Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X5eEKKBsrwIxJo-sg3L6gZyHc9Y.roa
File: X5eEKKBsrwIxJo-sg3L6gZyHc9Y.roa (raw, json)
Hash identifier: uqEsGW/T0bKuzoUqzNOxFipyg5hiMnlEnf6qE8O42/8=
Subject key identifier: 5F:97:84:28:A0:6C:AF:02:31:26:8F:AC:83:72:FA:81:9C:87:73:D6
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01965CF56E8007FA63C529806A8D93DDD5DE
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X5eEKKBsrwIxJo-sg3L6gZyHc9Y.roa
Signing time: Tue 22 Apr 2025 10:05:10 +0000
ROA not before: Tue 22 Apr 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:5cf4:921a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:f5:6e:80:07:fa:63:c5:29:80:6a:8d:93:dd:d5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 22 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f978428a06caf0231268fac8372fa819c8773d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:bc:d5:a2:92:0f:4e:9d:aa:db:ee:3a:20:
e9:2f:a4:aa:ce:18:ba:6a:49:63:7d:f9:1c:22:ac:
55:a6:1c:ce:29:ce:88:4d:dd:40:b8:ce:67:42:70:
bb:38:ea:20:8d:b6:18:0f:13:3f:f7:f9:86:58:c4:
b9:bc:5e:5b:b5:db:d8:be:6b:2e:a2:7c:a3:19:a3:
52:98:6b:19:52:4b:a1:b6:2f:cf:bb:23:f4:09:be:
32:b1:b3:d0:12:78:df:75:04:c0:7a:5a:e7:c9:02:
3b:9c:fc:5d:69:48:e9:d9:9d:2a:f4:61:98:b1:9b:
b2:5b:34:a4:8b:31:ac:18:7a:c7:dd:9c:83:70:bc:
35:d0:b9:cf:ac:e6:d5:35:94:95:a3:88:19:72:ee:
09:93:cb:48:5e:1d:1f:53:00:25:7c:55:cf:c2:4e:
e6:68:bf:1b:d2:36:5c:65:77:82:91:20:c2:e0:9e:
f1:ee:72:7c:c6:61:15:cb:e0:17:23:72:60:ce:bd:
7f:a8:bb:d2:7a:67:7d:fa:bc:5f:f8:1e:45:cf:a2:
a8:2d:f9:10:54:7c:21:c7:fe:87:d9:70:79:86:91:
66:c3:85:bc:b4:1c:c5:0c:07:67:7e:c4:02:6c:43:
23:2f:9e:a2:61:fb:9b:59:39:1b:f6:08:8b:15:40:
24:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:97:84:28:A0:6C:AF:02:31:26:8F:AC:83:72:FA:81:9C:87:73:D6
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/X5eEKKBsrwIxJo-sg3L6gZyHc9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:5cf4:921a/128
Signature Algorithm: sha256WithRSAEncryption
bf:74:cd:9b:94:78:58:1c:79:00:5d:c5:2b:09:10:db:75:cf:
fd:51:7a:e4:b9:f5:7f:77:9e:5c:82:b9:10:4a:42:10:49:c9:
b3:45:4a:4f:e5:57:12:1f:9e:d9:6e:c5:4f:b5:e5:e8:d7:ce:
a7:7e:e7:3f:1d:b0:58:68:f7:7c:5e:d8:d1:b0:5b:3d:fc:70:
23:0d:9b:ec:1a:7a:d1:e4:d1:38:80:36:f4:71:61:39:1f:86:
2c:d3:94:fc:2a:22:de:47:67:0c:4c:a3:7d:15:62:7b:aa:63:
a1:7b:81:c1:c4:8c:d5:bb:95:bb:71:b1:0f:b0:7a:7c:78:b8:
24:2a:7a:f3:6b:09:b7:6d:43:f5:08:6b:44:a1:f3:97:ee:c4:
ce:db:4b:a8:e4:c8:7d:52:f0:7f:84:ff:01:55:e8:46:44:21:
01:a9:84:9d:df:da:b6:59:54:58:05:d2:38:9e:03:08:e7:6b:
8c:84:40:78:0c:a1:03:af:07:56:91:7c:ba:95:99:42:eb:79:
a8:d6:dc:00:3f:42:0b:9f:c0:9e:6b:b7:a2:c4:8f:9a:65:71:
70:7c:bf:6d:04:87:c6:b5:4e:5c:46:88:4e:23:9b:e7:36:37:
d8:86:2a:d5:25:0a:cc:9e:de:62:c6:7e:29:ae:0e:69:64:21:
a1:70:c0:d6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZc9W6AB/pjxSmAao2T3dXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDIyMTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk3ODQyOGEwNmNhZjAyMzEyNjhmYWM4MzcyZmE4MTljODc3M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOe81aKSD06dqtvuOiDpL6Sqzhi6
akljffkcIqxVphzOKc6ITd1AuM5nQnC7OOogjbYYDxM/9/mGWMS5vF5btdvYvmsu
onyjGaNSmGsZUkuhti/PuyP0Cb4ysbPQEnjfdQTAelrnyQI7nPxdaUjp2Z0q9GGY
sZuyWzSkizGsGHrH3ZyDcLw10LnPrObVNZSVo4gZcu4Jk8tIXh0fUwAlfFXPwk7m
aL8b0jZcZXeCkSDC4J7x7nJ8xmEVy+AXI3Jgzr1/qLvSemd9+rxf+B5Fz6KoLfkQ
VHwhx/6H2XB5hpFmw4W8tBzFDAdnfsQCbEMjL56iYfubWTkb9giLFUAktwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF+XhCigbK8CMSaPrINy+oGch3PWMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWDVlRUtLQnNyd0l4Sm8tc2czTDZnWnlIYzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWXPSSGjANBgkqhkiG9w0BAQsFAAOCAQEAv3TNm5R4WBx5AF3FKwkQ23XP
/VF65Ln1f3eeXIK5EEpCEEnJs0VKT+VXEh+e2W7FT7Xl6NfOp37nPx2wWGj3fF7Y
0bBbPfxwIw2b7Bp60eTROIA29HFhOR+GLNOU/Coi3kdnDEyjfRVie6pjoXuBwcSM
1buVu3GxD7B6fHi4JCp682sJt21D9QhrRKHzl+7EzttLqOTIfVLwf4T/AVXoRkQh
AamEnd/atllUWAXSOJ4DCOdrjIRAeAyhA68HVpF8upWZQut5qNbcAD9CC5/Anmu3
osSPmmVxcHy/bQSHxrVOXEaITiOb5zY32IYq1SUKzJ7eYsZ+Ka4OaWQhoXDA1g==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:24:57 2025 by rpki-client