Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sXb1rw-Zx1WC0sADmPTSzdPhCN8.roa
File: sXb1rw-Zx1WC0sADmPTSzdPhCN8.roa (raw, json)
Hash identifier: M07zDYK8HKvFNp8+C4yJLI2wwy5wHbf3foIlbMaQT6Q=
Subject key identifier: B1:76:F5:AF:0F:99:C7:55:82:D2:C0:03:98:F4:D2:CD:D3:E1:08:DF
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01965128314254F2BE934CB8CBFFAB0C341C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sXb1rw-Zx1WC0sADmPTSzdPhCN8.roa
Signing time: Sun 20 Apr 2025 03:05:10 +0000
ROA not before: Sun 20 Apr 2025 03:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:5127:a135/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:28:31:42:54:f2:be:93:4c:b8:cb:ff:ab:0c:34:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 20 03:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b176f5af0f99c75582d2c00398f4d2cdd3e108df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:3e:80:a1:d9:36:80:d1:fe:bd:57:95:57:
51:34:ca:e4:56:4f:b9:40:34:fa:dc:aa:81:91:b1:
e2:7f:5e:39:99:c8:51:64:e7:3f:68:22:13:5f:0b:
d5:a0:b4:94:df:ef:58:a9:aa:2d:5f:9c:7d:4e:2d:
87:ce:7b:15:25:72:0b:34:52:f7:0c:45:4b:8a:b2:
4b:59:88:81:95:0b:fa:c4:10:6d:a4:04:f8:5e:1d:
1b:a1:f8:25:6d:4f:9b:4b:ad:c8:3a:55:bc:34:99:
a6:ef:9d:53:82:bc:dd:eb:cf:1c:26:73:a3:cd:e4:
97:26:a9:e6:9e:b4:c9:88:79:f1:07:6f:9b:c2:32:
4a:97:fa:02:54:2c:8c:9c:5c:72:d6:de:39:7c:5c:
9a:d2:82:f5:83:c7:1b:0b:9e:21:45:c3:50:17:17:
6a:a6:8a:f4:ee:df:8a:58:60:dd:4d:c2:02:c8:0a:
a2:8e:f2:42:bf:ba:8b:8a:6a:7d:24:4c:4c:84:74:
de:58:c0:b1:2a:8d:d1:da:33:f0:2a:23:8b:27:e1:
c7:d7:d5:f6:94:79:49:7a:ff:54:ab:a1:62:dc:6b:
0d:ae:1d:62:d9:1f:ee:40:a9:04:39:27:03:7b:26:
e9:8a:33:ef:25:4b:5f:12:25:1a:7b:1d:95:24:21:
74:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:76:F5:AF:0F:99:C7:55:82:D2:C0:03:98:F4:D2:CD:D3:E1:08:DF
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sXb1rw-Zx1WC0sADmPTSzdPhCN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:5127:a135/128
Signature Algorithm: sha256WithRSAEncryption
7f:db:3c:c5:d5:d9:ad:04:71:c0:43:92:d8:96:2f:69:80:08:
dc:32:89:9c:c0:9e:07:1e:f8:94:75:9a:30:71:d2:ec:12:bb:
b0:b7:f8:f5:a2:c0:be:ea:f0:c8:04:e6:a7:81:73:76:b6:5d:
47:02:b6:eb:13:18:d2:db:60:1f:dc:c8:d6:28:a4:1d:dc:ba:
38:92:12:ea:96:e5:e7:3d:a5:51:ec:da:db:94:f2:0b:07:51:
a1:82:52:09:df:e4:14:83:e0:ab:d0:ce:02:03:38:9e:0f:2a:
6d:97:a1:10:17:9e:92:9a:a0:a0:66:57:46:91:df:e3:ee:39:
b7:e1:aa:49:d8:5f:a5:c8:fc:a6:50:82:5c:ba:f8:b1:db:2a:
f3:43:9c:16:6d:f3:42:75:1d:24:65:9b:d3:21:5a:26:e8:63:
95:9c:dd:99:25:f1:03:4e:45:c2:c8:01:56:de:d9:93:91:30:
33:08:26:0d:31:30:5e:79:88:36:56:ba:a0:0e:dc:9d:a2:e0:
0e:ea:7a:4f:80:62:ef:3e:76:e1:5a:0c:c7:6a:16:bf:05:08:
73:7b:41:88:6c:b4:6e:50:b3:b7:77:d4:35:0f:4e:29:d7:55:
ea:8f:9c:fc:78:20:4d:80:1b:09:80:30:e0:61:68:6d:b4:19:
e8:3a:a5:78
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZZRKDFCVPK+k0y4y/+rDDQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDIwMDMwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc2ZjVhZjBmOTljNzU1ODJkMmMwMDM5OGY0ZDJjZGQzZTEwOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt28+gKHZNoDR/r1XlVdRNMrkVk+5
QDT63KqBkbHif145mchRZOc/aCITXwvVoLSU3+9YqaotX5x9Ti2HznsVJXILNFL3
DEVLirJLWYiBlQv6xBBtpAT4Xh0bofglbU+bS63IOlW8NJmm751Tgrzd688cJnOj
zeSXJqnmnrTJiHnxB2+bwjJKl/oCVCyMnFxy1t45fFya0oL1g8cbC54hRcNQFxdq
por07t+KWGDdTcICyAqijvJCv7qLimp9JExMhHTeWMCxKo3R2jPwKiOLJ+HH19X2
lHlJev9Uq6Fi3GsNrh1i2R/uQKkEOScDeybpijPvJUtfEiUaex2VJCF0MQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLF29a8PmcdVgtLAA5j00s3T4QjfMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc1hiMXJ3LVp4MVdDMHNBRG1QVFN6ZFBoQ044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWUSehNTANBgkqhkiG9w0BAQsFAAOCAQEAf9s8xdXZrQRxwEOS2JYvaYAI
3DKJnMCeBx74lHWaMHHS7BK7sLf49aLAvurwyATmp4FzdrZdRwK26xMY0ttgH9zI
1iikHdy6OJIS6pbl5z2lUeza25TyCwdRoYJSCd/kFIPgq9DOAgM4ng8qbZehEBee
kpqgoGZXRpHf4+45t+GqSdhfpcj8plCCXLr4sdsq80OcFm3zQnUdJGWb0yFaJuhj
lZzdmSXxA05FwsgBVt7Zk5EwMwgmDTEwXnmINla6oA7cnaLgDup6T4Bi7z524VoM
x2oWvwUIc3tBiGy0blCzt3fUNQ9OKddV6o+c/HggTYAbCYAw4GFobbQZ6DqleA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:39:22 2025 by rpki-client