Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZIcqd4Wp5BL58GBehuhXlsIZeas.roa
File: ZIcqd4Wp5BL58GBehuhXlsIZeas.roa (raw, json)
Hash identifier: daMZBWkq97Xzk5FnEHy3+hLz575pT73px/VMgtEloqo=
Subject key identifier: 64:87:2A:77:85:A9:E4:12:F9:F0:60:5E:86:E8:57:96:C2:19:79:AB
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01966854CDFFD90AE5D2218A6A8AB75DA70E
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZIcqd4Wp5BL58GBehuhXlsIZeas.roa
Signing time: Thu 24 Apr 2025 15:05:10 +0000
ROA not before: Thu 24 Apr 2025 15:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:6854:325/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:54:cd:ff:d9:0a:e5:d2:21:8a:6a:8a:b7:5d:a7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 24 15:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64872a7785a9e412f9f0605e86e85796c21979ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:ce:1d:61:93:cb:39:1d:47:6d:a3:07:b1:
b1:46:fe:d2:ee:05:1c:ee:e4:eb:4b:8a:2d:fc:a5:
0f:4a:de:53:70:77:20:af:7c:67:50:4f:d8:d5:d5:
65:79:86:af:b5:26:d9:21:25:21:c5:5a:92:6c:21:
aa:ef:ce:ae:9b:2c:e0:f7:54:0f:74:28:fb:95:b7:
29:21:48:80:43:0b:5d:b0:22:e8:44:68:bc:30:fd:
90:dd:13:bd:7c:7f:46:fc:7f:d1:7a:5c:c2:58:ae:
5d:85:64:df:0d:a1:e4:f5:ef:0d:bf:65:d5:ab:39:
04:c7:32:00:84:67:77:8c:b0:b5:14:af:b9:32:98:
f1:f3:ec:4d:6a:7e:fa:c9:05:25:33:25:b1:d1:e6:
46:e8:61:e5:c0:4d:dd:29:00:c9:c6:db:b7:b0:a3:
30:f4:b3:c0:f0:2c:d9:43:0f:d1:71:b8:a3:1c:ce:
b3:37:4b:43:12:49:8b:5f:dc:73:59:9d:9c:f9:7d:
b2:5a:a0:9a:7a:f6:c1:77:b1:ca:8c:01:e3:f6:52:
04:73:7e:b7:df:17:d4:62:a0:21:67:4d:42:1c:2d:
93:d7:d8:b2:1b:e4:84:7f:e1:70:3a:a6:89:5b:08:
19:80:ba:14:5b:b9:3d:78:ca:08:5c:d8:43:e6:e5:
d7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:87:2A:77:85:A9:E4:12:F9:F0:60:5E:86:E8:57:96:C2:19:79:AB
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/ZIcqd4Wp5BL58GBehuhXlsIZeas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:6854:325/128
Signature Algorithm: sha256WithRSAEncryption
7d:c3:ed:e6:3b:df:9b:57:df:0b:4b:4d:b3:0e:63:d1:ec:c5:
ee:c9:68:4c:c1:8a:a3:26:bd:f7:2e:02:99:c7:d4:17:71:80:
1c:7a:9f:c1:5a:a6:6a:cf:fb:75:e9:e7:54:10:4b:71:53:b8:
b3:71:3a:7e:a5:f0:29:60:1d:d2:e8:0c:bb:aa:e2:d5:48:51:
8b:90:34:bd:ac:96:f6:e0:11:55:42:b9:3f:4c:e5:42:c3:17:
43:b3:1f:a3:06:74:75:ac:d2:d3:76:5a:ff:49:f6:2d:9d:2b:
06:ec:76:50:8e:96:70:1a:c9:76:d8:94:07:c4:45:37:62:2c:
00:e7:4b:3a:d0:db:fc:52:c2:da:6d:a1:24:16:0f:34:24:eb:
54:08:37:86:25:03:92:4e:b9:f0:f8:c0:25:85:c2:16:d0:b5:
f8:46:a4:6f:bb:a9:22:81:a2:f0:45:d3:17:ce:55:d4:f0:47:
c5:d0:7b:38:e0:99:20:48:e5:7e:1f:5a:14:be:fc:d1:00:c7:
c2:13:37:20:a9:97:c5:d9:5f:aa:4c:f7:fe:91:bf:df:5b:e5:
ac:1d:a0:a5:5e:34:6d:40:6a:6b:a8:f0:0c:91:ee:6d:38:1e:
dd:72:2c:df:dc:84:cb:0d:61:a3:b8:e9:34:13:a9:b9:51:45:
b5:6d:82:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZoVM3/2Qrl0iGKaoq3XacOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI0MTUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg3MmE3Nzg1YTllNDEyZjlmMDYwNWU4NmU4NTc5NmMyMTk3OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLzOHWGTyzkdR22jB7GxRv7S7gUc
7uTrS4ot/KUPSt5TcHcgr3xnUE/Y1dVleYavtSbZISUhxVqSbCGq786umyzg91QP
dCj7lbcpIUiAQwtdsCLoRGi8MP2Q3RO9fH9G/H/RelzCWK5dhWTfDaHk9e8Nv2XV
qzkExzIAhGd3jLC1FK+5Mpjx8+xNan76yQUlMyWx0eZG6GHlwE3dKQDJxtu3sKMw
9LPA8CzZQw/RcbijHM6zN0tDEkmLX9xzWZ2c+X2yWqCaevbBd7HKjAHj9lIEc363
3xfUYqAhZ01CHC2T19iyG+SEf+FwOqaJWwgZgLoUW7k9eMoIXNhD5uXXRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGSHKneFqeQS+fBgXoboV5bCGXmrMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvWkljcWQ0V3A1Qkw1OEdCZWh1aFhsc0laZWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWaFQDJTANBgkqhkiG9w0BAQsFAAOCAQEAfcPt5jvfm1ffC0tNsw5j0ezF
7sloTMGKoya99y4CmcfUF3GAHHqfwVqmas/7dennVBBLcVO4s3E6fqXwKWAd0ugM
u6ri1UhRi5A0vayW9uARVUK5P0zlQsMXQ7MfowZ0dazS03Za/0n2LZ0rBux2UI6W
cBrJdtiUB8RFN2IsAOdLOtDb/FLC2m2hJBYPNCTrVAg3hiUDkk658PjAJYXCFtC1
+Eakb7upIoGi8EXTF85V1PBHxdB7OOCZIEjlfh9aFL780QDHwhM3IKmXxdlfqkz3
/pG/31vlrB2gpV40bUBqa6jwDJHubTge3XIs39yEyw1ho7jpNBOpuVFFtW2Cjw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:30:13 2025 by rpki-client