Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0O3Xh7tB3G_GUzSZxa_5N9ktOzY.roa
File: 0O3Xh7tB3G_GUzSZxa_5N9ktOzY.roa (raw, json)
Hash identifier: btGWyA5+lupzTAqLEXozIOSVyZhKBxjxBM8jtEgjqUs=
Subject key identifier: D0:ED:D7:87:BB:41:DC:6F:C6:53:34:99:C5:AF:F9:37:D9:2D:3B:36
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F43E7944C3903D585740DDAAB9663CC1
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0O3Xh7tB3G_GUzSZxa_5N9ktOzY.roa
Signing time: Wed 02 Apr 2025 02:04:49 +0000
ROA not before: Wed 02 Apr 2025 02:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
2001:67c:64:ffff:0:195:f43d:db27/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:3e:79:44:c3:90:3d:58:57:40:dd:aa:b9:66:3c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 2 02:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0edd787bb41dc6fc6533499c5aff937d92d3b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:21:8b:f1:35:93:6f:22:23:15:5f:74:f3:05:
14:9e:c6:8b:00:48:aa:1d:82:35:92:cc:32:46:cd:
2f:36:43:b5:82:88:c3:f5:d4:28:66:74:cb:9c:f7:
60:b8:d9:2e:50:d0:ad:d6:53:7f:19:f5:92:ff:5a:
10:7b:77:01:8a:c1:e3:da:52:ae:7c:6c:2b:3a:93:
bc:4c:a1:c3:c2:de:f6:13:8b:be:33:06:43:8a:74:
65:5a:0e:5f:dc:18:36:3c:b8:fc:ff:ac:1a:ca:98:
13:78:6e:f9:e0:82:bd:c3:83:4f:47:ca:a9:d1:e6:
62:63:97:7e:11:29:b5:be:c1:98:e4:14:87:3e:37:
6f:85:e0:05:34:8c:b4:76:28:d1:63:bf:92:4f:83:
08:12:7b:fb:07:e1:f4:20:79:9b:86:6a:2e:10:25:
77:13:31:48:34:c5:da:09:04:88:d9:22:17:31:d3:
ce:77:23:69:0f:4a:51:a6:93:24:f9:d6:1e:d2:b9:
de:81:27:ee:3a:78:77:e4:e3:80:ed:cd:28:2c:d8:
bd:51:8a:26:a3:34:a3:9f:6b:4b:06:ce:38:8f:2a:
22:ba:93:4f:10:83:8b:69:75:3c:00:22:b8:8e:8b:
26:82:c4:02:64:d5:d9:9b:b1:a6:f2:34:40:c6:99:
74:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:ED:D7:87:BB:41:DC:6F:C6:53:34:99:C5:AF:F9:37:D9:2D:3B:36
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0O3Xh7tB3G_GUzSZxa_5N9ktOzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
2001:67c:64:ffff:0:195:f43d:db27/128
Signature Algorithm: sha256WithRSAEncryption
3f:a9:17:11:6a:61:02:6f:14:5d:7b:a8:c9:a5:ea:49:ba:a3:
a9:06:d4:44:01:97:59:43:d1:84:10:04:6e:6b:c7:2f:34:6a:
aa:0d:10:93:cd:d9:2c:55:74:a8:09:d7:3f:b0:93:9c:47:38:
ea:fa:16:87:8e:85:af:d3:b9:b1:74:3d:ff:13:3f:52:4e:9a:
36:ed:8c:b0:ac:07:be:d2:c0:fb:1b:5f:09:11:57:11:64:3f:
2c:a2:8e:80:ff:e2:22:03:94:c5:ab:a4:8b:b8:aa:e1:18:08:
89:e5:93:b9:26:f0:d8:78:b1:ac:98:49:39:52:7e:95:8c:f3:
2f:60:b1:f9:86:b3:19:e5:56:8d:3a:3e:58:64:a5:be:a1:e1:
86:91:8f:62:42:77:2b:de:bb:ed:67:e1:ba:b0:08:df:9e:07:
7a:34:0b:1b:d0:29:b2:24:ff:72:b9:21:83:1c:0b:a1:6d:0b:
35:ba:52:6f:73:25:dc:3f:a6:ad:ba:2d:23:2e:dd:ed:cd:22:
33:d2:bb:bc:e7:52:75:30:b8:b2:9f:1f:50:c0:d2:8e:5a:c7:
9d:60:19:37:0f:68:ed:9f:74:09:0b:8d:b9:e6:5b:e2:bf:d8:
5e:e9:c9:21:da:5f:81:df:02:6a:0a:84:4f:8e:d7:90:67:bc:
0c:ee:e7:e4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZX0PnlEw5A9WFdA3aq5ZjzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAyMDIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGVkZDc4N2JiNDFkYzZmYzY1MzM0OTljNWFmZjkzN2Q5MmQzYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SGL8TWTbyIjFV908wUUnsaLAEiq
HYI1kswyRs0vNkO1gojD9dQoZnTLnPdguNkuUNCt1lN/GfWS/1oQe3cBisHj2lKu
fGwrOpO8TKHDwt72E4u+MwZDinRlWg5f3Bg2PLj8/6waypgTeG754IK9w4NPR8qp
0eZiY5d+ESm1vsGY5BSHPjdvheAFNIy0dijRY7+ST4MIEnv7B+H0IHmbhmouECV3
EzFINMXaCQSI2SIXMdPOdyNpD0pRppMk+dYe0rnegSfuOnh35OOA7c0oLNi9UYom
ozSjn2tLBs44jyoiupNPEIOLaXU8ACK4josmgsQCZNXZm7Gm8jRAxpl0owIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNDt14e7QdxvxlM0mcWv+TfZLTs2MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvME8zWGg3dEIzR19HVXpTWnhhXzVOOWt0T3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGV3GzZ3wMRACABBnwAZP//AAABlfQ92ycwDQYJKoZIhvcNAQELBQADggEB
AD+pFxFqYQJvFF17qMml6km6o6kG1EQBl1lD0YQQBG5rxy80aqoNEJPN2SxVdKgJ
1z+wk5xHOOr6FoeOha/TubF0Pf8TP1JOmjbtjLCsB77SwPsbXwkRVxFkPyyijoD/
4iIDlMWrpIu4quEYCInlk7km8Nh4sayYSTlSfpWM8y9gsfmGsxnlVo06Plhkpb6h
4YaRj2JCdyveu+1n4bqwCN+eB3o0CxvQKbIk/3K5IYMcC6FtCzW6Um9zJdw/pq26
LSMu3e3NIjPSu7znUnUwuLKfH1DA0o5ax51gGTcPaO2fdAkLjbnmW+K/2F7pySHa
X4HfAmoKhE+O15BnvAzu5+Q=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:45:09 2025 by rpki-client