Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fzPYiAhZtkBs0ukQr1DpnT9iK7w.roa
File: fzPYiAhZtkBs0ukQr1DpnT9iK7w.roa (raw, json)
Hash identifier: VOQZzrYrYhiTI/5y31LVhOCgSEFnWAlLf1ck8si0s/M=
Subject key identifier: 7F:33:D8:88:08:59:B6:40:6C:D2:E9:10:AF:50:E9:9D:3F:62:2B:BC
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196AF5B2DC1B39088889AC0AD0479852C79
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fzPYiAhZtkBs0ukQr1DpnT9iK7w.roa
Signing time: Thu 08 May 2025 10:05:10 +0000
ROA not before: Thu 08 May 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:af5a:7fa1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:5b:2d:c1:b3:90:88:88:9a:c0:ad:04:79:85:2c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 8 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f33d8880859b6406cd2e910af50e99d3f622bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:af:02:38:cf:e6:93:56:eb:01:04:22:ee:13:
e5:2f:07:ab:46:9e:0c:df:a2:d4:ab:4f:0f:15:ae:
d7:8c:f2:be:f2:9d:71:b1:25:57:07:04:f5:5a:cd:
92:f6:d5:f8:3b:68:bf:91:bf:45:23:5b:f9:d4:90:
d2:70:28:ff:34:0a:f2:5b:ae:d0:4c:08:3c:8e:69:
a4:5b:cc:5c:d4:3d:42:a1:e2:95:04:8c:07:61:2d:
01:dd:6c:1c:16:bc:1d:16:16:fc:de:f7:49:21:d9:
f9:1a:cd:cf:fe:7e:aa:2c:62:7c:1b:3c:f5:57:5a:
ae:b6:6c:3b:0d:e8:7b:39:56:c0:e7:a1:f7:5b:90:
ad:6f:bf:3d:ec:6d:c3:ed:24:f7:fb:ff:18:5c:1d:
2a:4d:a3:5f:00:fb:c3:30:4a:4c:e6:d4:15:64:60:
8e:c4:b4:86:9b:73:e4:d1:0f:15:2e:67:e7:74:51:
ea:f7:26:70:2d:98:83:45:27:5a:05:a5:49:f8:f5:
77:36:9d:51:d6:7d:a6:cb:30:3c:1f:19:e2:82:ad:
f5:c4:4e:10:89:1a:8b:76:ff:dc:21:3e:c2:56:9d:
ea:d0:48:c9:ab:9a:94:86:7c:b5:48:fe:24:79:f7:
17:2c:57:c3:50:9f:58:83:85:ad:8d:6b:af:83:db:
de:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:33:D8:88:08:59:B6:40:6C:D2:E9:10:AF:50:E9:9D:3F:62:2B:BC
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/fzPYiAhZtkBs0ukQr1DpnT9iK7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:af5a:7fa1/128
Signature Algorithm: sha256WithRSAEncryption
96:86:e2:32:02:13:9e:13:ff:7c:16:92:5f:c9:8a:8d:57:cf:
8f:fa:6d:d3:0e:39:08:c1:4f:a2:5b:59:3a:be:50:e9:cc:5b:
73:a2:f4:b4:0f:ca:bf:ea:0d:7f:ea:16:15:01:e4:8a:96:99:
fe:3a:cb:6e:2e:36:3e:91:ef:6e:37:96:31:5a:4b:ea:e1:34:
d3:55:61:0d:b8:40:1d:b3:05:2a:b7:ac:21:51:04:76:93:21:
72:cb:8c:ed:e8:28:d1:fe:2f:d2:38:3e:e5:6d:f4:a4:d2:32:
c7:97:fc:5a:a6:5b:0e:c1:7e:a8:c1:27:3f:b1:ff:0f:b9:77:
c2:2c:74:57:e9:11:97:f0:bb:af:39:cb:f8:46:fd:88:7e:46:
7e:b7:bb:d5:ea:74:32:b1:2d:61:f9:f6:a7:13:e1:56:a0:78:
b1:c8:94:06:96:f6:80:9b:54:d2:be:a6:6f:65:80:a3:cc:de:
1f:b6:20:50:07:6a:3d:2b:55:3c:22:7f:93:40:23:06:e8:51:
24:23:c4:7a:fb:0c:ea:ae:b4:fa:3a:ab:fd:d2:2a:7e:5c:5b:
0c:3e:24:07:c1:b7:02:ff:76:15:8b:69:c8:fa:e5:f1:01:c8:
fa:c8:0d:5f:16:e7:d8:f5:90:5f:3d:44:9a:fd:b2:e6:df:ec:
c8:9a:71:26
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZavWy3Bs5CIiJrArQR5hSx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTA4MTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjMzZDg4ODA4NTliNjQwNmNkMmU5MTBhZjUwZTk5ZDNmNjIyYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt68COM/mk1brAQQi7hPlLwerRp4M
36LUq08PFa7XjPK+8p1xsSVXBwT1Ws2S9tX4O2i/kb9FI1v51JDScCj/NAryW67Q
TAg8jmmkW8xc1D1CoeKVBIwHYS0B3WwcFrwdFhb83vdJIdn5Gs3P/n6qLGJ8Gzz1
V1qutmw7Deh7OVbA56H3W5Ctb7897G3D7ST3+/8YXB0qTaNfAPvDMEpM5tQVZGCO
xLSGm3Pk0Q8VLmfndFHq9yZwLZiDRSdaBaVJ+PV3Np1R1n2myzA8Hxnigq31xE4Q
iRqLdv/cIT7CVp3q0EjJq5qUhny1SP4kefcXLFfDUJ9Yg4WtjWuvg9ve7QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFH8z2IgIWbZAbNLpEK9Q6Z0/Yiu8MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvZnpQWWlBaFp0a0JzMHVrUXIxRHBuVDlpSzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWr1p/oTANBgkqhkiG9w0BAQsFAAOCAQEAlobiMgITnhP/fBaSX8mKjVfP
j/pt0w45CMFPoltZOr5Q6cxbc6L0tA/Kv+oNf+oWFQHkipaZ/jrLbi42PpHvbjeW
MVpL6uE001VhDbhAHbMFKresIVEEdpMhcsuM7ego0f4v0jg+5W30pNIyx5f8WqZb
DsF+qMEnP7H/D7l3wix0V+kRl/C7rznL+Eb9iH5Gfre71ep0MrEtYfn2pxPhVqB4
sciUBpb2gJtU0r6mb2WAo8zeH7YgUAdqPStVPCJ/k0AjBuhRJCPEevsM6q60+jqr
/dIqflxbDD4kB8G3Av92FYtpyPrl8QHI+sgNXxbn2PWQXz1Emv2y5t/syJpxJg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:27:19 2025 by rpki-client