Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jmWtQl2WyFEIaLr9fpiZ1iS92tI.roa
File: jmWtQl2WyFEIaLr9fpiZ1iS92tI.roa (raw, json)
Hash identifier: GHrdh496oxMU3C43oQapZMwJCAOM8N1DMMRZlHP+vfE=
Subject key identifier: 8E:65:AD:42:5D:96:C8:51:08:68:BA:FD:7E:98:99:D6:24:BD:DA:D2
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0197263B120F6998B047CD3701D7C4D41043
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jmWtQl2WyFEIaLr9fpiZ1iS92tI.roa
Signing time: Sat 31 May 2025 12:04:54 +0000
ROA not before: Sat 31 May 2025 12:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
2001:67c:64:ffff:0:197:263a:3229/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:26:3b:12:0f:69:98:b0:47:cd:37:01:d7:c4:d4:10:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 31 12:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e65ad425d96c8510868bafd7e9899d624bddad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:97:f5:e2:10:46:e4:e0:75:8f:41:e0:5c:
39:73:aa:da:6e:27:ef:cc:7a:57:22:62:e7:65:04:
84:b6:66:a8:ac:ad:56:13:76:8a:e4:27:14:dd:7e:
3b:34:3a:7e:fd:3e:0d:cc:e4:6d:c3:d7:8f:ef:82:
71:da:2e:df:98:89:0f:6f:59:91:20:6a:f9:c2:37:
04:f0:f4:cf:7c:02:b1:8d:4e:1e:22:c6:91:c7:11:
e1:c2:9f:85:79:27:59:d3:47:bc:fe:7b:ba:58:41:
0d:b3:3a:01:c2:01:e4:d0:ce:25:9d:19:cb:9b:f4:
3d:98:2e:0c:39:57:de:df:d9:35:fe:3c:38:dc:95:
31:e5:de:13:f8:9c:37:9a:40:6d:db:44:6d:28:43:
a8:e6:81:ed:b6:fa:78:ff:46:fd:26:b6:5c:62:e9:
b8:6a:d7:66:1c:00:fd:6c:c1:4f:c8:b7:7a:50:97:
28:77:11:c7:e2:66:b4:69:73:53:26:a2:4c:5a:5c:
f6:87:5e:86:c5:9e:a0:5c:02:a3:81:a4:3d:d8:0a:
8f:fc:f8:17:42:e4:26:8d:47:49:ec:d8:e2:3a:88:
56:0e:5b:e4:e2:cc:c9:8d:b4:c1:a4:ca:9a:a4:15:
0d:bc:a1:73:b1:46:98:46:3f:98:25:58:d9:60:e4:
13:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:65:AD:42:5D:96:C8:51:08:68:BA:FD:7E:98:99:D6:24:BD:DA:D2
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/jmWtQl2WyFEIaLr9fpiZ1iS92tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
2001:67c:64:ffff:0:197:263a:3229/128
Signature Algorithm: sha256WithRSAEncryption
04:5f:e4:e4:2c:c7:28:28:36:be:84:c5:04:79:65:1f:10:03:
24:4f:8c:75:f6:7c:40:8f:fa:59:5b:d1:cd:0c:56:1d:93:09:
3f:f5:66:4d:97:01:d0:61:94:0a:7c:f2:aa:34:6f:58:9e:1d:
90:ce:34:42:83:f4:49:c7:78:01:f0:75:0d:cb:4e:a4:39:ea:
a3:5e:3a:e0:a4:1e:ea:a5:da:b7:01:79:64:55:67:18:af:6f:
81:2a:94:a2:bd:f4:ae:c0:78:65:1e:c0:d3:8e:a8:8f:71:ed:
11:21:7d:11:d2:64:26:ee:62:e0:8e:0f:1e:0a:ef:e6:e8:c1:
5d:ec:dd:cb:37:e8:6f:f6:d8:01:f7:75:a0:5c:fa:b8:7e:71:
34:dc:f5:0b:21:00:6c:e7:93:b8:f2:88:ea:a0:03:f3:54:cf:
db:dc:fd:7d:13:8f:a9:1f:57:12:8e:c2:b3:64:6d:b8:75:2d:
eb:a6:a1:fb:78:dc:a8:be:f2:d3:bb:e0:dc:25:a2:c7:6b:ab:
6a:46:a9:ce:b2:d8:8c:6e:3b:ab:50:24:b9:4a:2f:05:f6:a1:
19:97:83:96:ed:1e:eb:e4:48:b6:0a:ba:fe:f1:08:8e:21:fe:
c6:82:8a:9b:9b:9e:1c:78:f1:17:0d:49:4a:cd:ff:96:8c:e8:
8f:83:93:ea
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcmOxIPaZiwR803AdfE1BBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTMxMTIwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTY1YWQ0MjVkOTZjODUxMDg2OGJhZmQ3ZTk4OTlkNjI0YmRkYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3WX9eIQRuTgdY9B4Fw5c6rabifv
zHpXImLnZQSEtmaorK1WE3aK5CcU3X47NDp+/T4NzORtw9eP74Jx2i7fmIkPb1mR
IGr5wjcE8PTPfAKxjU4eIsaRxxHhwp+FeSdZ00e8/nu6WEENszoBwgHk0M4lnRnL
m/Q9mC4MOVfe39k1/jw43JUx5d4T+Jw3mkBt20RtKEOo5oHttvp4/0b9JrZcYum4
atdmHAD9bMFPyLd6UJcodxHH4ma0aXNTJqJMWlz2h16GxZ6gXAKjgaQ92AqP/PgX
QuQmjUdJ7NjiOohWDlvk4szJjbTBpMqapBUNvKFzsUaYRj+YJVjZYOQTuwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFI5lrUJdlshRCGi6/X6YmdYkvdrSMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvam1XdFFsMld5RkVJYUxyOWZwaVoxaVM5MnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
AxEAIAEGfABk//8AAAGXJjoyKTANBgkqhkiG9w0BAQsFAAOCAQEABF/k5CzHKCg2
voTFBHllHxADJE+MdfZ8QI/6WVvRzQxWHZMJP/VmTZcB0GGUCnzyqjRvWJ4dkM40
QoP0Scd4AfB1DctOpDnqo1464KQe6qXatwF5ZFVnGK9vgSqUor30rsB4ZR7A046o
j3HtESF9EdJkJu5i4I4PHgrv5ujBXezdyzfob/bYAfd1oFz6uH5xNNz1CyEAbOeT
uPKI6qAD81TP29z9fROPqR9XEo7Cs2RtuHUt66ah+3jcqL7y07vg3CWix2urakap
zrLYjG47q1AkuUovBfahGZeDlu0e6+RItgq6/vEIjiH+xoKKm5ueHHjxFw1JSs3/
lozoj4OT6g==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:10:15 2025 by rpki-client