Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HPfqusYd-ZNWPD0Icu19T4_yFck.roa
File: HPfqusYd-ZNWPD0Icu19T4_yFck.roa (raw, json)
Hash identifier: SU1mtWqU+zbX+ObkSCcFim7HbM2XC4udtWhggB0cC0E=
Subject key identifier: 1C:F7:EA:BA:C6:1D:F9:93:56:3C:3D:08:72:ED:7D:4F:8F:F2:15:C9
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196CE0A670EF9C5D9D251AA83BE5423AF5C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HPfqusYd-ZNWPD0Icu19T4_yFck.roa
Signing time: Wed 14 May 2025 09:05:10 +0000
ROA not before: Wed 14 May 2025 09:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ce09:98e7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:0a:67:0e:f9:c5:d9:d2:51:aa:83:be:54:23:af:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 14 09:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cf7eabac61df993563c3d0872ed7d4f8ff215c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:3a:aa:2d:a0:6b:8d:19:f5:83:2b:37:df:
c0:55:58:ba:e2:10:4e:ef:86:da:c4:68:5d:44:d4:
1c:c8:17:8b:4b:75:a6:62:2c:7b:69:a8:c1:f5:9e:
66:db:4f:37:2e:c3:e2:bb:14:7b:03:12:b5:79:89:
95:6c:97:06:c4:22:f6:95:bf:10:7e:9a:f6:75:3c:
86:73:62:bb:8f:57:7d:3a:d8:bc:3d:2c:23:bc:3c:
1b:7d:ad:ce:95:2b:c5:67:95:92:8d:17:d9:ac:60:
47:1d:d5:21:fa:3c:41:62:59:33:5d:94:e5:6b:4b:
e7:6c:16:d7:d1:8b:13:3e:97:0a:20:ca:e6:41:08:
6a:56:87:9e:3b:6e:50:8c:80:42:bd:5e:7f:ff:dd:
9d:19:6a:6e:a6:8f:a0:2a:33:65:96:5d:00:d9:44:
68:27:26:1a:08:80:01:ed:14:d9:08:f0:48:e0:6c:
3e:40:2d:6e:78:a2:22:41:a8:23:88:0a:e8:5d:30:
27:d7:4b:cf:91:f1:c0:59:ef:ad:af:da:f5:db:be:
e2:6e:8d:b9:9b:6d:81:8e:f8:89:76:b5:2d:11:98:
83:ee:51:4f:16:7b:45:9e:e0:65:ef:69:49:0a:3a:
5b:52:92:b9:37:1b:63:2d:8e:fa:d3:1a:c1:c3:a9:
60:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F7:EA:BA:C6:1D:F9:93:56:3C:3D:08:72:ED:7D:4F:8F:F2:15:C9
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/HPfqusYd-ZNWPD0Icu19T4_yFck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ce09:98e7/128
Signature Algorithm: sha256WithRSAEncryption
0b:25:f2:75:c2:9e:f5:a3:7d:f2:fa:50:95:77:5c:bc:44:04:
16:57:d0:30:1b:b7:35:5b:7b:33:33:63:6c:0e:ef:85:c4:f3:
e0:a1:be:31:ed:c9:13:cf:c2:e1:a2:61:4e:bf:59:6e:e9:e3:
ec:f4:e2:1f:2c:e7:35:c6:e3:10:2a:01:71:a5:dc:83:a4:f5:
0d:d6:4b:7c:70:44:7b:74:a5:10:86:97:29:98:ed:28:5f:25:
e8:17:48:e2:0b:b8:72:9a:1a:c8:5f:40:25:74:58:78:75:f9:
f9:f3:2c:e3:d4:81:75:e9:57:42:fb:f5:f1:da:3f:ab:4c:03:
7e:2f:0a:61:0c:ee:23:ec:03:48:c5:ac:29:2c:71:fa:00:b6:
f5:67:48:d8:9f:97:63:51:40:12:8a:47:02:2d:33:0a:dd:1d:
2f:5a:1a:4e:79:c2:01:f5:b1:d1:fb:79:29:d4:79:84:d5:33:
4e:72:bb:69:1d:d3:be:04:e3:c8:1a:3a:98:f4:4c:9b:45:d9:
bc:5c:35:7b:0c:09:d9:d0:76:bd:f1:3b:36:c8:97:df:65:8c:
05:cd:fe:e6:ff:79:85:f1:6e:6f:72:c0:e7:76:d7:25:e0:ce:
09:59:38:3a:a5:d4:98:af:d0:71:85:60:df:53:31:7c:73:f2:
fb:41:5c:b3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbOCmcO+cXZ0lGqg75UI69cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE0MDkwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y3ZWFiYWM2MWRmOTkzNTYzYzNkMDg3MmVkN2Q0ZjhmZjIxNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw46qi2ga40Z9YMrN9/AVVi64hBO
74baxGhdRNQcyBeLS3WmYix7aajB9Z5m2083LsPiuxR7AxK1eYmVbJcGxCL2lb8Q
fpr2dTyGc2K7j1d9Oti8PSwjvDwbfa3OlSvFZ5WSjRfZrGBHHdUh+jxBYlkzXZTl
a0vnbBbX0YsTPpcKIMrmQQhqVoeeO25QjIBCvV5//92dGWpupo+gKjNlll0A2URo
JyYaCIAB7RTZCPBI4Gw+QC1ueKIiQagjiAroXTAn10vPkfHAWe+tr9r1277ibo25
m22BjviJdrUtEZiD7lFPFntFnuBl72lJCjpbUpK5NxtjLY760xrBw6lgdQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBz36rrGHfmTVjw9CHLtfU+P8hXJMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvSFBmcXVzWWQtWk5XUEQwSWN1MTlUNF95RmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWzgmY5zANBgkqhkiG9w0BAQsFAAOCAQEACyXydcKe9aN98vpQlXdcvEQE
FlfQMBu3NVt7MzNjbA7vhcTz4KG+Me3JE8/C4aJhTr9Zbunj7PTiHyznNcbjECoB
caXcg6T1DdZLfHBEe3SlEIaXKZjtKF8l6BdI4gu4cpoayF9AJXRYeHX5+fMs49SB
delXQvv18do/q0wDfi8KYQzuI+wDSMWsKSxx+gC29WdI2J+XY1FAEopHAi0zCt0d
L1oaTnnCAfWx0ft5KdR5hNUzTnK7aR3TvgTjyBo6mPRMm0XZvFw1ewwJ2dB2vfE7
NsiX32WMBc3+5v95hfFub3LA53bXJeDOCVk4OqXUmK/QcYVg31MxfHPy+0Fcsw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:17:47 2025 by rpki-client