Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0AEkws6-pAQmNDdnMHRrCSxOq9o.roa
File: 0AEkws6-pAQmNDdnMHRrCSxOq9o.roa (raw, json)
Hash identifier: LaMgFWVDveXncfSD//i0pvxF8xbUE/kgx6GBHKl0j50=
Subject key identifier: D0:01:24:C2:CE:BE:A4:04:26:34:37:67:30:74:6B:09:2C:4E:AB:DA
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E0503DCE11CEFD7E9B5281125F567D5F
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0AEkws6-pAQmNDdnMHRrCSxOq9o.roa
Signing time: Sat 29 Mar 2025 05:11:49 +0000
ROA not before: Sat 29 Mar 2025 05:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:50:3d:ce:11:ce:fd:7e:9b:52:81:12:5f:56:7d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 05:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d00124c2cebea4042634376730746b092c4eabda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:6f:78:6e:cd:b2:8a:1b:97:5f:a4:99:57:
e5:ce:0a:8f:03:9d:66:c2:be:fe:77:60:95:34:58:
71:69:f7:b5:c2:6b:35:8a:f2:49:be:ec:c3:1e:3b:
a9:7d:e0:ee:e3:64:aa:b6:a7:76:05:f2:f1:21:19:
74:dc:5d:f6:76:55:b8:8c:e3:57:15:ab:e3:83:53:
d5:db:a8:0b:1e:80:61:31:5f:92:a2:56:60:80:7c:
52:2a:00:b5:04:68:ca:2c:de:d5:65:43:1a:aa:9d:
b8:07:4e:3f:3f:08:9a:ee:73:07:31:4e:0d:c1:84:
9d:56:54:64:7b:c5:79:f6:ee:90:1f:c3:fb:61:6a:
1d:c4:f8:e8:6a:ce:a8:a0:e7:60:5f:e9:e8:30:e5:
c3:bd:f0:ba:af:6a:cb:0e:6f:31:ad:37:dd:42:c5:
cd:ca:f4:93:81:ee:f9:8c:2f:e0:94:c6:46:ec:c8:
f4:e7:cd:b8:8a:74:8e:8c:17:48:41:66:98:fe:bc:
a0:20:3f:c8:20:6a:89:b9:9f:ce:62:57:60:41:e6:
47:8f:20:29:1e:92:b5:ea:12:2e:1f:19:2c:0a:72:
46:28:2b:bd:22:45:b3:37:2e:d0:f3:1e:9b:4c:27:
62:6c:47:9e:d4:e1:45:39:ab:32:4b:d4:c5:e4:64:
46:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:01:24:C2:CE:BE:A4:04:26:34:37:67:30:74:6B:09:2C:4E:AB:DA
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0AEkws6-pAQmNDdnMHRrCSxOq9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
12:77:18:53:46:fd:6c:53:7a:3f:6d:78:c6:84:d3:92:9a:b7:
ee:ab:3b:da:68:bd:d9:8a:b9:65:d9:05:f4:f1:99:78:0e:53:
08:b1:e8:66:8c:41:60:3b:ef:a5:49:4a:04:16:c8:a0:c4:24:
e6:32:f7:55:25:cb:b3:b9:be:20:15:99:06:78:84:68:0f:df:
15:2b:ca:7a:29:a8:e2:d7:7b:d9:a4:81:6c:8f:34:a8:b1:c0:
88:33:c3:cc:34:ac:ac:95:c3:f0:fe:28:69:d9:8c:4f:37:c4:
64:e9:3f:d0:11:c6:72:18:f9:21:2d:59:84:a4:bb:0b:fc:d6:
02:5a:1d:0c:63:a7:9e:99:90:a1:df:05:05:89:43:ff:29:8b:
00:59:62:70:37:2c:4e:21:e7:31:0c:9f:d2:eb:1d:98:2d:a3:
83:9d:8a:a5:ef:f9:aa:43:3b:99:97:8f:05:69:c7:79:fc:a5:
f2:20:6b:9d:0f:c1:68:af:84:7c:8a:66:16:c3:e2:9e:18:c2:
e3:9e:0f:b8:bd:b3:2f:c0:f6:87:f4:fa:2a:24:1e:1c:71:fd:
8f:41:bb:7a:27:a2:40:c7:af:0e:d1:05:71:3e:8c:6d:e7:bd:
df:52:97:49:be:db:a1:13:a4:8d:40:37:29:41:45:0b:5f:b0:
ca:6b:b5:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXgUD3OEc79fptSgRJfVn1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MDUxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAxMjRjMmNlYmVhNDA0MjYzNDM3NjczMDc0NmIwOTJjNGVhYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC9veG7Nsoobl1+kmVflzgqPA51m
wr7+d2CVNFhxafe1wms1ivJJvuzDHjupfeDu42Sqtqd2BfLxIRl03F32dlW4jONX
Favjg1PV26gLHoBhMV+SolZggHxSKgC1BGjKLN7VZUMaqp24B04/Pwia7nMHMU4N
wYSdVlRke8V59u6QH8P7YWodxPjoas6ooOdgX+noMOXDvfC6r2rLDm8xrTfdQsXN
yvSTge75jC/glMZG7Mj05824inSOjBdIQWaY/rygID/IIGqJuZ/OYldgQeZHjyAp
HpK16hIuHxksCnJGKCu9IkWzNy7Q8x6bTCdibEee1OFFOasyS9TF5GRGvQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNABJMLOvqQEJjQ3ZzB0awksTqvaMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvMEFFa3dzNi1wQVFtTkRkbk1IUnJDU3hPcTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAEncYU0b9bFN6P214xoTTkpq3
7qs72mi92Yq5ZdkF9PGZeA5TCLHoZoxBYDvvpUlKBBbIoMQk5jL3VSXLs7m+IBWZ
BniEaA/fFSvKeimo4td72aSBbI80qLHAiDPDzDSsrJXD8P4oadmMTzfEZOk/0BHG
chj5IS1ZhKS7C/zWAlodDGOnnpmQod8FBYlD/ymLAFlicDcsTiHnMQyf0usdmC2j
g52Kpe/5qkM7mZePBWnHefyl8iBrnQ/BaK+EfIpmFsPinhjC454PuL2zL8D2h/T6
KiQeHHH9j0G7eieiQMevDtEFcT6Mbee931KXSb7boROkjUA3KUFFC1+wymu1bg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:08:51 2025 by rpki-client