Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KCjkdpjrTjA4x47SM6t4EpwSvPE.roa
File: KCjkdpjrTjA4x47SM6t4EpwSvPE.roa (raw, json)
Hash identifier: 9vkpb8/xGFw2zcR+G7JhxcPBY2Y4hoiEuKGcxauufJ8=
Subject key identifier: 28:28:E4:76:98:EB:4E:30:38:C7:8E:D2:33:AB:78:12:9C:12:BC:F1
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197090C5DDD934343B2D43D94D332570CF0
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KCjkdpjrTjA4x47SM6t4EpwSvPE.roa
Signing time: Sun 25 May 2025 20:04:54 +0000
ROA not before: Sun 25 May 2025 20:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:90b:9bdb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:09:0c:5d:dd:93:43:43:b2:d4:3d:94:d3:32:57:0c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 25 20:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2828e47698eb4e3038c78ed233ab78129c12bcf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:64:27:ec:c6:0f:26:5f:4d:f9:b7:c5:62:97:
ea:99:55:8a:74:45:aa:4e:ac:10:9f:09:96:2a:6e:
f0:e4:22:2c:1f:af:68:db:ed:58:67:f3:70:06:2b:
fd:0f:67:31:8f:c9:d4:64:d9:59:b2:f3:12:c4:dc:
cd:1a:1e:fa:39:9d:be:7a:98:c3:b7:6f:fd:5a:ca:
c0:65:7a:ee:7f:c2:0e:bf:fa:2e:0e:41:a5:34:ad:
f5:8d:b3:40:f2:21:85:c3:77:61:a5:1d:56:c4:e0:
1d:3a:4d:8d:58:35:94:ba:dc:5b:72:be:ad:44:4a:
bb:89:1c:fb:67:d2:09:02:da:76:b9:e5:19:c5:83:
16:87:0d:f3:c0:ec:b8:25:f3:48:d7:25:85:8d:22:
cc:c3:17:38:fd:f7:bf:52:8c:60:3b:5a:1e:c7:85:
8b:ff:fd:14:56:ec:c1:cf:7f:b1:05:e2:0b:07:08:
56:7a:5b:f7:70:04:14:84:ec:1e:fc:e1:79:e2:ab:
24:c2:bc:17:57:ea:5f:b5:10:10:5a:54:8d:03:6b:
ed:d1:b7:b6:29:03:a2:11:4b:06:47:e9:bd:46:56:
00:da:df:c2:29:18:1c:de:0e:d3:5e:b2:d1:01:1d:
85:5e:fa:66:45:48:76:4a:ad:50:06:fe:58:fc:51:
ab:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:28:E4:76:98:EB:4E:30:38:C7:8E:D2:33:AB:78:12:9C:12:BC:F1
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/KCjkdpjrTjA4x47SM6t4EpwSvPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:90b:9bdb/128
Signature Algorithm: sha256WithRSAEncryption
8a:15:bd:d9:8d:2c:d0:45:4f:f6:03:ae:f1:a8:0d:11:3d:6b:
5e:af:4b:3e:eb:61:4c:fd:70:b7:f5:de:9a:ee:8d:23:6b:c1:
a3:92:ea:9e:72:be:2c:32:43:16:4b:e0:5c:f9:60:0e:10:d3:
15:f3:c9:3c:64:18:98:c8:07:27:61:e9:a1:bd:42:a8:e7:11:
3b:3a:cf:4a:d9:39:22:94:08:7f:af:3d:f6:5a:36:79:67:d5:
a7:a3:24:ac:b7:21:48:fd:b0:cd:d0:cd:b4:37:78:31:9a:46:
07:1e:a2:a9:49:45:32:07:54:ab:00:03:aa:01:8a:50:18:bd:
55:dc:fd:6c:d3:ea:02:0b:06:61:e4:7e:18:26:46:84:9e:45:
7c:c6:b8:10:a6:52:72:ad:ca:9f:40:20:d3:54:9f:90:79:c6:
f7:cf:e3:d1:81:5e:6f:a2:45:04:fa:f7:7a:df:1c:1f:63:ba:
d1:3e:7a:0e:92:59:b9:ba:aa:b1:8e:47:10:02:d6:fd:a1:3a:
0b:82:5f:55:29:62:f7:44:93:9b:31:52:34:fb:39:7b:2c:1f:
2b:a7:65:72:74:cc:5d:ff:e0:44:06:6d:4d:83:e3:ca:ab:75:
51:67:b2:73:c0:24:30:69:1d:42:04:a9:bb:fd:53:b0:34:e4:
44:a2:63:92
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZcJDF3dk0NDstQ9lNMyVwzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI1MjAwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI4ZTQ3Njk4ZWI0ZTMwMzhjNzhlZDIzM2FiNzgxMjljMTJiY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomQn7MYPJl9N+bfFYpfqmVWKdEWq
TqwQnwmWKm7w5CIsH69o2+1YZ/NwBiv9D2cxj8nUZNlZsvMSxNzNGh76OZ2+epjD
t2/9WsrAZXruf8IOv/ouDkGlNK31jbNA8iGFw3dhpR1WxOAdOk2NWDWUutxbcr6t
REq7iRz7Z9IJAtp2ueUZxYMWhw3zwOy4JfNI1yWFjSLMwxc4/fe/UoxgO1oex4WL
//0UVuzBz3+xBeILBwhWelv3cAQUhOwe/OF54qskwrwXV+pftRAQWlSNA2vt0be2
KQOiEUsGR+m9RlYA2t/CKRgc3g7TXrLRAR2FXvpmRUh2Sq1QBv5Y/FGr2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCgo5HaY604wOMeO0jOreBKcErzxMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvS0Nqa2RwanJUakE0eDQ3U002dDRFcHdTdlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlwkLm9swDQYJKoZIhvcNAQELBQADggEB
AIoVvdmNLNBFT/YDrvGoDRE9a16vSz7rYUz9cLf13prujSNrwaOS6p5yviwyQxZL
4Fz5YA4Q0xXzyTxkGJjIBydh6aG9QqjnETs6z0rZOSKUCH+vPfZaNnln1aejJKy3
IUj9sM3QzbQ3eDGaRgceoqlJRTIHVKsAA6oBilAYvVXc/WzT6gILBmHkfhgmRoSe
RXzGuBCmUnKtyp9AINNUn5B5xvfP49GBXm+iRQT693rfHB9jutE+eg6SWbm6qrGO
RxAC1v2hOguCX1UpYvdEk5sxUjT7OXssHyunZXJ0zF3/4EQGbU2D48qrdVFnsnPA
JDBpHUIEqbv9U7A05ESiY5I=
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:32:11 2025 by rpki-client