Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h47X31jppFIlUwleX4XK8wlZgYg.roa
File: h47X31jppFIlUwleX4XK8wlZgYg.roa (raw, json)
Hash identifier: O2o+f4H0l/8ynICHtkvD9yOiACo61POOl8/i8jivi50=
Subject key identifier: 87:8E:D7:DF:58:E9:A4:52:25:53:09:5E:5F:85:CA:F3:09:59:81:88
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196D10A87995EC1695F9F0D574B041839FE
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h47X31jppFIlUwleX4XK8wlZgYg.roa
Signing time: Wed 14 May 2025 23:04:10 +0000
ROA not before: Wed 14 May 2025 23:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:d10a:5216/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d1:0a:87:99:5e:c1:69:5f:9f:0d:57:4b:04:18:39:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 14 23:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=878ed7df58e9a4522553095e5f85caf309598188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c2:32:9d:1c:b7:7c:e0:60:a4:ea:bd:db:c1:
70:a2:ed:70:5c:05:0f:a5:a2:38:d6:59:cb:51:c3:
6f:4e:03:d7:ee:4d:32:e4:3a:f3:d3:c0:7a:e4:b2:
29:e5:81:7b:c9:cb:5e:2a:a6:3a:41:c4:3f:43:69:
29:87:94:91:f6:41:4d:fd:ec:3c:ac:a3:6d:6f:03:
ed:5e:c1:35:35:e4:c1:00:9f:e6:16:c0:53:fc:fd:
d7:3e:8b:c3:0e:fb:91:fc:4b:2b:64:ec:f7:4c:5b:
12:7f:3f:47:7a:01:34:79:be:c3:d1:60:56:3c:17:
13:4a:95:96:21:f8:08:02:8f:7d:22:69:36:68:82:
22:0f:ac:5e:be:58:e2:57:d0:67:ff:95:d5:25:50:
d3:35:96:22:9e:bc:13:e7:ff:45:74:fc:5d:9a:b3:
fa:ab:dc:b8:7c:5f:aa:85:bf:64:14:73:ba:df:f3:
e0:f0:39:99:f5:4b:01:1c:6a:60:e6:d4:dc:4a:88:
c9:8c:e4:da:72:e2:5b:81:19:b1:37:ff:cd:1f:25:
ae:4b:6b:d7:ca:6c:cf:ad:bc:47:63:b7:3d:fd:0b:
ae:6d:0b:37:57:95:b6:6e:58:da:28:c0:5b:bc:ba:
2e:b2:f5:10:1c:f9:a4:cf:6f:f8:bd:db:56:56:96:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8E:D7:DF:58:E9:A4:52:25:53:09:5E:5F:85:CA:F3:09:59:81:88
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/h47X31jppFIlUwleX4XK8wlZgYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:d10a:5216/128
Signature Algorithm: sha256WithRSAEncryption
1a:07:cf:49:a2:97:a1:93:14:86:79:54:ee:62:e2:99:17:2f:
86:08:f9:33:4e:50:3a:50:8e:ec:c4:16:81:56:25:cb:bb:1a:
39:b0:c0:48:10:68:d1:25:42:f2:e5:00:f2:35:47:09:8a:d4:
55:e2:59:43:6f:40:28:f1:4b:36:8e:b1:dd:45:25:02:a2:ca:
53:c3:d0:ff:d9:92:55:f6:94:86:a5:21:08:d7:9d:31:72:df:
e7:e7:4e:41:45:7c:1b:92:04:d9:18:40:e5:ac:d6:91:51:94:
c7:c6:98:da:5b:83:8d:11:49:20:a8:2b:b3:77:ea:a8:34:a2:
c7:e7:c1:db:8c:99:a9:c6:60:33:84:8b:36:b3:8f:5f:22:44:
5f:5a:14:a3:a2:eb:41:8a:19:c4:84:83:9d:b3:57:c8:41:a7:
3d:74:13:b1:56:8e:76:e2:bc:f6:ea:bd:e3:8e:b2:01:7a:d0:
4e:51:da:6c:84:91:45:c9:c2:7b:46:c0:f6:4c:53:82:d9:f0:
9c:c1:b0:46:4e:2b:18:50:2e:74:b1:77:7f:00:d5:3e:af:ee:
36:c7:44:56:18:d7:57:56:bd:ea:c5:0e:57:cc:da:53:08:46:
95:f4:de:d0:6a:04:cb:e3:1f:6d:fa:a1:c1:5b:0d:a9:56:ea:
03:47:c9:2f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbRCoeZXsFpX58NV0sEGDn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTE0MjMwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhlZDdkZjU4ZTlhNDUyMjU1MzA5NWU1Zjg1Y2FmMzA5NTk4MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48IynRy3fOBgpOq928Fwou1wXAUP
paI41lnLUcNvTgPX7k0y5Drz08B65LIp5YF7ycteKqY6QcQ/Q2kph5SR9kFN/ew8
rKNtbwPtXsE1NeTBAJ/mFsBT/P3XPovDDvuR/EsrZOz3TFsSfz9HegE0eb7D0WBW
PBcTSpWWIfgIAo99Imk2aIIiD6xevljiV9Bn/5XVJVDTNZYinrwT5/9FdPxdmrP6
q9y4fF+qhb9kFHO63/Pg8DmZ9UsBHGpg5tTcSojJjOTacuJbgRmxN//NHyWuS2vX
ymzPrbxHY7c9/QuubQs3V5W2bljaKMBbvLousvUQHPmkz2/4vdtWVpaCDwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIeO199Y6aRSJVMJXl+FyvMJWYGIMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaDQ3WDMxanBwRklsVXdsZVg0WEs4d2xaZ1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW0QpSFjANBgkqhkiG9w0BAQsFAAOCAQEAGgfPSaKXoZMUhnlU7mLimRcv
hgj5M05QOlCO7MQWgVYly7saObDASBBo0SVC8uUA8jVHCYrUVeJZQ29AKPFLNo6x
3UUlAqLKU8PQ/9mSVfaUhqUhCNedMXLf5+dOQUV8G5IE2RhA5azWkVGUx8aY2luD
jRFJIKgrs3fqqDSix+fB24yZqcZgM4SLNrOPXyJEX1oUo6LrQYoZxISDnbNXyEGn
PXQTsVaOduK89uq9446yAXrQTlHabISRRcnCe0bA9kxTgtnwnMGwRk4rGFAudLF3
fwDVPq/uNsdEVhjXV1a96sUOV8zaUwhGlfTe0GoEy+MfbfqhwVsNqVbqA0fJLw==
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:28:33 2025 by rpki-client