Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dty6k16Iu7E7JvnmRo8kirRGnM0.roa
File: dty6k16Iu7E7JvnmRo8kirRGnM0.roa (raw, json)
Hash identifier: VqqFRtHHbtnC6YEok4VexOVSCweixgPTooQrrZereJ0=
Subject key identifier: 76:DC:BA:93:5E:88:BB:B1:3B:26:F9:E6:46:8F:24:8A:B4:46:9C:CD
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196B74BA67CDA8C151D82205736216F99D9
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dty6k16Iu7E7JvnmRo8kirRGnM0.roa
Signing time: Fri 09 May 2025 23:05:10 +0000
ROA not before: Fri 09 May 2025 23:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:b74a:d05a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b7:4b:a6:7c:da:8c:15:1d:82:20:57:36:21:6f:99:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 9 23:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76dcba935e88bbb13b26f9e6468f248ab4469ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:da:9e:c0:f6:5b:c6:97:66:88:03:db:99:
6e:a9:18:12:ff:ed:de:ad:3f:95:cd:f7:d0:56:ad:
80:a6:ff:e7:79:95:e0:2a:65:42:da:a9:80:ae:24:
11:b4:70:74:14:ca:ea:7c:94:36:e9:7d:d5:2c:11:
63:da:c8:94:67:ef:45:b5:73:1e:d7:f7:20:96:1f:
a8:67:6f:a1:0c:ca:1d:aa:da:63:df:5b:05:b9:c6:
06:a4:09:c7:3f:25:39:34:26:5c:7f:b4:e2:4f:e2:
96:7a:83:d7:69:b9:3a:c7:0e:b5:e5:24:fa:e8:db:
2e:42:6a:00:1f:0b:6d:62:23:5c:4c:d8:5d:ca:3f:
dc:e2:a5:4c:dd:57:3d:88:7a:9b:76:49:c4:b1:63:
0c:ad:b6:86:a9:bd:84:6b:17:ea:88:ee:80:7f:75:
68:1a:98:e8:c7:8b:b8:a6:97:5d:9e:cb:1e:36:6d:
26:1a:53:0e:b9:ad:87:45:55:95:9b:af:e2:f0:ae:
e0:76:5d:0c:6d:ee:f5:09:f8:2f:91:c9:2e:2b:b8:
6c:00:18:6e:ec:15:e9:c9:cb:fa:f0:80:2f:8c:19:
ad:93:08:6c:bf:f2:e8:7d:68:31:3d:36:99:85:dc:
36:02:c0:e9:83:9d:fe:67:65:d6:ba:3c:71:20:24:
3b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DC:BA:93:5E:88:BB:B1:3B:26:F9:E6:46:8F:24:8A:B4:46:9C:CD
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/dty6k16Iu7E7JvnmRo8kirRGnM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:b74a:d05a/128
Signature Algorithm: sha256WithRSAEncryption
24:63:0e:68:a6:49:e7:4d:f5:a7:ba:40:62:16:70:03:08:1e:
bc:23:53:92:0e:74:59:4c:fa:e7:55:91:53:79:d8:10:07:22:
18:26:3e:0a:cc:eb:7f:bc:71:37:d4:41:63:07:62:b0:b0:20:
17:f8:0a:56:31:3a:2b:c8:d4:7b:ea:3f:24:5b:09:0c:eb:8f:
f0:05:7e:03:ca:ae:59:67:b0:6e:27:5c:a4:f2:99:57:1a:56:
6f:34:bd:4d:d8:a6:39:a8:bc:30:6b:15:5a:e3:0a:5a:01:6d:
94:d9:b8:8c:84:5f:61:6e:18:94:12:48:87:5f:f7:65:f6:4a:
35:dc:a1:97:4a:f5:a8:52:d0:c5:99:a0:ea:9f:da:be:81:fb:
c6:38:8c:e4:12:4f:e8:78:72:09:61:5b:59:da:f3:ac:99:28:
aa:43:7a:13:d5:1a:67:ed:e5:a9:9d:e6:a8:9a:65:bc:0e:b8:
9e:0e:86:63:f2:d3:ce:05:16:27:9c:fb:94:24:0e:c5:48:03:
a1:6a:87:64:a7:0d:d1:96:5f:27:ac:8b:f7:be:65:af:7c:13:
14:34:c1:13:a8:5f:c5:a5:0b:53:15:1b:e5:19:73:cd:08:1b:
72:9a:31:01:57:08:ee:b9:66:79:03:00:da:60:41:b7:54:20:
2b:65:c0:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZa3S6Z82owVHYIgVzYhb5nZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA5MjMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRjYmE5MzVlODhiYmIxM2IyNmY5ZTY0NjhmMjQ4YWI0NDY5Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbfansD2W8aXZogD25luqRgS/+3e
rT+VzffQVq2Apv/neZXgKmVC2qmAriQRtHB0FMrqfJQ26X3VLBFj2siUZ+9FtXMe
1/cglh+oZ2+hDModqtpj31sFucYGpAnHPyU5NCZcf7TiT+KWeoPXabk6xw615ST6
6NsuQmoAHwttYiNcTNhdyj/c4qVM3Vc9iHqbdknEsWMMrbaGqb2EaxfqiO6Af3Vo
Gpjox4u4ppddnsseNm0mGlMOua2HRVWVm6/i8K7gdl0Mbe71CfgvkckuK7hsABhu
7BXpycv68IAvjBmtkwhsv/LofWgxPTaZhdw2AsDpg53+Z2XWujxxICQ7FwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHbcupNeiLuxOyb55kaPJIq0RpzNMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZHR5NmsxNkl1N0U3SnZubVJvOGtpclJHbk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWt0rQWjANBgkqhkiG9w0BAQsFAAOCAQEAJGMOaKZJ5031p7pAYhZwAwge
vCNTkg50WUz651WRU3nYEAciGCY+Cszrf7xxN9RBYwdisLAgF/gKVjE6K8jUe+o/
JFsJDOuP8AV+A8quWWewbidcpPKZVxpWbzS9TdimOai8MGsVWuMKWgFtlNm4jIRf
YW4YlBJIh1/3ZfZKNdyhl0r1qFLQxZmg6p/avoH7xjiM5BJP6HhyCWFbWdrzrJko
qkN6E9UaZ+3lqZ3mqJplvA64ng6GY/LTzgUWJ5z7lCQOxUgDoWqHZKcN0ZZfJ6yL
975lr3wTFDTBE6hfxaULUxUb5RlzzQgbcpoxAVcI7rlmeQMA2mBBt1QgK2XA0A==
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:22:26 2025 by rpki-client