Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lErgcaFk8RakrF4vn8c_B4nY7F8.roa
File: lErgcaFk8RakrF4vn8c_B4nY7F8.roa (raw, json)
Hash identifier: bWk99d1h45lsCET/+OFG2R7l1BY6MSyNVabcrvbC6c4=
Subject key identifier: 94:4A:E0:71:A1:64:F1:16:A4:AC:5E:2F:9F:C7:3F:07:89:D8:EC:5F
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01961A391B82759B7671274C1B469AA73F35
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lErgcaFk8RakrF4vn8c_B4nY7F8.roa
Signing time: Wed 09 Apr 2025 11:04:32 +0000
ROA not before: Wed 09 Apr 2025 11:04:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:1a38:e3b7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:39:1b:82:75:9b:76:71:27:4c:1b:46:9a:a7:3f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 9 11:04:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=944ae071a164f116a4ac5e2f9fc73f0789d8ec5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:c5:53:d7:ca:f6:24:83:b7:3a:19:88:4c:
51:8a:e4:4f:d5:e0:8c:4a:72:2e:24:93:69:37:7b:
c4:8e:f3:15:b2:39:68:fc:86:7f:e0:d4:6e:12:f0:
fd:b4:b6:90:ce:d6:59:25:02:15:5f:a7:75:7f:80:
66:d0:1f:21:6d:b7:83:11:0e:ec:89:b8:24:94:9a:
84:a0:18:fe:dc:1a:92:e2:da:5f:5f:dd:0f:20:7c:
38:ad:dc:89:eb:dd:21:c2:3a:d2:4a:f3:3e:b0:ed:
1e:ec:4b:59:f6:ff:ce:ad:f4:cd:36:81:9c:81:df:
49:3e:62:e7:be:8a:c5:c7:d4:17:14:a8:e2:dd:c7:
07:83:61:1d:86:14:b4:58:0b:e9:60:55:cc:16:ed:
56:2b:0d:e9:a7:04:5d:2e:83:d8:fb:69:78:a2:d0:
af:a8:a3:e3:dd:92:1d:86:7e:06:45:2d:c1:ec:3d:
a8:16:e5:83:fe:46:72:a6:5c:6a:f4:ed:df:48:61:
b7:09:9d:e3:1c:14:fe:3a:a1:c5:93:72:a5:60:a0:
19:f4:23:4c:90:5d:99:7e:e6:8c:0b:f4:af:6b:f5:
6f:9a:21:27:d3:3c:f2:32:ef:64:5f:09:72:bf:8a:
dd:7e:f9:e6:e4:98:18:32:fb:5c:78:9f:00:48:2f:
c2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4A:E0:71:A1:64:F1:16:A4:AC:5E:2F:9F:C7:3F:07:89:D8:EC:5F
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/lErgcaFk8RakrF4vn8c_B4nY7F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:1a38:e3b7/128
Signature Algorithm: sha256WithRSAEncryption
4b:e0:d5:3d:58:15:2e:f4:a6:15:24:38:ac:62:9a:f3:da:09:
ba:c0:68:0c:53:51:06:4a:10:2b:26:cc:c4:e4:9a:fb:e2:48:
c6:88:1e:70:06:9c:e0:6f:d7:4f:d5:04:ca:cc:34:3b:e6:d9:
f2:c0:aa:5b:0c:47:71:54:8b:dc:17:34:cb:af:f9:69:1d:8c:
02:df:61:01:52:19:5c:13:b5:06:b9:04:92:d5:82:b9:50:1f:
07:2d:04:cd:63:41:63:ae:a1:e5:d4:b0:63:b2:67:88:3d:7a:
a0:89:82:58:b1:cd:d9:48:0b:f6:ed:e4:74:d4:83:21:f0:20:
7a:77:53:c2:f5:83:f1:64:6a:47:69:31:71:a9:bf:6f:36:81:
68:1d:98:c3:9d:5e:98:4c:99:b6:7a:18:c7:de:c5:11:35:e4:
71:9a:c4:34:48:f3:e2:5a:35:fb:20:35:74:49:6b:03:9d:0d:
66:9d:54:50:bf:6d:3b:28:7c:d7:ac:77:c2:7d:a1:33:d8:f8:
e5:1d:c9:9b:bf:88:6f:98:8a:61:d5:a5:79:ce:83:4b:8c:ca:
32:ba:42:0c:e4:f1:c5:6e:cd:70:6a:81:fa:ea:99:f5:37:4e:
19:3a:e5:30:e3:f2:94:51:b5:cd:03:bf:b8:34:5d:7d:63:73:
09:c3:93:ec
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYaORuCdZt2cSdMG0aapz81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDA5MTEwNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRhZTA3MWExNjRmMTE2YTRhYzVlMmY5ZmM3M2YwNzg5ZDhlYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBrFU9fK9iSDtzoZiExRiuRP1eCM
SnIuJJNpN3vEjvMVsjlo/IZ/4NRuEvD9tLaQztZZJQIVX6d1f4Bm0B8hbbeDEQ7s
ibgklJqEoBj+3BqS4tpfX90PIHw4rdyJ690hwjrSSvM+sO0e7EtZ9v/OrfTNNoGc
gd9JPmLnvorFx9QXFKji3ccHg2EdhhS0WAvpYFXMFu1WKw3ppwRdLoPY+2l4otCv
qKPj3ZIdhn4GRS3B7D2oFuWD/kZyplxq9O3fSGG3CZ3jHBT+OqHFk3KlYKAZ9CNM
kF2ZfuaMC/Sva/VvmiEn0zzyMu9kXwlyv4rdfvnm5JgYMvtceJ8ASC/CMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJRK4HGhZPEWpKxeL5/HPweJ2OxfMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvbEVyZ2NhRms4UmFrckY0dm44Y19CNG5ZN0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWGjjjtzANBgkqhkiG9w0BAQsFAAOCAQEAS+DVPVgVLvSmFSQ4rGKa89oJ
usBoDFNRBkoQKybMxOSa++JIxogecAac4G/XT9UEysw0O+bZ8sCqWwxHcVSL3Bc0
y6/5aR2MAt9hAVIZXBO1BrkEktWCuVAfBy0EzWNBY66h5dSwY7JniD16oImCWLHN
2UgL9u3kdNSDIfAgendTwvWD8WRqR2kxcam/bzaBaB2Yw51emEyZtnoYx97FETXk
cZrENEjz4lo1+yA1dElrA50NZp1UUL9tOyh816x3wn2hM9j45R3Jm7+Ib5iKYdWl
ec6DS4zKMrpCDOTxxW7NcGqB+uqZ9TdOGTrlMOPylFG1zQO/uDRdfWNzCcOT7A==
-----END CERTIFICATE-----
Generated at Tue Jun 17 10:29:28 2025 by rpki-client