Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk4aDGD3647qWdhHcZjaq4YGFjY.roa
File: bk4aDGD3647qWdhHcZjaq4YGFjY.roa (raw, json)
Hash identifier: fW9kre0U4r1jzc4XqyMPRkv2pA/FfxXd1/08HsNkPsM=
Subject key identifier: 6E:4E:1A:0C:60:F7:EB:8E:EA:59:D8:47:71:98:DA:AB:86:06:16:36
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019743DE65D2167DE072BB9E435BB4B79451
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk4aDGD3647qWdhHcZjaq4YGFjY.roa
Signing time: Fri 06 Jun 2025 06:12:17 +0000
ROA not before: Fri 06 Jun 2025 06:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:353f:be91/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:de:65:d2:16:7d:e0:72:bb:9e:43:5b:b4:b7:94:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 6 06:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e4e1a0c60f7eb8eea59d8477198daab86061636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:80:d3:ba:5d:58:43:2b:ef:76:6d:95:06:01:
7c:50:10:86:90:f8:6f:f5:40:d3:d0:9e:70:8c:08:
76:88:f4:a4:1c:2d:ee:03:7c:ff:f4:f1:cb:f8:c0:
51:24:47:dd:c3:fa:c3:19:9e:1c:3e:2f:b4:86:97:
d6:a5:4a:5b:c8:e9:56:e3:bc:83:b2:08:01:b9:90:
88:08:63:0b:b0:e2:f4:f3:63:e3:2b:99:11:02:de:
e6:e5:c8:b9:42:71:18:97:c4:16:62:0f:f9:1e:e6:
58:87:eb:a3:d9:50:c5:14:1c:ab:5d:b2:e1:97:34:
50:9c:a7:1b:ee:b0:30:be:b9:00:dd:b3:2a:18:11:
be:84:52:ac:5e:a9:9a:9f:59:49:64:84:7c:71:c7:
e3:11:da:b0:2b:22:ab:a0:fa:f8:6e:46:08:1f:96:
4f:6d:be:f2:3b:97:07:06:cb:07:42:27:ae:71:9a:
6c:1c:14:f8:d3:47:ef:3d:5f:f7:5c:3b:6a:bf:23:
49:d9:37:86:c2:43:98:3c:6a:94:96:24:85:b1:40:
d1:a1:75:11:10:54:9a:4b:72:b2:51:71:c0:f1:d2:
67:14:69:8c:94:5d:c4:bf:fb:26:7d:35:3d:24:a0:
29:a2:78:61:bc:c5:cf:9b:47:66:50:20:67:69:d8:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4E:1A:0C:60:F7:EB:8E:EA:59:D8:47:71:98:DA:AB:86:06:16:36
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/bk4aDGD3647qWdhHcZjaq4YGFjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:353f:be91/128
Signature Algorithm: sha256WithRSAEncryption
71:ff:56:f2:81:e9:f5:5c:f5:b5:3b:42:11:64:4f:ea:bf:24:
1c:ca:01:46:64:1b:19:7a:0a:49:6d:af:27:09:b8:0a:26:2b:
a4:f2:54:1b:80:81:d2:b9:95:69:9a:f4:44:b2:05:3a:a6:3f:
3a:92:c2:27:91:6d:d8:bb:d5:0f:64:57:fb:92:f6:8b:51:e3:
3e:62:e6:ed:64:4e:e8:8e:5a:ad:e2:0e:5a:72:90:b3:d3:85:
2b:55:c2:2e:11:e6:ad:85:7b:f0:be:0c:09:9c:c3:ac:a6:81:
9e:db:d0:45:f2:8c:63:2c:74:9c:e9:91:3e:e5:f2:8d:71:3f:
13:49:f9:5b:a4:f3:41:15:27:76:02:5b:22:8d:bc:54:12:68:
ec:de:ef:05:18:61:c2:66:0b:d8:16:a0:be:37:7c:c5:69:be:
3e:f0:a9:93:b7:ec:35:5f:ef:78:88:d4:08:32:6e:46:03:86:
6c:da:21:04:c4:bf:a2:41:b0:cd:85:5c:2b:b4:12:76:94:d6:
8d:2a:7d:eb:e1:ff:ee:7c:00:90:de:d7:63:3e:7f:ea:cf:87:
78:56:e0:50:aa:d7:db:1e:fc:ed:15:a3:94:91:da:61:43:ce:
c1:f4:7e:35:64:ad:65:1e:09:0c:63:ea:95:1b:8f:88:83:ea:
b5:8e:d7:11
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdD3mXSFn3gcrueQ1u0t5RRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjA2MDYxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRlMWEwYzYwZjdlYjhlZWE1OWQ4NDc3MTk4ZGFhYjg2MDYxNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoDTul1YQyvvdm2VBgF8UBCGkPhv
9UDT0J5wjAh2iPSkHC3uA3z/9PHL+MBRJEfdw/rDGZ4cPi+0hpfWpUpbyOlW47yD
sggBuZCICGMLsOL082PjK5kRAt7m5ci5QnEYl8QWYg/5HuZYh+uj2VDFFByrXbLh
lzRQnKcb7rAwvrkA3bMqGBG+hFKsXqman1lJZIR8ccfjEdqwKyKroPr4bkYIH5ZP
bb7yO5cHBssHQieucZpsHBT400fvPV/3XDtqvyNJ2TeGwkOYPGqUliSFsUDRoXUR
EFSaS3KyUXHA8dJnFGmMlF3Ev/smfTU9JKAponhhvMXPm0dmUCBnadhz2QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG5OGgxg9+uO6lnYR3GY2quGBhY2MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvYms0YURHRDM2NDdxV2RoSGNaamFxNFlHRmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXNT++kTANBgkqhkiG9w0BAQsFAAOCAQEAcf9W8oHp9Vz1
tTtCEWRP6r8kHMoBRmQbGXoKSW2vJwm4CiYrpPJUG4CB0rmVaZr0RLIFOqY/OpLC
J5Ft2LvVD2RX+5L2i1HjPmLm7WRO6I5areIOWnKQs9OFK1XCLhHmrYV78L4MCZzD
rKaBntvQRfKMYyx0nOmRPuXyjXE/E0n5W6TzQRUndgJbIo28VBJo7N7vBRhhwmYL
2Bagvjd8xWm+PvCpk7fsNV/veIjUCDJuRgOGbNohBMS/okGwzYVcK7QSdpTWjSp9
6+H/7nwAkN7XYz5/6s+HeFbgUKrX2x787RWjlJHaYUPOwfR+NWStZR4JDGPqlRuP
iIPqtY7XEQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:00:18 2025 by rpki-client