Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MAg4I6Ds3h9RomsqP5eclCMV6KE.roa
File: MAg4I6Ds3h9RomsqP5eclCMV6KE.roa (raw, json)
Hash identifier: tU7b7DqjA1QJ+0CrwLw9vEvnBVOYYzBPaSCdQeo75c8=
Subject key identifier: 30:08:38:23:A0:EC:DE:1F:51:A2:6B:2A:3F:97:9C:94:23:15:E8:A1
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972D8E12230E6239AE3A04319D0EFA49F5
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MAg4I6Ds3h9RomsqP5eclCMV6KE.roa
Signing time: Sun 01 Jun 2025 22:12:54 +0000
ROA not before: Sun 01 Jun 2025 22:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2d:8e:12:23:0e:62:39:ae:3a:04:31:9d:0e:fa:49:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 1 22:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30083823a0ecde1f51a26b2a3f979c942315e8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d8:d7:a3:94:dd:c7:7a:9e:87:97:c5:51:8e:
02:61:74:c2:16:95:83:70:ae:6c:3c:f1:30:9d:ad:
73:29:26:fb:8d:a4:ac:cd:2f:a0:4e:6b:31:4e:77:
0d:e0:51:e2:a6:1f:4c:79:e0:c1:ff:36:12:38:53:
57:b4:d0:ae:29:70:c8:72:4a:39:59:b8:7d:8c:68:
da:87:44:86:eb:40:a6:b1:b4:04:57:62:99:41:93:
1d:7d:b4:69:a6:15:19:88:60:eb:ba:07:06:79:13:
76:8e:70:a8:34:bb:77:a8:91:c0:ff:68:d7:42:06:
97:27:e5:9b:f3:5f:e3:4b:e6:04:e3:56:62:25:c7:
3d:2f:2a:d2:d9:16:0e:70:64:3c:31:09:96:2f:55:
44:b8:fd:a6:85:ab:91:dd:33:35:bb:88:cf:c1:fc:
d4:87:67:7b:27:c7:9e:f9:67:bd:91:fb:c2:13:20:
07:3e:f5:5e:a2:74:57:3d:69:a6:bd:9d:2b:5a:a3:
68:69:b7:43:99:41:a6:91:f6:c8:c1:75:e0:76:54:
fc:6c:7f:12:61:19:9d:7c:76:4b:cb:f4:e2:53:90:
85:63:33:fe:6b:d5:fe:bb:3e:71:c6:ea:9b:f7:45:
27:83:df:b2:ce:17:31:a3:3d:27:9a:12:37:43:14:
94:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:08:38:23:A0:EC:DE:1F:51:A2:6B:2A:3F:97:9C:94:23:15:E8:A1
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MAg4I6Ds3h9RomsqP5eclCMV6KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
87:53:13:bc:ae:a8:26:3e:1c:d3:9a:26:a3:5f:85:ca:3f:d9:
94:17:23:f5:a5:e8:1f:2e:84:16:62:3a:10:55:25:6b:6b:30:
88:c3:04:6a:b1:2d:00:f8:dc:53:ab:eb:cb:b8:22:04:ac:d7:
cb:d2:78:bd:5e:ba:f6:11:c1:86:2e:0e:09:e7:f7:e6:31:5c:
48:49:15:6f:62:cf:5b:b0:12:f7:a7:2e:0b:96:4d:bc:d5:39:
2d:79:d8:be:f5:a8:09:e2:2c:5c:66:2e:d8:15:01:f5:9a:42:
2e:89:14:c6:79:5a:5f:a4:ba:07:6f:92:c4:78:2c:34:d8:b0:
73:e0:e7:55:db:76:73:9c:af:2f:91:4f:1e:51:cf:c4:c5:9b:
82:c6:f4:51:a9:df:e7:8c:4b:51:ca:4a:b4:a4:90:41:73:f0:
09:95:73:60:60:e3:f9:aa:a4:d4:f0:7e:19:84:c9:a7:22:32:
18:b8:75:ff:35:7f:54:72:28:be:b3:0d:eb:17:86:cc:55:0f:
8c:91:fe:1d:ad:c4:68:a7:23:2c:ec:d0:cb:74:a6:ee:17:7b:
87:f5:73:a5:bc:78:c2:be:55:58:85:9a:57:2c:50:c4:c0:92:
8f:dc:b0:8c:65:0a:4a:14:8b:c5:0e:08:95:05:ed:64:1a:38:
93:2d:69:04
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZctjhIjDmI5rjoEMZ0O+kn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAxMjIxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA4MzgyM2EwZWNkZTFmNTFhMjZiMmEzZjk3OWM5NDIzMTVlOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNjXo5Tdx3qeh5fFUY4CYXTCFpWD
cK5sPPEwna1zKSb7jaSszS+gTmsxTncN4FHiph9MeeDB/zYSOFNXtNCuKXDIcko5
Wbh9jGjah0SG60CmsbQEV2KZQZMdfbRpphUZiGDrugcGeRN2jnCoNLt3qJHA/2jX
QgaXJ+Wb81/jS+YE41ZiJcc9LyrS2RYOcGQ8MQmWL1VEuP2mhauR3TM1u4jPwfzU
h2d7J8ee+We9kfvCEyAHPvVeonRXPWmmvZ0rWqNoabdDmUGmkfbIwXXgdlT8bH8S
YRmdfHZLy/TiU5CFYzP+a9X+uz5xxuqb90Ung9+yzhcxoz0nmhI3QxSUwwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDAIOCOg7N4fUaJrKj+XnJQjFeihMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTUFnNEk2RHMzaDlSb21zcVA1ZWNsQ01WNktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQCHUxO8rqgmPhzTmiajX4XKP9mUFyP1pegfLoQW
YjoQVSVrazCIwwRqsS0A+NxTq+vLuCIErNfL0ni9Xrr2EcGGLg4J5/fmMVxISRVv
Ys9bsBL3py4Llk281Tktedi+9agJ4ixcZi7YFQH1mkIuiRTGeVpfpLoHb5LEeCw0
2LBz4OdV23ZznK8vkU8eUc/ExZuCxvRRqd/njEtRykq0pJBBc/AJlXNgYOP5qqTU
8H4ZhMmnIjIYuHX/NX9Ucii+sw3rF4bMVQ+Mkf4drcRopyMs7NDLdKbuF3uH9XOl
vHjCvlVYhZpXLFDEwJKP3LCMZQpKFIvFDgiVBe1kGjiTLWkE
-----END CERTIFICATE-----
Generated at Mon Jun 16 07:00:01 2025 by rpki-client