3e:
b6:72:e7:47:d3:1b:00:41:3d:fa:28:bb:09:93:cd:ab:ed:0f:
7c:43:5f:4f:fe:d9:f6:80:f0:a6:66:0a:a0:f7:23:da:d3:63:
b2:28:76:ad:4d:f3:ca:82:fc:55:ee:21:65:00:cb:25:73:e4:
b2:ec:41:ae:7e:f1:fe:86:2f:d9:ad:7f:32:b8:e4:6d:55:6a:
80:27:bc:8b:ad:15:63:9e:8f:e5:1d:ba:a8:60:c6:1e:b2:09:
6f:f5:a9:aa:f6:c5:6d:f8:9f:1d:ac:40:ec:f6:f5:13:3e:8e:
f9:46:85:8b:c7:b1:1c:e3:88:ee:c0:17:b6:b2:4a:32:94:67:
fb:12:33:33:00:bc:00:61:90:eb:a5:7a:8e:20:00:35:b9:fc:
65:87:b9:c3:d5:54:94:af:f3:da:54:6a:48:1a:1b:98:ec:02:
59:1c:e6:48:66:c0:82:18:83:f7:ba:c9:fb:5c:5d:97:74:6a:
8f:0d:96:94:7d:fa:bc:02:4a:2d:46:ea:05:e7:40:19:fb:4f:
6c:34:25:ac
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZq5/vd2XBACX4DSc0wcWmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI1MDMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWFhZDcxMzJhYjE3MTkzOTM5MDhjZGExN2ZiNTViZDhiMjhiNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PLbPzWGB8N7qlSVqO3gZ+c2JHAX
q89zdCZtv3pWvF7+0QUo4Zu6oIxiQOXuFcu99S0A0nfgD9qfE6fcmdI7ZWLbdGl7
OzNmvOKW90fRuFx9WP1GDTSKVxBCpCPTiGtM/V7o64ENmcq7+RnuVTijHhup7+ir
1xGKK3qmr53MQuEaJXwhT25ULuZ9SqpOWiHZLBmVmeSEJfPDIuD/vffIerS5Kyfj
6x8Dnnv3oe4INeF+TWZPYqqkY4sVYoVAVD2+I66KvB7MZlXZb3f0P0A8Et8i7z/o
xBccKewTiO0YS4+fnLM6NzwXm0dQcvMMjBs8FOADLtQUINVpHTfj0Zf40QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAmq1xMqsXGTk5CM2hf7Vb2LKLYQMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvQ2FyWEV5cXhjWk9Ua0l6YUZfdFZ2WXNvdGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWauc6MTANBgkqhkiG9w0BAQsFAAOCAQEApEmU5FYpCywMMr5pcBTb6uDJ
gbRDEvoP/QqHX0CPdY1BJa0RG9oSrFOxHAlouk/WRLv3tEY+tnLnR9MbAEE9+ii7
CZPNq+0PfENfT/7Z9oDwpmYKoPcj2tNjsih2rU3zyoL8Ve4hZQDLJXPksuxBrn7x
/oYv2a1/MrjkbVVqgCe8i60VY56P5R26qGDGHrIJb/WpqvbFbfifHaxA7Pb1Ez6O
+UaFi8exHOOI7sAXtrJKMpRn+xIzMwC8AGGQ66V6jiAANbn8ZYe5w9VUlK/z2lRq
SBobmOwCWRzmSGbAghiD97rJ+1xdl3Rqjw2WlH36vAJKLUbqBedAGftPbDQlrA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:09:10 2025 by rpki-client