Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F3kQmtsKG6gumW0ESmbMg5PmU_k.roa
File: F3kQmtsKG6gumW0ESmbMg5PmU_k.roa (raw, json)
Hash identifier: o7WzjOggMWz0lBLp+ZrYusmVSagtYXvdZrvEVsSo64g=
Subject key identifier: 17:79:10:9A:DB:0A:1B:A8:2E:99:6D:04:4A:66:CC:83:93:E6:53:F9
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196C16084C49B3BC5C56E4C486E7279AF37
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F3kQmtsKG6gumW0ESmbMg5PmU_k.roa
Signing time: Sun 11 May 2025 22:04:10 +0000
ROA not before: Sun 11 May 2025 22:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:c160:4fa0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:60:84:c4:9b:3b:c5:c5:6e:4c:48:6e:72:79:af:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 11 22:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1779109adb0a1ba82e996d044a66cc8393e653f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:44:c7:96:43:27:cf:35:06:fd:b3:75:ad:
e3:dd:b6:d8:d1:ca:2a:a1:6e:89:18:80:4d:99:48:
ad:ea:8e:f2:66:d7:a7:80:0e:09:95:ef:6e:74:d1:
53:ec:86:1f:64:7c:40:0d:8d:a6:76:43:a8:9c:28:
51:9b:93:83:a3:17:46:a9:d5:19:94:3c:7a:dc:af:
32:db:34:ef:e3:32:41:59:e2:d1:b4:38:48:56:c3:
0f:fe:23:fe:23:58:1a:22:b1:ce:22:48:08:6e:c0:
83:c7:f9:42:d6:c3:df:99:49:c9:16:60:4f:b1:a3:
ae:d7:74:df:7e:32:c0:b1:ae:50:6b:9d:3d:7a:70:
3d:e1:d4:41:89:08:e0:01:a3:95:f0:15:33:a6:70:
16:22:7e:c0:e2:c7:7d:64:f5:58:c6:de:1e:c5:4c:
e9:e2:16:f8:d2:58:39:cd:8c:c2:68:5a:5f:de:0c:
fa:be:12:2e:43:44:8e:54:4b:a9:cc:d8:fa:34:86:
46:c5:35:e2:f7:03:49:9e:b4:af:24:ce:45:e7:7b:
88:0f:db:14:90:37:f7:ae:73:32:ae:2e:68:1d:bb:
e1:76:f0:60:bd:f1:5f:11:a8:3c:c7:2d:d9:fd:c0:
d7:c9:3d:5e:a0:45:be:10:69:18:b4:4d:2e:40:e4:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:79:10:9A:DB:0A:1B:A8:2E:99:6D:04:4A:66:CC:83:93:E6:53:F9
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/F3kQmtsKG6gumW0ESmbMg5PmU_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:c160:4fa0/128
Signature Algorithm: sha256WithRSAEncryption
0b:31:ba:46:87:d4:25:f8:83:bf:e6:8a:9e:a9:1f:87:08:57:
bc:61:c4:74:50:16:63:a9:6c:b7:15:21:08:c7:5c:aa:1e:f6:
fa:bf:50:df:49:cc:4f:65:ab:f1:a8:db:72:27:7f:7e:ec:d2:
0b:51:5d:56:7e:7d:cf:7d:87:7f:69:4d:df:ac:92:b2:42:3c:
65:ed:7f:68:16:ec:52:f2:fa:80:6e:e4:a0:9b:6b:29:c8:d0:
d5:d7:d0:df:34:59:ef:90:c9:48:88:7a:64:94:59:de:2c:d6:
70:c9:7f:5d:7a:9b:4b:69:73:6b:a6:2a:26:ee:d9:7a:13:23:
29:5f:ca:ec:ad:f8:1a:8c:9c:5f:4a:a7:98:ed:6d:7b:fe:ae:
47:cc:0d:0d:d7:31:ad:ef:51:aa:52:57:ed:0e:3d:fa:9c:9f:
16:28:ec:9d:c4:97:19:47:b0:07:55:57:c4:de:69:ae:39:a6:
6c:13:40:18:ad:95:f8:af:ea:11:54:44:b1:11:e7:78:45:45:
eb:52:3d:dd:54:67:a7:36:60:94:9b:b8:5b:44:b7:8d:c7:01:
ae:fe:7e:7b:b9:a7:5e:97:7c:9d:5d:de:67:79:e4:d2:90:30:
30:41:96:69:4b:79:59:19:3f:87:49:21:4d:3b:4b:53:eb:75:
81:de:31:ef
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbBYITEmzvFxW5MSG5yea83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTExMjIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc5MTA5YWRiMGExYmE4MmU5OTZkMDQ0YTY2Y2M4MzkzZTY1M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApExEx5ZDJ881Bv2zda3j3bbY0coq
oW6JGIBNmUit6o7yZtengA4Jle9udNFT7IYfZHxADY2mdkOonChRm5ODoxdGqdUZ
lDx63K8y2zTv4zJBWeLRtDhIVsMP/iP+I1gaIrHOIkgIbsCDx/lC1sPfmUnJFmBP
saOu13TffjLAsa5Qa509enA94dRBiQjgAaOV8BUzpnAWIn7A4sd9ZPVYxt4exUzp
4hb40lg5zYzCaFpf3gz6vhIuQ0SOVEupzNj6NIZGxTXi9wNJnrSvJM5F53uID9sU
kDf3rnMyri5oHbvhdvBgvfFfEag8xy3Z/cDXyT1eoEW+EGkYtE0uQOTolwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBd5EJrbChuoLpltBEpmzIOT5lP5MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvRjNrUW10c0tHNmd1bVcwRVNtYk1nNVBtVV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWwWBPoDANBgkqhkiG9w0BAQsFAAOCAQEACzG6RofUJfiDv+aKnqkfhwhX
vGHEdFAWY6lstxUhCMdcqh72+r9Q30nMT2Wr8ajbcid/fuzSC1FdVn59z32Hf2lN
36ySskI8Ze1/aBbsUvL6gG7koJtrKcjQ1dfQ3zRZ75DJSIh6ZJRZ3izWcMl/XXqb
S2lza6YqJu7ZehMjKV/K7K34GoycX0qnmO1te/6uR8wNDdcxre9RqlJX7Q49+pyf
FijsncSXGUewB1VXxN5prjmmbBNAGK2V+K/qEVREsRHneEVF61I93VRnpzZglJu4
W0S3jccBrv5+e7mnXpd8nV3eZ3nk0pAwMEGWaUt5WRk/h0khTTtLU+t1gd4x7w==
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:16:30 2025 by rpki-client