Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kUu0I2K7DUsrdY4laCUIXK1tBZs.roa
File: kUu0I2K7DUsrdY4laCUIXK1tBZs.roa (raw, json)
Hash identifier: x3KBjLKDVjdJu0LQc8vCSV6h9Jb0Z00XQUkCg0gShko=
Subject key identifier: 91:4B:B4:23:62:BB:0D:4B:2B:75:8E:25:68:25:08:5C:AD:6D:05:9B
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01966EFAC55323C47CE19B0BE70785544E73
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kUu0I2K7DUsrdY4laCUIXK1tBZs.roa
Signing time: Fri 25 Apr 2025 22:04:10 +0000
ROA not before: Fri 25 Apr 2025 22:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:6efa:af90/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6e:fa:c5:53:23:c4:7c:e1:9b:0b:e7:07:85:54:4e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 25 22:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=914bb42362bb0d4b2b758e256825085cad6d059b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:49:20:ab:a3:d7:7f:4d:b3:6f:80:93:2a:b0:
d6:fa:d5:1d:bb:71:18:f9:b7:2c:f0:44:b9:5a:78:
b5:39:f2:0c:8f:1a:6b:ae:a8:9b:2a:17:4c:9c:a2:
e8:a4:c3:81:16:71:9e:78:e6:5a:35:87:07:38:02:
7b:2c:f5:2f:9c:df:b3:0a:69:6c:e2:50:f6:9f:b9:
83:75:5a:00:ff:b9:93:31:5e:6e:dc:0e:ac:4f:6a:
7b:5c:f3:ea:c5:ed:2e:de:63:76:88:8c:fa:b7:34:
82:c1:51:c0:d0:08:7e:83:7e:37:5c:bb:46:09:ac:
1d:58:55:47:b9:d2:39:98:dc:7f:7f:1e:fc:2b:22:
01:7c:e6:f6:56:6f:1e:d1:3e:97:c8:46:cf:42:b8:
41:a9:92:b6:e1:1a:c0:4b:69:db:58:e2:d1:6c:59:
c7:73:25:e6:06:de:28:93:95:8c:c8:ac:aa:8e:cf:
ab:f9:ff:dd:ca:6d:95:d2:98:2f:10:e9:b6:8b:9b:
8d:c5:2f:ae:10:5e:15:12:84:f2:d4:2e:7b:0a:31:
25:33:9c:94:ab:99:1f:f5:b0:fc:b7:51:73:fe:ad:
89:17:a0:66:52:58:85:bd:1e:39:f7:8f:4e:aa:c6:
47:aa:4b:69:43:ca:db:f0:b1:40:4e:04:4a:e3:b0:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:B4:23:62:BB:0D:4B:2B:75:8E:25:68:25:08:5C:AD:6D:05:9B
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/kUu0I2K7DUsrdY4laCUIXK1tBZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:6efa:af90/128
Signature Algorithm: sha256WithRSAEncryption
a8:a4:65:de:13:54:f9:f1:02:dd:f0:c1:b9:ca:62:1c:ba:79:
de:3c:f5:51:48:a1:a9:09:45:87:7b:3c:4b:62:36:53:0a:c9:
65:ca:33:28:dd:ab:68:57:29:7e:c4:2e:e9:e7:80:32:99:50:
5a:95:83:60:29:b4:85:2f:a4:d0:27:4a:20:79:59:75:f6:52:
46:b6:dc:a1:10:da:c7:7b:fd:8c:94:31:45:da:0c:59:ed:1e:
85:b7:26:45:cf:e6:6b:b1:dc:48:37:93:fd:b9:f8:c8:db:2a:
82:2f:2f:23:2b:61:ed:3a:8f:f3:f8:b2:92:a0:00:5b:7b:5b:
99:88:2e:65:d8:1d:e7:da:5a:ea:b6:86:50:4b:7c:97:b9:90:
74:3e:a9:27:2a:d3:9c:69:49:36:1d:4c:e2:90:84:6c:26:df:
19:ef:dd:9d:97:94:1d:91:54:eb:18:53:1d:49:24:6c:ab:b8:
4d:5d:ff:7a:65:f2:11:a5:5f:e5:a2:54:7d:fe:75:84:8d:f3:
a6:77:48:89:a9:b2:c6:49:e5:e1:d5:a8:64:e3:72:3e:07:c9:
f0:1e:d2:57:03:6a:18:fa:1a:65:54:47:a1:84:10:37:ff:41:
5f:bf:52:4f:c6:07:1e:c2:af:fc:c4:17:74:52:a6:88:98:f2:
fd:cb:f4:c6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZu+sVTI8R84ZsL5weFVE5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDI1MjIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRiYjQyMzYyYmIwZDRiMmI3NThlMjU2ODI1MDg1Y2FkNmQwNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUkgq6PXf02zb4CTKrDW+tUdu3EY
+bcs8ES5Wni1OfIMjxprrqibKhdMnKLopMOBFnGeeOZaNYcHOAJ7LPUvnN+zCmls
4lD2n7mDdVoA/7mTMV5u3A6sT2p7XPPqxe0u3mN2iIz6tzSCwVHA0Ah+g343XLtG
CawdWFVHudI5mNx/fx78KyIBfOb2Vm8e0T6XyEbPQrhBqZK24RrAS2nbWOLRbFnH
cyXmBt4ok5WMyKyqjs+r+f/dym2V0pgvEOm2i5uNxS+uEF4VEoTy1C57CjElM5yU
q5kf9bD8t1Fz/q2JF6BmUliFvR45949OqsZHqktpQ8rb8LFATgRK47C1SQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJFLtCNiuw1LK3WOJWglCFytbQWbMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEva1V1MEkySzdEVXNyZFk0bGFDVUlYSzF0QlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWbvqvkDANBgkqhkiG9w0BAQsFAAOCAQEAqKRl3hNU+fEC3fDBucpiHLp5
3jz1UUihqQlFh3s8S2I2UwrJZcozKN2raFcpfsQu6eeAMplQWpWDYCm0hS+k0CdK
IHlZdfZSRrbcoRDax3v9jJQxRdoMWe0ehbcmRc/ma7HcSDeT/bn4yNsqgi8vIyth
7TqP8/iykqAAW3tbmYguZdgd59pa6raGUEt8l7mQdD6pJyrTnGlJNh1M4pCEbCbf
Ge/dnZeUHZFU6xhTHUkkbKu4TV3/emXyEaVf5aJUff51hI3zpndIiamyxknl4dWo
ZONyPgfJ8B7SVwNqGPoaZVRHoYQQN/9BX79ST8YHHsKv/MQXdFKmiJjy/cv0xg==
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:24:38 2025 by rpki-client