Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sYvd7MYRD4AD8Z7Fvgdoh7s9rjo.roa
File: sYvd7MYRD4AD8Z7Fvgdoh7s9rjo.roa (raw, json)
Hash identifier: M60j/ByOHw726RYWVvHeCZeuHz/uCVZmlUuI9ernXRU=
Subject key identifier: B1:8B:DD:EC:C6:11:0F:80:03:F1:9E:C5:BE:07:68:87:BB:3D:AE:3A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 019618EF8337FB8C616CAD2C6D758B62E888
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sYvd7MYRD4AD8Z7Fvgdoh7s9rjo.roa
Signing time: Wed 09 Apr 2025 05:04:31 +0000
ROA not before: Wed 09 Apr 2025 05:04:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:18ef:526d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:18:ef:83:37:fb:8c:61:6c:ad:2c:6d:75:8b:62:e8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Apr 9 05:04:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b18bddecc6110f8003f19ec5be076887bb3dae3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:0e:df:29:37:bf:83:3d:e2:80:82:b1:fa:
1b:dd:0b:e5:4b:9a:07:a3:61:c7:57:00:b6:1a:2f:
76:aa:34:08:fd:87:8c:b7:40:56:ab:51:8f:7d:5c:
0a:a4:61:60:5d:2b:91:67:57:f8:61:ee:33:1b:6f:
2c:b1:b8:6b:a4:85:b6:26:11:7a:80:e7:c5:8f:83:
85:4e:31:54:4b:5f:28:29:29:dc:a4:13:d3:d8:de:
78:c2:0c:b3:33:ad:b3:4e:f8:1a:88:0c:78:3f:3c:
6a:ec:51:29:d6:6d:6c:6d:bb:25:a2:4f:46:2f:bd:
d2:58:26:54:32:24:f0:c0:63:73:b5:8c:72:83:4e:
87:d9:1c:5b:b2:d3:09:83:fe:df:58:ec:15:9d:9d:
f7:4c:26:83:12:97:eb:90:02:f0:47:87:d0:66:03:
c3:0b:47:a1:b0:18:e9:26:67:ba:fa:99:05:0e:2f:
66:fe:ab:09:22:90:11:a4:dd:b5:a1:c0:9f:26:69:
90:54:01:e0:5a:81:6f:07:af:bd:32:fb:3e:0e:42:
57:1d:80:6f:9e:fb:16:7d:84:30:b2:7f:38:ce:5b:
22:6a:d0:b4:61:d8:11:a6:c7:e7:29:ee:05:30:c8:
f7:b3:fd:53:10:65:70:a4:43:a4:04:e4:ef:69:52:
cc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8B:DD:EC:C6:11:0F:80:03:F1:9E:C5:BE:07:68:87:BB:3D:AE:3A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sYvd7MYRD4AD8Z7Fvgdoh7s9rjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:18ef:526d/128
Signature Algorithm: sha256WithRSAEncryption
77:24:98:e2:56:a9:38:01:1b:e8:d9:6c:9d:46:ac:46:65:4a:
67:fe:8c:64:7d:b5:32:b3:4f:2b:27:d8:82:9d:f4:b3:39:ea:
52:a6:94:fc:af:07:d6:90:f3:33:d1:25:26:0a:0f:cb:34:61:
30:d4:f3:b0:7f:50:b8:79:6b:74:54:5d:a3:e6:80:78:14:3a:
d1:86:a6:c9:1a:76:14:fe:7a:a7:57:81:06:9c:84:cd:34:9b:
87:74:8a:5d:80:87:d0:99:69:e8:e1:cc:9d:57:0f:7a:b4:74:
bd:0f:2a:3e:3a:5c:4d:5d:2d:92:bc:72:3f:e4:a8:8f:03:30:
90:64:ef:bc:55:33:b5:6c:61:d0:cb:1a:83:d7:2c:e1:4c:bf:
ec:f8:13:b2:f9:95:f1:ff:9c:e9:d4:a3:ce:ce:b0:06:45:9d:
dd:55:79:41:9b:fc:0c:ac:85:86:fd:61:40:53:40:b9:ae:8d:
05:1a:e6:b2:24:2c:0a:7b:c0:0e:31:52:92:d2:83:9c:d4:b5:
c9:f0:a8:26:84:83:24:d4:6e:95:6d:b8:d9:66:e3:d1:d0:e2:
f8:db:e1:72:75:2d:0d:14:fe:e8:32:3d:8c:d2:41:27:18:7a:
9a:30:58:f3:f9:51:79:95:bc:89:3f:fa:87:de:d5:4e:9d:ed:
2c:fa:b1:15
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZYY74M3+4xhbK0sbXWLYuiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNDA5MDUwNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThiZGRlY2M2MTEwZjgwMDNmMTllYzViZTA3Njg4N2JiM2RhZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobwO3yk3v4M94oCCsfob3QvlS5oH
o2HHVwC2Gi92qjQI/YeMt0BWq1GPfVwKpGFgXSuRZ1f4Ye4zG28ssbhrpIW2JhF6
gOfFj4OFTjFUS18oKSncpBPT2N54wgyzM62zTvgaiAx4Pzxq7FEp1m1sbbslok9G
L73SWCZUMiTwwGNztYxyg06H2RxbstMJg/7fWOwVnZ33TCaDEpfrkALwR4fQZgPD
C0ehsBjpJme6+pkFDi9m/qsJIpARpN21ocCfJmmQVAHgWoFvB6+9Mvs+DkJXHYBv
nvsWfYQwsn84zlsiatC0YdgRpsfnKe4FMMj3s/1TEGVwpEOkBOTvaVLMzwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLGL3ezGEQ+AA/Gexb4HaIe7Pa46MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc1l2ZDdNWVJENEFEOFo3RnZnZG9oN3M5cmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWGO9SbTANBgkqhkiG9w0BAQsFAAOCAQEAdySY4lapOAEb6NlsnUasRmVK
Z/6MZH21MrNPKyfYgp30sznqUqaU/K8H1pDzM9ElJgoPyzRhMNTzsH9QuHlrdFRd
o+aAeBQ60YamyRp2FP56p1eBBpyEzTSbh3SKXYCH0Jlp6OHMnVcPerR0vQ8qPjpc
TV0tkrxyP+SojwMwkGTvvFUztWxh0Msag9cs4Uy/7PgTsvmV8f+c6dSjzs6wBkWd
3VV5QZv8DKyFhv1hQFNAua6NBRrmsiQsCnvADjFSktKDnNS1yfCoJoSDJNRulW24
2Wbj0dDi+NvhcnUtDRT+6DI9jNJBJxh6mjBY8/lReZW8iT/6h97VTp3tLPqxFQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:54:57 2025 by rpki-client