Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MkmD5WZmI5bcELapvxhb1eEa2wU.roa
File: MkmD5WZmI5bcELapvxhb1eEa2wU.roa (raw, json)
Hash identifier: vtGH8//sf5oSFgwHRAcxhTMsJ0OXOOG/TtY2l+qJRH4=
Subject key identifier: 32:49:83:E5:66:66:23:96:DC:10:B6:A9:BF:18:5B:D5:E1:1A:DB:05
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019753BE6BE1967DA02135D19E8564B81FAC
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MkmD5WZmI5bcELapvxhb1eEa2wU.roa
Signing time: Mon 09 Jun 2025 08:11:17 +0000
ROA not before: Mon 09 Jun 2025 08:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:be:6b:e1:96:7d:a0:21:35:d1:9e:85:64:b8:1f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 9 08:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324983e566662396dc10b6a9bf185bd5e11adb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3a:5c:4d:4b:3b:9a:aa:9e:4e:b7:45:c4:11:
01:6b:15:31:fb:aa:19:3b:0e:86:6b:5c:86:b2:84:
21:f0:6f:7b:8f:81:43:d4:59:ba:b4:94:64:f6:b6:
4c:24:06:be:8a:14:2f:4d:9b:9b:45:68:28:2f:84:
84:9b:dd:db:25:a2:dc:e1:5e:a7:03:c6:3c:83:d9:
52:41:a2:66:b9:ff:d5:fc:a7:a5:ef:d8:2b:62:d5:
00:93:ea:4e:5a:e1:72:2e:cd:85:15:1c:44:08:ce:
98:67:f8:f5:5d:27:db:25:ca:32:24:4c:f4:05:60:
5a:9e:1f:f7:f5:09:f8:52:71:19:e8:73:6b:8c:59:
48:80:7d:b9:f1:04:cd:f7:ae:1c:95:2c:26:b5:b4:
f8:54:b0:05:31:7c:25:08:df:51:1a:58:43:67:5f:
a5:b0:70:17:11:c9:f6:23:d3:c1:b2:15:4e:7b:fb:
61:35:40:06:56:de:1d:49:5d:7a:19:91:80:94:ab:
09:88:6f:4a:13:73:33:74:d4:9f:84:84:cb:5a:c6:
6e:a9:c5:9c:05:9a:64:ae:60:8f:91:0c:13:ae:63:
b2:37:fe:01:34:70:2f:62:76:c2:94:90:20:f0:48:
be:6c:e3:26:80:1f:be:93:65:f7:fc:7c:30:eb:7c:
0d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:49:83:E5:66:66:23:96:DC:10:B6:A9:BF:18:5B:D5:E1:1A:DB:05
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/MkmD5WZmI5bcELapvxhb1eEa2wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
0f:a6:8b:99:2c:68:cc:eb:5a:9a:6a:e2:a2:ec:e2:c7:1d:d0:
6b:07:ac:3d:58:06:71:b2:f7:a7:c2:7a:da:82:e0:04:cf:70:
f0:6b:7f:23:72:37:1d:aa:c8:4f:38:d7:1a:6e:29:b8:8b:95:
81:4f:ed:0a:b3:42:10:0c:5c:bb:60:a5:ce:ba:86:18:d0:2d:
36:9a:5f:c5:55:32:8e:ff:74:24:ca:78:aa:63:4f:b2:d5:d8:
19:2e:9f:2d:c2:a3:0c:e6:22:fa:1f:34:71:4b:72:e9:a3:93:
0a:fa:18:98:98:2e:e7:04:41:f4:54:be:1b:12:64:70:43:fc:
8e:8a:d7:7e:ea:5f:18:de:e7:94:23:e7:cd:d6:08:72:c4:21:
9a:41:d6:95:52:dd:ba:64:f0:42:c4:09:13:57:78:f6:8e:c2:
f9:35:39:53:77:b6:3f:de:db:b3:c0:db:a5:51:37:d9:b2:45:
de:84:88:ec:8e:2c:6c:2c:5d:10:02:bd:94:1c:73:07:8c:78:
73:56:4e:ed:91:d2:78:13:99:01:47:95:ce:ff:53:2a:2d:78:
5d:42:64:96:c1:5f:49:06:73:62:69:03:16:28:0f:48:94:37:
f2:bc:96:6c:80:3a:f1:bc:1e:cd:5d:7b:5d:2b:37:75:2c:11:
ef:f6:1d:f1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdTvmvhln2gITXRnoVkuB+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA5MDgxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ5ODNlNTY2NjYyMzk2ZGMxMGI2YTliZjE4NWJkNWUxMWFkYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDpcTUs7mqqeTrdFxBEBaxUx+6oZ
Ow6Ga1yGsoQh8G97j4FD1Fm6tJRk9rZMJAa+ihQvTZubRWgoL4SEm93bJaLc4V6n
A8Y8g9lSQaJmuf/V/Kel79grYtUAk+pOWuFyLs2FFRxECM6YZ/j1XSfbJcoyJEz0
BWBanh/39Qn4UnEZ6HNrjFlIgH258QTN964clSwmtbT4VLAFMXwlCN9RGlhDZ1+l
sHAXEcn2I9PBshVOe/thNUAGVt4dSV16GZGAlKsJiG9KE3MzdNSfhITLWsZuqcWc
BZpkrmCPkQwTrmOyN/4BNHAvYnbClJAg8Ei+bOMmgB++k2X3/Hww63wN8QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDJJg+VmZiOW3BC2qb8YW9XhGtsFMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTWttRDVXWm1JNWJjRUxhcHZ4aGIxZUVhMndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAD6aLmSxozOta
mmriouzixx3QawesPVgGcbL3p8J62oLgBM9w8Gt/I3I3HarITzjXGm4puIuVgU/t
CrNCEAxcu2ClzrqGGNAtNppfxVUyjv90JMp4qmNPstXYGS6fLcKjDOYi+h80cUty
6aOTCvoYmJgu5wRB9FS+GxJkcEP8jorXfupfGN7nlCPnzdYIcsQhmkHWlVLdumTw
QsQJE1d49o7C+TU5U3e2P97bs8DbpVE32bJF3oSI7I4sbCxdEAK9lBxzB4x4c1ZO
7ZHSeBOZAUeVzv9TKi14XUJklsFfSQZzYmkDFigPSJQ38ryWbIA68bwezV17XSs3
dSwR7/Yd8Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:06:24 2025 by rpki-client