Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Z-YMFkLSymyh9uoxX6FwTr8IKXw.roa
File: Z-YMFkLSymyh9uoxX6FwTr8IKXw.roa (raw, json)
Hash identifier: cB4X5Hph6a61ksk+XW3xd3xuZllfJpJB9r+Xw5/nsC8=
Subject key identifier: 67:E6:0C:16:42:D2:CA:6C:A1:F6:EA:31:5F:A1:70:4E:BF:08:29:7C
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01967B6DB8F9E63AAC36BD1F09C68AAA711A
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Z-YMFkLSymyh9uoxX6FwTr8IKXw.roa
Signing time: Mon 28 Apr 2025 08:05:10 +0000
ROA not before: Mon 28 Apr 2025 08:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:7b6c:ce4f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:6d:b8:f9:e6:3a:ac:36:bd:1f:09:c6:8a:aa:71:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 28 08:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e60c1642d2ca6ca1f6ea315fa1704ebf08297c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:85:a1:4b:0d:11:49:c2:21:c4:87:49:3d:f2:
7b:49:63:ca:30:63:89:7f:9c:07:0e:56:23:70:54:
42:e8:7c:69:a2:65:89:7e:16:15:b5:ec:78:25:31:
53:b2:81:54:f4:1e:10:67:9b:69:de:92:b6:b5:7a:
2f:c7:1a:c8:e8:b9:e4:18:55:e5:c8:28:41:a3:95:
7f:21:d9:18:d7:c7:93:34:9b:0e:78:01:02:b2:3e:
c8:64:5d:7a:56:73:b4:28:43:3d:a1:0b:1c:55:6e:
c0:8b:45:4e:38:e3:3b:36:09:9c:c2:e0:d7:64:c1:
aa:29:0e:29:7d:55:77:46:aa:df:ac:72:ea:b5:bc:
11:d0:ba:a2:dd:19:03:1d:61:99:2e:19:0e:2f:8c:
9e:0e:39:2f:47:97:4d:3f:41:fe:56:c2:df:d9:91:
c0:23:c3:8b:8d:ff:4b:0b:b9:bd:97:b2:de:9d:50:
3f:40:92:9a:b6:5f:e5:74:95:32:b8:f2:06:d6:cd:
83:f6:ee:e5:6d:a1:01:95:4a:6a:b4:6b:0f:68:0a:
0c:65:ae:8a:26:22:b6:cc:ed:c0:88:f6:c3:42:cd:
2a:8c:3a:69:26:33:83:84:cb:7d:28:7b:b5:c0:bf:
d6:a8:39:0c:8e:6a:09:aa:23:d1:a6:1e:55:98:c4:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E6:0C:16:42:D2:CA:6C:A1:F6:EA:31:5F:A1:70:4E:BF:08:29:7C
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/Z-YMFkLSymyh9uoxX6FwTr8IKXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:7b6c:ce4f/128
Signature Algorithm: sha256WithRSAEncryption
5a:46:49:f8:17:e0:a1:8d:11:af:3a:1f:16:fd:f9:46:35:84:
9e:f1:8a:34:68:16:c9:7f:55:50:45:ce:41:8b:df:70:5f:e4:
ad:ce:0e:2f:cb:77:30:c2:f0:d4:dc:ab:fa:c8:4e:9a:dc:6d:
dd:08:8a:32:50:ae:a5:66:9a:e4:12:fa:f0:74:6c:0d:d1:a2:
eb:72:d9:f9:f8:33:4d:8d:3e:06:93:b4:17:bf:e2:18:1b:a2:
2c:f6:76:d7:34:e4:43:69:39:c3:f0:c3:ad:9f:b7:47:5d:9d:
dc:13:d2:19:3e:73:a8:61:21:88:07:d2:db:f3:ff:80:d8:03:
d0:b6:34:d4:5e:aa:85:16:b9:93:e2:93:bd:41:b0:02:37:bc:
de:79:73:52:3c:96:64:0d:3a:6a:48:6a:20:14:41:1b:7e:88:
9a:f1:a8:fe:73:7c:54:9c:2c:f7:99:c9:11:d1:e6:39:86:57:
cc:d4:b0:8c:32:40:27:19:3f:e5:cd:7f:54:09:4f:fa:94:10:
67:1b:af:20:98:0d:71:df:6c:f3:dd:0c:ff:f8:2d:d2:87:93:
b2:60:42:59:79:d5:96:f5:db:5a:f3:20:8b:e6:f1:5b:76:23:
44:6d:67:27:43:e2:d5:b4:10:5b:2c:9c:30:4f:c4:e5:46:63:
73:c7:e1:9c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZ7bbj55jqsNr0fCcaKqnEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI4MDgwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U2MGMxNjQyZDJjYTZjYTFmNmVhMzE1ZmExNzA0ZWJmMDgyOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIWhSw0RScIhxIdJPfJ7SWPKMGOJ
f5wHDlYjcFRC6HxpomWJfhYVtex4JTFTsoFU9B4QZ5tp3pK2tXovxxrI6LnkGFXl
yChBo5V/IdkY18eTNJsOeAECsj7IZF16VnO0KEM9oQscVW7Ai0VOOOM7NgmcwuDX
ZMGqKQ4pfVV3RqrfrHLqtbwR0Lqi3RkDHWGZLhkOL4yeDjkvR5dNP0H+VsLf2ZHA
I8OLjf9LC7m9l7LenVA/QJKatl/ldJUyuPIG1s2D9u7lbaEBlUpqtGsPaAoMZa6K
JiK2zO3AiPbDQs0qjDppJjODhMt9KHu1wL/WqDkMjmoJqiPRph5VmMQBwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGfmDBZC0spsofbqMV+hcE6/CCl8MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWi1ZTUZrTFN5bXloOXVveFg2RndUcjhJS1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWe2zOTzANBgkqhkiG9w0BAQsFAAOCAQEAWkZJ+BfgoY0RrzofFv35RjWE
nvGKNGgWyX9VUEXOQYvfcF/krc4OL8t3MMLw1Nyr+shOmtxt3QiKMlCupWaa5BL6
8HRsDdGi63LZ+fgzTY0+BpO0F7/iGBuiLPZ21zTkQ2k5w/DDrZ+3R12d3BPSGT5z
qGEhiAfS2/P/gNgD0LY01F6qhRa5k+KTvUGwAje83nlzUjyWZA06akhqIBRBG36I
mvGo/nN8VJws95nJEdHmOYZXzNSwjDJAJxk/5c1/VAlP+pQQZxuvIJgNcd9s890M
//gt0oeTsmBCWXnVlvXbWvMgi+bxW3YjRG1nJ0Pi1bQQWyycME/E5UZjc8fhnA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:53:19 2025 by rpki-client