Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hQWy5qLyaNpWza4NpYMX1HQnYa8.roa
File: hQWy5qLyaNpWza4NpYMX1HQnYa8.roa (raw, json)
Hash identifier: wL2ku4lAqDgDy9IIdlGHR9GG7p4riQQGkCzRZJYtJCU=
Subject key identifier: 85:05:B2:E6:A2:F2:68:DA:56:CD:AE:0D:A5:83:17:D4:74:27:61:AF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019655040B2FFC3946E76B2B3B093BC31DF7
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hQWy5qLyaNpWza4NpYMX1HQnYa8.roa
Signing time: Sun 20 Apr 2025 21:04:10 +0000
ROA not before: Sun 20 Apr 2025 21:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:5503:d56d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:04:0b:2f:fc:39:46:e7:6b:2b:3b:09:3b:c3:1d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 20 21:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8505b2e6a2f268da56cdae0da58317d4742761af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f9:74:64:24:db:d4:de:49:b5:7b:4a:53:92:
ea:a8:d8:b5:4b:9a:26:d5:9b:dd:bd:d8:e8:45:94:
55:3c:a5:5e:8f:4b:8b:e0:80:69:14:8c:12:a4:43:
12:5c:41:f3:a8:00:2f:4d:7c:41:13:88:b5:6d:73:
c8:79:e5:84:8a:d2:76:97:6a:b6:08:d2:77:a5:d5:
ab:35:9b:e6:67:38:33:59:54:12:cb:cb:16:c1:f1:
df:3b:9f:67:fe:4f:93:63:ed:4f:62:51:82:2d:b2:
1b:bb:df:4f:8b:08:85:4f:27:d1:04:ba:e5:7a:15:
8a:8b:a3:7e:ea:af:84:5d:9e:8d:83:a1:d9:e9:45:
6a:9b:70:6f:71:ae:ff:2c:82:8d:7d:cb:5b:04:76:
91:fa:a5:93:d2:bd:bc:c6:bb:65:9b:15:fa:6c:02:
87:40:ed:08:1d:3f:d4:1b:03:31:d6:d2:61:b1:2e:
94:83:06:b9:b9:cc:4f:b6:09:69:70:74:9e:e5:98:
e7:e5:79:2a:93:c3:83:48:c9:59:03:2e:18:39:3f:
79:01:78:98:20:8f:91:20:c4:71:d3:c5:b7:a9:fa:
45:78:41:98:98:f8:bb:f4:dd:79:32:e6:a7:e4:c8:
10:66:9d:8d:28:64:b0:a8:45:f8:ec:82:a0:87:85:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:05:B2:E6:A2:F2:68:DA:56:CD:AE:0D:A5:83:17:D4:74:27:61:AF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/hQWy5qLyaNpWza4NpYMX1HQnYa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:5503:d56d/128
Signature Algorithm: sha256WithRSAEncryption
79:67:4a:79:4e:44:ae:7f:13:f9:d8:45:d5:d6:88:7c:94:b1:
ad:39:9a:f9:93:18:ac:0e:4a:7b:fd:b6:71:d3:93:d2:c6:6e:
32:8b:6e:a5:51:96:07:68:ed:9b:fc:85:e8:ae:62:ee:8a:8a:
78:11:de:32:c1:b4:c1:df:27:be:e1:00:f7:3f:0b:b4:63:0e:
da:a1:38:17:ad:13:c2:98:30:f3:75:97:78:01:42:1a:b1:a5:
ac:18:2a:75:f9:89:13:e3:5f:6d:7c:86:cd:a0:74:ea:6a:0e:
69:43:de:64:4b:70:b0:75:f2:a3:4b:49:fc:e2:f4:42:46:ea:
81:16:04:bb:17:ec:54:69:a0:42:07:00:89:42:5d:10:80:3b:
6e:de:33:85:a8:80:09:75:b5:0e:62:67:9b:9d:b7:55:1e:68:
b6:72:56:53:d5:bd:57:f7:e4:84:8f:02:e3:f3:a9:8c:ee:a7:
53:79:70:0c:1a:5b:4a:c5:2b:dd:fa:70:61:6e:ba:80:24:bf:
00:3e:c1:f6:a2:68:cf:aa:ee:f5:80:19:94:98:86:7f:b4:06:
bf:81:11:eb:49:03:3b:69:a1:f6:a8:f3:f9:bb:7a:75:d0:c1:
79:ac:d9:28:ea:8b:dd:ca:ae:6a:d6:68:2a:f3:cd:69:ee:68:
d4:7a:be:d1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZVBAsv/DlG52srOwk7wx33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDIwMjEwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA1YjJlNmEyZjI2OGRhNTZjZGFlMGRhNTgzMTdkNDc0Mjc2MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fl0ZCTb1N5JtXtKU5LqqNi1S5om
1ZvdvdjoRZRVPKVej0uL4IBpFIwSpEMSXEHzqAAvTXxBE4i1bXPIeeWEitJ2l2q2
CNJ3pdWrNZvmZzgzWVQSy8sWwfHfO59n/k+TY+1PYlGCLbIbu99PiwiFTyfRBLrl
ehWKi6N+6q+EXZ6Ng6HZ6UVqm3Bvca7/LIKNfctbBHaR+qWT0r28xrtlmxX6bAKH
QO0IHT/UGwMx1tJhsS6Ugwa5ucxPtglpcHSe5Zjn5Xkqk8ODSMlZAy4YOT95AXiY
II+RIMRx08W3qfpFeEGYmPi79N15Muan5MgQZp2NKGSwqEX47IKgh4VjMQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIUFsuai8mjaVs2uDaWDF9R0J2GvMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvaFFXeTVxTHlhTnBXemE0TnBZTVgxSFFuWWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWVQPVbTANBgkqhkiG9w0BAQsFAAOCAQEAeWdKeU5Ern8T+dhF1daIfJSx
rTma+ZMYrA5Ke/22cdOT0sZuMotupVGWB2jtm/yF6K5i7oqKeBHeMsG0wd8nvuEA
9z8LtGMO2qE4F60Twpgw83WXeAFCGrGlrBgqdfmJE+NfbXyGzaB06moOaUPeZEtw
sHXyo0tJ/OL0QkbqgRYEuxfsVGmgQgcAiUJdEIA7bt4zhaiACXW1DmJnm523VR5o
tnJWU9W9V/fkhI8C4/OpjO6nU3lwDBpbSsUr3fpwYW66gCS/AD7B9qJoz6ru9YAZ
lJiGf7QGv4ER60kDO2mh9qjz+bt6ddDBeazZKOqL3cquatZoKvPNae5o1Hq+0Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:06:16 2025 by rpki-client