Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NjhtF1n5eSWTAMVfGpzTY_tnj8I.roa
File: NjhtF1n5eSWTAMVfGpzTY_tnj8I.roa (raw, json)
Hash identifier: m59ZnlZdGwUeq5N8/nAdOh5ic+7gp3x0C/U2qRCJV3M=
Subject key identifier: 36:38:6D:17:59:F9:79:25:93:00:C5:5F:1A:9C:D3:63:FB:67:8F:C2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01962D8960115B6EEB495D60DD90FA37E9F2
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NjhtF1n5eSWTAMVfGpzTY_tnj8I.roa
Signing time: Sun 13 Apr 2025 05:04:59 +0000
ROA not before: Sun 13 Apr 2025 05:04:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:2d88:7d94/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2d:89:60:11:5b:6e:eb:49:5d:60:dd:90:fa:37:e9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 13 05:04:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36386d1759f979259300c55f1a9cd363fb678fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:46:e0:23:ad:a3:dd:e9:39:19:3c:1a:05:
31:b1:29:00:7c:dc:ea:cd:b9:8d:1b:5e:43:e5:4a:
45:cd:e2:90:5d:4d:67:e9:bb:84:27:73:24:0b:5f:
7b:97:03:e3:fe:21:71:00:da:9e:4b:5c:30:45:fc:
3c:20:90:c2:8a:a5:b6:38:c3:aa:84:67:40:36:85:
77:be:84:f2:43:8a:ca:3d:a5:53:c6:37:5c:15:c2:
c1:b4:45:01:56:bb:92:24:87:3b:8f:b0:65:a0:5a:
fd:cc:17:ce:40:02:b8:c6:2b:82:2c:70:63:1a:2d:
75:d6:ca:9b:7e:00:61:5e:28:ed:df:65:53:98:01:
2e:ee:57:92:9e:8a:2d:20:79:bc:34:d1:11:b8:55:
4e:2a:6e:65:97:1d:35:5b:4d:5b:52:fc:03:2f:e4:
cd:61:23:b6:8e:be:eb:99:24:29:3b:ba:2c:70:64:
d7:83:7b:c8:ff:73:77:f0:29:9c:bf:41:8d:32:8a:
66:3b:64:3f:3d:14:33:a1:50:42:42:3e:db:d4:fa:
fe:d3:ca:87:38:e0:3b:1c:f7:4f:8f:61:5c:4d:b4:
29:bc:70:e4:88:dc:d9:c8:3d:da:8a:85:ba:d2:cf:
b0:12:cb:3b:ca:96:7c:c2:85:bf:aa:da:f2:99:12:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:38:6D:17:59:F9:79:25:93:00:C5:5F:1A:9C:D3:63:FB:67:8F:C2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NjhtF1n5eSWTAMVfGpzTY_tnj8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:2d88:7d94/128
Signature Algorithm: sha256WithRSAEncryption
c2:e1:26:4d:25:6c:14:c6:4e:80:be:2f:f8:9a:12:10:cb:c3:
1c:b8:c7:8e:22:00:f2:81:cd:02:0d:d1:d6:48:00:a1:7f:f9:
2b:2c:5a:ca:cb:3e:f2:bb:15:44:be:54:dd:a2:c1:5b:48:62:
b5:8f:7c:af:34:88:7c:ce:f8:a3:ae:5c:7f:75:34:32:d4:5e:
7a:68:c2:ff:4c:1f:1e:a1:eb:c4:68:4f:4f:30:2a:73:cb:41:
4b:ab:a9:16:dc:52:b7:0f:db:7c:0e:66:85:a5:5f:bf:a5:d0:
a0:bc:61:5f:d1:83:8f:6e:b3:10:f1:a8:a0:c8:f1:be:93:12:
be:d9:ef:b4:03:f8:e5:f0:98:4a:b3:4d:b8:96:ab:39:2d:34:
93:b8:d7:87:fe:6e:61:6c:8a:5d:cf:32:f1:f8:3b:2a:c1:c2:
b0:22:8a:02:74:da:49:b1:14:15:02:15:63:97:0d:6e:21:e6:
e2:d6:fd:65:97:18:61:91:39:e3:1b:c2:6d:da:c6:42:31:1f:
56:56:bb:98:4c:1a:fc:ef:37:8c:9e:39:f1:06:e5:13:ac:0b:
07:42:fb:90:81:76:98:aa:d7:c8:8a:ae:43:e8:fa:c1:a8:4c:
18:07:26:f6:94:92:a0:7f:32:cb:f8:56:7b:0e:19:9e:e8:f8:
6d:4c:ef:c8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYtiWARW27rSV1g3ZD6N+nyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDEzMDUwNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM4NmQxNzU5Zjk3OTI1OTMwMGM1NWYxYTljZDM2M2ZiNjc4ZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS5G4COto93pORk8GgUxsSkAfNzq
zbmNG15D5UpFzeKQXU1n6buEJ3MkC197lwPj/iFxANqeS1wwRfw8IJDCiqW2OMOq
hGdANoV3voTyQ4rKPaVTxjdcFcLBtEUBVruSJIc7j7BloFr9zBfOQAK4xiuCLHBj
Gi111sqbfgBhXijt32VTmAEu7leSnootIHm8NNERuFVOKm5llx01W01bUvwDL+TN
YSO2jr7rmSQpO7oscGTXg3vI/3N38Cmcv0GNMopmO2Q/PRQzoVBCQj7b1Pr+08qH
OOA7HPdPj2FcTbQpvHDkiNzZyD3aioW60s+wEss7ypZ8woW/qtrymRKw4wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDY4bRdZ+XklkwDFXxqc02P7Z4/CMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTmpodEYxbjVlU1dUQU1WZkdwelRZX3RuajhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWLYh9lDANBgkqhkiG9w0BAQsFAAOCAQEAwuEmTSVsFMZOgL4v+JoSEMvD
HLjHjiIA8oHNAg3R1kgAoX/5Kyxayss+8rsVRL5U3aLBW0hitY98rzSIfM74o65c
f3U0MtReemjC/0wfHqHrxGhPTzAqc8tBS6upFtxStw/bfA5mhaVfv6XQoLxhX9GD
j26zEPGooMjxvpMSvtnvtAP45fCYSrNNuJarOS00k7jXh/5uYWyKXc8y8fg7KsHC
sCKKAnTaSbEUFQIVY5cNbiHm4tb9ZZcYYZE54xvCbdrGQjEfVla7mEwa/O83jJ45
8QblE6wLB0L7kIF2mKrXyIquQ+j6wahMGAcm9pSSoH8yy/hWew4Znuj4bUzvyA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:28:38 2025 by rpki-client