Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XNarCmIL-4otVlKu5x8eDvIZt5g.roa
File: XNarCmIL-4otVlKu5x8eDvIZt5g.roa (raw, json)
Hash identifier: Ae2hLpbZUWC1qX4vAMIzRfY+z9L7TvvjYRahze3BkfI=
Subject key identifier: 5C:D6:AB:0A:62:0B:FB:8A:2D:56:52:AE:E7:1F:1E:0E:F2:19:B7:98
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019690E3CD4A753D9B23797381D416C749CB
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XNarCmIL-4otVlKu5x8eDvIZt5g.roa
Signing time: Fri 02 May 2025 12:06:10 +0000
ROA not before: Fri 02 May 2025 12:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:90e3:7c0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:e3:cd:4a:75:3d:9b:23:79:73:81:d4:16:c7:49:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 2 12:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cd6ab0a620bfb8a2d5652aee71f1e0ef219b798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ab:55:1f:8b:a8:ce:94:18:36:20:2c:09:3a:
87:d9:bc:a6:ba:5e:7f:8e:db:d9:d3:18:2b:6e:a6:
1b:06:3b:b5:1b:93:53:85:c2:d9:15:ab:e0:7e:e4:
2c:2b:d7:58:3a:b9:e4:4a:ff:72:53:89:ca:9d:3a:
ab:7b:33:f5:d5:6f:40:c4:bd:c8:19:ab:6f:56:ad:
f9:4e:2d:64:3f:77:e9:39:32:c4:8f:1f:6b:99:d2:
a2:b4:89:1d:ec:ad:a2:df:20:f5:4a:36:77:26:d3:
85:b9:01:5b:a9:6b:40:06:4c:a4:8a:b5:df:25:9c:
a9:d7:8f:3c:79:5f:c6:a0:03:7a:f4:fd:08:3a:44:
da:96:f4:62:d0:06:c1:9a:f5:02:d0:d4:77:e5:8f:
99:25:73:7a:f8:5e:55:24:86:55:f4:74:91:f7:3c:
0c:a6:21:d7:16:d4:79:bc:80:0f:4e:3a:f9:2f:9b:
89:ab:b3:6e:50:58:f2:b9:5b:07:2d:b7:91:fe:b9:
51:a7:75:f6:e0:d5:c5:21:e7:75:a1:c5:c9:17:2c:
56:1d:c9:05:b9:a4:ca:20:e2:33:80:3b:2e:45:d6:
98:47:ad:b0:41:e8:11:2f:98:cd:36:55:cf:d7:71:
ef:57:c9:90:63:ae:68:ce:70:b0:29:b0:cc:72:a9:
d3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D6:AB:0A:62:0B:FB:8A:2D:56:52:AE:E7:1F:1E:0E:F2:19:B7:98
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/XNarCmIL-4otVlKu5x8eDvIZt5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:90e3:7c0/128
Signature Algorithm: sha256WithRSAEncryption
44:77:22:f6:fe:39:ae:be:bf:6c:37:1d:b8:54:87:ef:9e:dc:
40:22:d3:b1:21:e6:cc:8b:9b:b0:a3:75:4f:f8:a6:7e:2e:4a:
0e:04:6f:46:88:1d:2d:c2:11:37:ce:ad:b9:55:1a:ce:0c:5a:
0d:2e:cb:c4:e5:1f:1e:71:b2:1c:1b:28:98:c7:23:00:40:0e:
c5:8a:12:8a:5d:d6:fe:18:f1:bf:e3:6d:7d:3b:db:11:3b:af:
88:3b:e3:86:40:c2:87:2a:a3:cb:d0:44:47:d9:73:e5:2c:87:
08:04:aa:59:26:f4:a7:d0:b2:92:ab:10:91:5c:d6:30:83:a9:
19:f9:68:b4:32:aa:20:4d:a3:c0:bf:3b:82:1a:0d:99:79:a1:
8c:7b:d8:e5:cd:8d:09:13:8e:ad:12:0e:87:f3:db:1b:1b:d5:
83:48:3d:c2:30:1c:8b:c6:bc:4c:42:29:94:aa:00:6f:21:3d:
f1:5d:6f:e0:44:b4:5e:b3:83:4b:35:fb:8c:3e:0f:35:32:48:
95:89:85:d7:0b:b2:b0:c9:43:db:b1:fc:ab:cf:a9:db:5a:b9:
6e:c9:c0:f0:93:bd:62:57:04:73:1b:67:84:a5:8a:cd:d6:c2:
63:67:a2:40:3e:c8:8c:69:3d:24:64:e1:8b:f9:21:01:6b:e5:
81:be:80:16
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZaQ481KdT2bI3lzgdQWx0nLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTAyMTIwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q2YWIwYTYyMGJmYjhhMmQ1NjUyYWVlNzFmMWUwZWYyMTliNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KtVH4uozpQYNiAsCTqH2bymul5/
jtvZ0xgrbqYbBju1G5NThcLZFavgfuQsK9dYOrnkSv9yU4nKnTqrezP11W9AxL3I
GatvVq35Ti1kP3fpOTLEjx9rmdKitIkd7K2i3yD1SjZ3JtOFuQFbqWtABkykirXf
JZyp1488eV/GoAN69P0IOkTalvRi0AbBmvUC0NR35Y+ZJXN6+F5VJIZV9HSR9zwM
piHXFtR5vIAPTjr5L5uJq7NuUFjyuVsHLbeR/rlRp3X24NXFIed1ocXJFyxWHckF
uaTKIOIzgDsuRdaYR62wQegRL5jNNlXP13HvV8mQY65oznCwKbDMcqnTjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFzWqwpiC/uKLVZSrucfHg7yGbeYMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWE5hckNtSUwtNG90VmxLdTV4OGVEdkladDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWkOMHwDANBgkqhkiG9w0BAQsFAAOCAQEARHci9v45rr6/bDcduFSH757c
QCLTsSHmzIubsKN1T/imfi5KDgRvRogdLcIRN86tuVUazgxaDS7LxOUfHnGyHBso
mMcjAEAOxYoSil3W/hjxv+NtfTvbETuviDvjhkDChyqjy9BER9lz5SyHCASqWSb0
p9CykqsQkVzWMIOpGflotDKqIE2jwL87ghoNmXmhjHvY5c2NCROOrRIOh/PbGxvV
g0g9wjAci8a8TEIplKoAbyE98V1v4ES0XrODSzX7jD4PNTJIlYmF1wuysMlD27H8
q8+p21q5bsnA8JO9YlcEcxtnhKWKzdbCY2eiQD7IjGk9JGThi/khAWvlgb6AFg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:27:29 2025 by rpki-client