Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kKegKzLCCQP1HHlZQ6ZCsBWqsQc.roa
File: kKegKzLCCQP1HHlZQ6ZCsBWqsQc.roa (raw, json)
Hash identifier: S8f4zQIgPAkEJALxDL4MGLv+Q5Imz79pSm0aeOdKVLY=
Subject key identifier: 90:A7:A0:2B:32:C2:09:03:F5:1C:79:59:43:A6:42:B0:15:AA:B1:07
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01964E2726120041831A7AE7B6BCE2116FDF
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kKegKzLCCQP1HHlZQ6ZCsBWqsQc.roa
Signing time: Sat 19 Apr 2025 13:05:10 +0000
ROA not before: Sat 19 Apr 2025 13:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:4e26:4d84/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4e:27:26:12:00:41:83:1a:7a:e7:b6:bc:e2:11:6f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 19 13:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90a7a02b32c20903f51c795943a642b015aab107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:8d:31:bb:1d:64:69:ce:4e:51:29:28:d0:
63:94:7b:35:c9:cf:bf:06:cb:3b:fd:8a:7b:53:c7:
70:42:d4:d7:60:7b:96:69:e4:b5:88:bf:ce:93:23:
c3:a7:e1:39:d3:91:0f:b9:84:af:65:18:da:4e:a1:
2b:44:dd:72:76:79:a1:8d:1e:57:7d:ad:a0:0f:ea:
3a:a7:53:f6:24:c9:f4:59:55:2e:b3:64:a7:29:7e:
98:4e:1d:68:e4:0c:a0:50:4f:3b:85:7a:19:eb:86:
1b:33:c1:af:0e:6b:4e:34:46:ef:51:70:29:62:c3:
c4:bc:4e:ba:d8:f8:20:ca:da:7d:9f:2d:ba:f6:95:
ad:d1:d7:47:68:14:f6:bf:4f:46:f8:cf:d3:a0:b1:
c4:a2:d1:f1:0a:7a:e3:56:2d:25:fb:fc:3e:53:54:
e6:00:ea:57:b5:4d:d9:0d:c7:12:d0:1e:01:29:87:
1e:e9:55:d9:07:47:08:71:41:81:aa:e6:ba:e3:6f:
a5:60:e8:42:43:4c:73:e9:3c:40:c8:2b:e1:7f:79:
c9:b3:a2:3c:5d:e7:50:10:fc:25:fa:27:fa:5f:96:
c8:b1:84:77:83:04:ca:d7:a2:33:58:61:b1:bb:d9:
df:14:14:3e:f3:52:78:55:bb:0e:b5:18:2f:1b:c5:
4e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A7:A0:2B:32:C2:09:03:F5:1C:79:59:43:A6:42:B0:15:AA:B1:07
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kKegKzLCCQP1HHlZQ6ZCsBWqsQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:4e26:4d84/128
Signature Algorithm: sha256WithRSAEncryption
a6:b7:fc:5c:45:7f:d5:d4:0f:2a:31:0b:b9:10:e7:12:46:b3:
e4:f8:fc:cd:c2:df:00:9f:11:9c:42:3a:ba:a6:60:a6:58:71:
5d:f9:3d:1e:9e:3d:0a:38:bd:9e:5e:9d:9a:41:e0:26:2d:ef:
dc:c4:ee:fb:97:6f:b5:8a:af:63:c0:68:01:b0:91:21:63:d6:
35:59:4e:e7:84:02:03:22:48:d4:ec:5c:48:a8:90:b2:b6:6b:
a3:21:3d:61:c9:58:41:c4:f5:fe:05:4f:28:e9:b1:46:01:9e:
a7:4e:13:36:64:c4:89:13:d5:09:80:10:2d:44:a6:a3:29:42:
8c:8f:79:23:cc:3a:aa:13:8e:a6:1d:f6:d4:6c:71:15:b5:1e:
10:bc:ab:1f:bf:05:d2:9b:6c:32:c7:0c:67:16:33:9a:14:a1:
ba:d2:b7:dc:3e:dd:dc:6a:29:12:5f:ef:c1:1d:cd:d4:5c:90:
4b:a2:ec:28:e8:f9:01:3a:58:d4:5d:aa:14:7c:33:91:f5:c7:
7a:47:ce:0f:78:71:ce:88:28:17:b8:6d:17:74:28:29:47:70:
1f:80:67:c5:49:12:b1:07:e5:29:35:9c:9d:97:0a:32:d0:6c:
66:d8:c9:be:0f:bc:db:ba:b2:94:fb:76:50:ae:78:52:a0:54:
4a:ff:b9:d8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZOJyYSAEGDGnrntrziEW/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDE5MTMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE3YTAyYjMyYzIwOTAzZjUxYzc5NTk0M2E2NDJiMDE1YWFiMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHKNMbsdZGnOTlEpKNBjlHs1yc+/
Bss7/Yp7U8dwQtTXYHuWaeS1iL/OkyPDp+E505EPuYSvZRjaTqErRN1ydnmhjR5X
fa2gD+o6p1P2JMn0WVUus2SnKX6YTh1o5AygUE87hXoZ64YbM8GvDmtONEbvUXAp
YsPEvE662Pggytp9ny269pWt0ddHaBT2v09G+M/ToLHEotHxCnrjVi0l+/w+U1Tm
AOpXtU3ZDccS0B4BKYce6VXZB0cIcUGBqua642+lYOhCQ0xz6TxAyCvhf3nJs6I8
XedQEPwl+if6X5bIsYR3gwTK16IzWGGxu9nfFBQ+81J4VbsOtRgvG8VO7wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJCnoCsywgkD9Rx5WUOmQrAVqrEHMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEva0tlZ0t6TENDUVAxSEhsWlE2WkNzQldxc1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWTiZNhDANBgkqhkiG9w0BAQsFAAOCAQEAprf8XEV/1dQPKjELuRDnEkaz
5Pj8zcLfAJ8RnEI6uqZgplhxXfk9Hp49Cji9nl6dmkHgJi3v3MTu+5dvtYqvY8Bo
AbCRIWPWNVlO54QCAyJI1OxcSKiQsrZroyE9YclYQcT1/gVPKOmxRgGep04TNmTE
iRPVCYAQLUSmoylCjI95I8w6qhOOph321GxxFbUeELyrH78F0ptsMscMZxYzmhSh
utK33D7d3GopEl/vwR3N1FyQS6LsKOj5ATpY1F2qFHwzkfXHekfOD3hxzogoF7ht
F3QoKUdwH4BnxUkSsQflKTWcnZcKMtBsZtjJvg+827qylPt2UK54UqBUSv+52A==
-----END CERTIFICATE-----
Generated at Tue Jun 17 22:35:42 2025 by rpki-client