Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sjrQU4F-zlUgLETnCxdtPqykAbs.roa
File: sjrQU4F-zlUgLETnCxdtPqykAbs.roa (raw, json)
Hash identifier: DSOfJBiqapZ4box58W0iu+CpSSALwmBC7toyThFT0/w=
Subject key identifier: B2:3A:D0:53:81:7E:CE:55:20:2C:44:E7:0B:17:6D:3E:AC:A4:01:BB
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 01972FB537F0E58B32CAA5DD3A53D469834C
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sjrQU4F-zlUgLETnCxdtPqykAbs.roa
Signing time: Mon 02 Jun 2025 08:14:54 +0000
ROA not before: Mon 02 Jun 2025 08:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:197:108e:927e/128 maxlen: 128
2001:67c:64:ffff:0:197:15eb:6226/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:b5:37:f0:e5:8b:32:ca:a5:dd:3a:53:d4:69:83:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: Jun 2 08:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b23ad053817ece55202c44e70b176d3eaca401bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:58:05:76:a6:ec:d2:7d:57:e4:ce:c6:ba:ca:
0a:a4:8b:ee:de:76:11:2d:fb:49:9c:0d:4a:f8:07:
2a:9d:ee:76:2d:d5:03:90:b4:38:53:d1:14:1c:12:
45:33:e3:72:d9:a5:00:68:44:5c:7e:ec:06:52:22:
75:56:b0:c4:10:6a:55:3b:30:df:3b:48:90:91:11:
ef:89:fa:8f:ce:ff:8e:54:69:0a:a5:74:bf:06:58:
10:96:07:9c:6d:fe:dc:84:2c:dc:28:92:4c:76:6a:
a6:72:df:c9:ef:ce:4e:a4:d9:6a:93:ca:7d:82:7d:
4b:03:ff:4c:99:0f:f9:9f:fc:7b:f2:35:61:db:df:
f0:3b:56:53:d8:c3:8c:7f:e1:d0:f2:86:88:09:3b:
0b:cc:bc:7a:59:d3:7a:ee:ef:f4:ff:2d:7e:f8:46:
cd:b4:bf:67:29:2a:36:1b:ac:11:0c:cb:4c:e0:9b:
5a:19:92:f7:07:db:d7:20:b8:07:a0:04:83:3f:36:
eb:3d:6d:10:a0:84:73:ae:9d:de:2c:58:08:da:7d:
c5:80:8e:6b:59:89:17:f6:42:46:69:dc:b8:12:23:
27:14:51:e5:16:73:39:a2:b9:f8:9b:43:7d:91:3c:
1e:06:8d:11:c3:1d:db:29:d5:01:8c:de:d9:68:f4:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3A:D0:53:81:7E:CE:55:20:2C:44:E7:0B:17:6D:3E:AC:A4:01:BB
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sjrQU4F-zlUgLETnCxdtPqykAbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:197:108e:927e/128
2001:67c:64:ffff:0:197:15eb:6226/128
Signature Algorithm: sha256WithRSAEncryption
11:01:9f:a4:e9:ca:dd:63:93:61:28:02:ea:64:51:1a:bc:c5:
96:01:5c:82:f2:d1:21:72:a1:a0:d7:b1:92:da:18:6b:a0:39:
fd:29:ce:b6:ce:4a:7d:07:51:db:bd:e1:38:78:35:f4:dc:23:
c5:d4:2d:af:4e:4a:12:64:f4:54:27:c9:d7:92:3b:a4:b5:a6:
5b:0d:9a:a8:cf:46:72:27:89:fc:a3:45:40:bf:db:14:19:84:
2d:53:9a:49:12:61:c3:f9:af:e1:dc:3e:5a:06:a1:70:62:50:
1a:d2:3d:23:60:1b:f6:25:43:4e:1c:50:f8:05:6b:7a:cd:ec:
a2:22:d8:fb:d4:dc:09:48:9b:11:6d:d5:06:72:8e:60:8f:28:
02:3f:b8:99:33:3a:4d:ec:1b:39:43:e6:5b:eb:31:6b:e7:39:
e3:7f:d9:55:61:a7:ed:b1:c8:29:d7:3b:7d:cf:89:3d:5e:a3:
f6:a6:47:3c:d7:4e:f2:5a:7b:37:35:d8:43:2c:fd:31:12:e7:
31:2f:21:37:87:45:e7:3f:57:63:5b:97:db:75:d6:47:82:cc:
35:ad:88:38:f5:b9:f4:2c:02:c6:4c:ba:00:5c:42:5c:74:7d:
a9:25:a6:95:58:72:04:0e:07:65:fa:db:1d:24:96:3b:c5:cf:
17:b2:52:97
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZcvtTfw5YsyyqXdOlPUaYNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNjAyMDgxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjNhZDA1MzgxN2VjZTU1MjAyYzQ0ZTcwYjE3NmQzZWFjYTQwMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FgFdqbs0n1X5M7GusoKpIvu3nYR
LftJnA1K+Acqne52LdUDkLQ4U9EUHBJFM+Ny2aUAaERcfuwGUiJ1VrDEEGpVOzDf
O0iQkRHvifqPzv+OVGkKpXS/BlgQlgecbf7chCzcKJJMdmqmct/J785OpNlqk8p9
gn1LA/9MmQ/5n/x78jVh29/wO1ZT2MOMf+HQ8oaICTsLzLx6WdN67u/0/y1++EbN
tL9nKSo2G6wRDMtM4JtaGZL3B9vXILgHoASDPzbrPW0QoIRzrp3eLFgI2n3FgI5r
WYkX9kJGady4EiMnFFHlFnM5orn4m0N9kTweBo0Rwx3bKdUBjN7ZaPRYpwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLI60FOBfs5VICxE5wsXbT6spAG7MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc2pyUVU0Ri16bFVnTEVUbkN4ZHRQcXlrQWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5AxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlxCOkn4DEQAgAQZ8AGT//wAAAZcV62Im
MA0GCSqGSIb3DQEBCwUAA4IBAQARAZ+k6crdY5NhKALqZFEavMWWAVyC8tEhcqGg
17GS2hhroDn9Kc62zkp9B1HbveE4eDX03CPF1C2vTkoSZPRUJ8nXkjuktaZbDZqo
z0ZyJ4n8o0VAv9sUGYQtU5pJEmHD+a/h3D5aBqFwYlAa0j0jYBv2JUNOHFD4BWt6
zeyiItj71NwJSJsRbdUGco5gjygCP7iZMzpN7Bs5Q+Zb6zFr5znjf9lVYaftscgp
1zt9z4k9XqP2pkc8107yWns3NdhDLP0xEucxLyE3h0XnP1djW5fbddZHgsw1rYg4
9bn0LALGTLoAXEJcdH2pJaaVWHIEDgdl+tsdJJY7xc8XslKX
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:16:30 2025 by rpki-client