Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa
File: sOFkGmIMij69nGtA5oLz5sxsk7Q.roa (raw, json)
Hash identifier: dVbJDZGtbmfJw+fyet5QG3I6tIIk48kkBexQRTaxYoc=
Subject key identifier: B0:E1:64:1A:62:0C:8A:3E:BD:9C:6B:40:E6:82:F3:E6:CC:6C:93:B4
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FC6AB93497D3973981740EA27ACF4DF7
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa
Signing time: Fri 23 May 2025 09:12:54 +0000
ROA not before: Fri 23 May 2025 09:12:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:6a:b9:34:97:d3:97:39:81:74:0e:a2:7a:cf:4d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 23 09:12:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0e1641a620c8a3ebd9c6b40e682f3e6cc6c93b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:97:92:6a:2f:b2:ac:ea:8b:0c:85:6d:fd:9e:
67:ed:c5:7b:62:41:d4:bd:c4:e8:31:17:6a:53:ca:
5f:ff:58:a5:6d:88:9b:43:25:c6:9e:fe:5c:eb:0d:
05:6d:77:65:43:6c:29:4b:2e:65:e9:9e:38:73:ec:
a4:b0:96:c4:5e:e5:51:d9:30:2c:97:f0:11:1a:51:
d7:41:69:6a:e7:8e:09:3b:5e:36:c4:d1:f4:dc:72:
4d:0e:b4:dc:88:07:a2:9a:29:94:fa:33:ba:45:c3:
2c:2f:55:a0:84:16:6c:08:60:74:ad:ee:14:ee:11:
a9:3c:11:a6:99:f2:86:10:79:65:f0:07:d7:7b:39:
4a:c0:c7:79:b6:bf:5c:06:fd:e3:d7:91:ac:7a:25:
f8:e1:83:c2:da:27:f1:51:bb:7b:10:46:fa:13:e2:
ce:f2:a6:c3:06:b0:c1:8d:5f:e0:c9:1d:13:a4:85:
bb:1d:11:4c:17:2c:6f:1a:8f:8a:1e:09:a1:04:41:
88:82:01:d6:fe:43:de:30:7a:cb:44:b4:6f:e7:18:
25:73:30:68:6b:21:c4:7f:0c:33:d5:89:01:04:fa:
d3:33:2f:5e:4b:4e:f1:84:00:49:0d:ec:71:16:65:
52:90:03:bc:96:6c:db:f2:d4:fc:86:0a:22:7b:b3:
62:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E1:64:1A:62:0C:8A:3E:BD:9C:6B:40:E6:82:F3:E6:CC:6C:93:B4
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/sOFkGmIMij69nGtA5oLz5sxsk7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
96:81:22:87:af:af:3e:19:47:4a:15:4c:27:73:51:41:92:f4:
62:ce:d3:98:65:f3:9a:92:6c:6a:11:28:35:9d:54:37:23:0d:
2b:7b:02:65:67:1b:3a:0f:e3:7c:76:5b:fc:08:26:b7:35:ef:
b1:f1:db:1e:03:2f:f6:8a:36:a7:43:d8:2c:44:99:dc:f3:16:
8c:c3:d3:6c:90:fc:f9:b5:f3:5d:fd:01:b8:08:aa:fa:db:90:
0b:82:c1:1f:c5:49:12:27:b0:a8:15:8e:d4:5b:b0:84:91:1b:
dd:e2:96:63:c4:bf:f0:ab:ad:b7:03:9b:73:61:64:ad:dd:11:
38:31:8b:7b:35:b0:4d:f1:d9:ad:4d:1a:8a:6f:17:09:a1:80:
c2:f4:7d:61:d2:0e:61:b5:d0:e1:dd:90:4f:e4:f8:04:5a:2b:
94:d7:0d:e8:e4:1a:bb:67:78:83:ea:1a:d4:0c:45:60:3c:4c:
2b:93:7c:05:28:73:73:a9:fc:dd:b7:01:f6:cb:c6:ef:30:5c:
f7:7a:67:ff:59:53:be:43:a7:57:01:5d:50:e2:88:98:ba:6a:
5c:8a:84:6a:35:ad:ea:11:ee:8d:ce:7d:0a:fb:c3:c6:72:3e:
14:66:0b:58:84:32:c1:a7:6a:2c:10:15:12:d6:72:bf:00:55:
91:f4:1b:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb8ark0l9OXOYF0DqJ6z033MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIzMDkxMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUxNjQxYTYyMGM4YTNlYmQ5YzZiNDBlNjgyZjNlNmNjNmM5M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJeSai+yrOqLDIVt/Z5n7cV7YkHU
vcToMRdqU8pf/1ilbYibQyXGnv5c6w0FbXdlQ2wpSy5l6Z44c+yksJbEXuVR2TAs
l/ARGlHXQWlq544JO142xNH03HJNDrTciAeimimU+jO6RcMsL1WghBZsCGB0re4U
7hGpPBGmmfKGEHll8AfXezlKwMd5tr9cBv3j15GseiX44YPC2ifxUbt7EEb6E+LO
8qbDBrDBjV/gyR0TpIW7HRFMFyxvGo+KHgmhBEGIggHW/kPeMHrLRLRv5xglczBo
ayHEfwwz1YkBBPrTMy9eS07xhABJDexxFmVSkAO8lmzb8tT8hgoie7NimwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLDhZBpiDIo+vZxrQOaC8+bMbJO0MB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvc09Ga0dtSU1pajY5bkd0QTVvTHo1c3hzazdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAloEih6+vPhlHShVMJ3NRQZL0
Ys7TmGXzmpJsahEoNZ1UNyMNK3sCZWcbOg/jfHZb/AgmtzXvsfHbHgMv9oo2p0PY
LESZ3PMWjMPTbJD8+bXzXf0BuAiq+tuQC4LBH8VJEiewqBWO1FuwhJEb3eKWY8S/
8KuttwObc2Fkrd0RODGLezWwTfHZrU0aim8XCaGAwvR9YdIOYbXQ4d2QT+T4BFor
lNcN6OQau2d4g+oa1AxFYDxMK5N8BShzc6n83bcB9svG7zBc93pn/1lTvkOnVwFd
UOKImLpqXIqEajWt6hHujc59CvvDxnI+FGYLWIQywadqLBAVEtZyvwBVkfQbEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:29:06 2025 by rpki-client