Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UmeH7HPiC83x6IxA4p_rLjsiy2k.roa
File: UmeH7HPiC83x6IxA4p_rLjsiy2k.roa (raw, json)
Hash identifier: N2QdxBA4x2LqQKwTW09bY+4+ufn0+UXIt7X9iw1XF84=
Subject key identifier: 52:67:87:EC:73:E2:0B:CD:F1:E8:8C:40:E2:9F:EB:2E:3B:22:CB:69
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01975D6BD68F540082A5009B90A7A3C81A27
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UmeH7HPiC83x6IxA4p_rLjsiy2k.roa
Signing time: Wed 11 Jun 2025 05:17:17 +0000
ROA not before: Wed 11 Jun 2025 05:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:6b:d6:8f:54:00:82:a5:00:9b:90:a7:a3:c8:1a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 11 05:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=526787ec73e20bcdf1e88c40e29feb2e3b22cb69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:3c:5a:2b:29:ac:43:a9:22:fb:fe:1c:6e:
7f:3f:7b:2e:74:26:72:57:f9:f2:2f:74:67:bb:59:
17:13:1a:b8:48:22:49:40:19:fb:ae:b9:3f:50:53:
43:f8:75:44:22:3b:cb:3f:1b:d9:b3:94:86:11:a4:
48:ae:f4:d2:61:d3:7b:37:f5:17:07:8e:70:00:4d:
a2:8c:3d:a1:0f:f7:c2:02:5f:81:5d:18:9f:4e:96:
1c:3d:38:3a:bf:bc:41:d0:f1:90:d6:7e:8d:ef:19:
24:e2:e4:69:5e:93:dc:27:9a:6a:93:23:7b:58:8e:
52:0e:c1:20:32:df:9d:33:3d:7e:ec:7f:69:82:ad:
24:dd:09:f7:c5:d7:0d:b8:18:d4:6d:b5:ba:76:59:
fc:c3:d6:f4:5d:cc:3b:a5:ac:36:7d:58:58:1e:a0:
33:b2:aa:51:64:18:df:2e:12:14:1f:93:74:bc:f0:
06:b5:80:58:3b:b1:0f:ac:46:5b:94:49:11:27:7f:
ee:68:4c:1d:33:8d:b5:08:93:dd:a4:5d:f9:9c:72:
a5:5f:52:e4:06:a7:50:81:ca:f9:fb:b0:35:c8:c7:
e7:90:87:41:76:81:e1:bd:39:4f:ab:fe:c5:6f:23:
cb:c9:1b:3a:b6:da:45:f1:8a:34:d7:d7:dd:1a:5c:
64:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:67:87:EC:73:E2:0B:CD:F1:E8:8C:40:E2:9F:EB:2E:3B:22:CB:69
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/UmeH7HPiC83x6IxA4p_rLjsiy2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
57:92:d5:ed:4f:ec:6d:9a:09:df:b4:c7:e6:d4:b1:80:6b:47:
3f:cd:83:8c:37:96:61:79:1b:6b:11:d5:cb:13:0f:04:ad:23:
53:c5:14:8c:9a:76:d1:07:7c:c0:a1:fe:1e:e4:a7:0e:df:cf:
9c:d7:c5:d1:4f:3a:cc:04:08:a0:bc:56:1d:78:e4:1f:ba:a0:
1b:3c:9d:1e:47:b2:8c:3b:8f:4e:9c:32:8a:a0:3a:f9:b8:9f:
f2:12:b3:87:56:0f:72:67:9e:2c:5a:df:e8:71:85:c8:cb:ce:
8e:d2:1c:56:90:d7:4a:00:40:db:23:72:87:2c:27:2c:0e:c6:
86:6b:54:38:b4:4b:97:c4:36:12:cc:6c:3d:33:77:43:69:49:
17:c9:07:94:89:d8:ac:8f:13:56:98:1d:23:07:ac:a7:cd:23:
35:90:85:f1:8d:86:95:eb:8b:0d:30:fd:f7:e4:21:38:73:f4:
01:38:e0:b6:08:c2:c1:4b:3e:07:a2:ec:f4:30:eb:af:27:23:
b7:7c:4d:d2:1c:f5:80:57:55:18:6d:6d:23:43:05:ee:7f:13:
b1:8c:64:91:e1:8e:36:53:36:1b:ac:91:d1:5b:7b:ae:67:c1:
0f:d8:71:0d:c9:1a:c5:f4:64:76:32:16:37:a7:32:0b:cc:63:
8d:10:4a:72
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdda9aPVACCpQCbkKejyBonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjExMDUxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjY3ODdlYzczZTIwYmNkZjFlODhjNDBlMjlmZWIyZTNiMjJjYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZI8WisprEOpIvv+HG5/P3sudCZy
V/nyL3Rnu1kXExq4SCJJQBn7rrk/UFND+HVEIjvLPxvZs5SGEaRIrvTSYdN7N/UX
B45wAE2ijD2hD/fCAl+BXRifTpYcPTg6v7xB0PGQ1n6N7xkk4uRpXpPcJ5pqkyN7
WI5SDsEgMt+dMz1+7H9pgq0k3Qn3xdcNuBjUbbW6dln8w9b0Xcw7paw2fVhYHqAz
sqpRZBjfLhIUH5N0vPAGtYBYO7EPrEZblEkRJ3/uaEwdM421CJPdpF35nHKlX1Lk
BqdQgcr5+7A1yMfnkIdBdoHhvTlPq/7FbyPLyRs6ttpF8Yo019fdGlxkywIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFJnh+xz4gvN8eiMQOKf6y47IstpMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvVW1lSDdIUGlDODN4Nkl4QTRwX3JManNpeTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAV5LV7U/sbZoJ
37TH5tSxgGtHP82DjDeWYXkbaxHVyxMPBK0jU8UUjJp20Qd8wKH+HuSnDt/PnNfF
0U86zAQIoLxWHXjkH7qgGzydHkeyjDuPTpwyiqA6+bif8hKzh1YPcmeeLFrf6HGF
yMvOjtIcVpDXSgBA2yNyhywnLA7GhmtUOLRLl8Q2EsxsPTN3Q2lJF8kHlInYrI8T
VpgdIwesp80jNZCF8Y2GleuLDTD99+QhOHP0ATjgtgjCwUs+B6Ls9DDrrycjt3xN
0hz1gFdVGG1tI0MF7n8TsYxkkeGONlM2G6yR0Vt7rmfBD9hxDckaxfRkdjIWN6cy
C8xjjRBKcg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:19:31 2025 by rpki-client