Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-4IqqdG84zYjDbYxh1iKTtW9Smo.roa
File: 1-4IqqdG84zYjDbYxh1iKTtW9Smo.roa (raw, json)
Hash identifier: yzep1IYTlzVdv12x75YchPaG1AAtBtQK+RThV8Hbfhk=
Subject key identifier: FB:82:2A:A9:D1:BC:E3:36:23:0D:B6:31:87:58:8A:4E:D5:BD:4A:6A
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 019600B7D550DDDDDD2C0824283F5D8C3D6F
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-4IqqdG84zYjDbYxh1iKTtW9Smo.roa
Signing time: Fri 04 Apr 2025 12:12:49 +0000
ROA not before: Fri 04 Apr 2025 12:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:b7:d5:50:dd:dd:dd:2c:08:24:28:3f:5d:8c:3d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 4 12:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb822aa9d1bce336230db63187588a4ed5bd4a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:9d:62:64:d5:3d:52:a3:ef:5d:09:c0:0e:a6:
89:3d:05:f5:fc:46:b1:0a:b0:79:1e:c3:13:37:d1:
d2:f5:37:31:c2:62:62:21:ae:07:2c:40:dd:f3:e9:
c0:1e:44:79:a9:d5:42:54:6a:0a:cd:e5:bd:a3:2f:
22:d0:e3:6d:a4:28:89:fa:bf:77:30:1d:cc:d6:1d:
f9:91:63:bf:02:59:e6:8c:44:42:3b:22:98:8c:66:
ff:15:0a:51:e5:3d:9c:28:78:54:bc:a6:40:12:cb:
2f:2f:0f:9f:25:a0:5c:56:54:8d:f8:c0:c5:01:82:
d8:72:34:cb:57:28:6e:e6:24:db:ce:eb:b1:99:4a:
10:c3:92:a6:89:6e:a9:e1:2c:aa:27:1e:dd:19:05:
7a:ba:cd:ec:1f:3c:82:2e:3a:21:df:33:f4:7a:76:
38:0e:3f:34:d4:09:02:eb:5c:0a:f0:f3:b2:dd:5e:
e4:1d:c1:94:98:49:64:65:a9:23:a1:b1:b1:ae:55:
6a:0d:6a:02:84:73:2a:c5:f9:88:3a:fe:3c:2f:c0:
06:ee:75:73:62:f5:28:91:f5:13:42:df:65:2b:66:
00:c3:3b:3d:ea:ff:67:a0:7c:55:a4:9c:b5:9b:e6:
72:86:14:cb:09:90:ad:c7:0b:f6:95:52:16:57:6d:
70:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:82:2A:A9:D1:BC:E3:36:23:0D:B6:31:87:58:8A:4E:D5:BD:4A:6A
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-4IqqdG84zYjDbYxh1iKTtW9Smo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
63:12:75:7b:21:6a:d6:f2:60:81:ae:70:fe:37:8c:81:17:5b:
d7:b7:2b:fc:60:9e:69:8e:97:b1:52:3b:ae:14:b9:be:f9:e0:
cb:dc:18:4c:a7:cd:bf:59:a9:20:40:f9:64:49:12:48:3c:c3:
5e:7c:5b:c2:00:02:9d:8f:4a:6b:7e:b6:b7:ed:61:c4:9d:78:
ca:fb:70:b7:7d:42:ef:a1:2b:ce:ff:d2:9f:f1:06:08:5b:79:
b8:ea:e2:d7:0a:65:d1:5e:63:5b:6e:90:6f:b1:84:69:91:f0:
f0:2a:89:99:db:6c:6f:b1:0f:19:ea:dd:9f:15:24:39:5d:ef:
a1:a7:ea:b1:f4:e3:39:09:19:2e:13:6e:f6:ad:8e:8e:d0:a9:
27:23:35:46:4a:15:e5:d1:e8:67:37:57:55:0a:28:5a:0c:52:
cd:d3:4c:c5:99:7c:90:47:7a:30:f1:d2:24:8b:86:6d:e3:d3:
53:b2:f6:20:13:e8:4a:92:db:1b:c4:5c:34:79:96:0f:bd:dc:
61:b7:03:4a:84:5f:c2:01:95:c5:8e:0a:3e:f8:24:e0:e3:3b:
03:6d:55:47:0f:20:ba:3d:76:6f:b6:00:3d:0e:a6:63:b0:0d:
40:cd:4d:9e:f1:86:fc:b0:a8:05:af:f7:4f:68:af:68:80:81:
b9:04:52:8a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZYAt9VQ3d3dLAgkKD9djD1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDA0MTIxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjgyMmFhOWQxYmNlMzM2MjMwZGI2MzE4NzU4OGE0ZWQ1YmQ0YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9p1iZNU9UqPvXQnADqaJPQX1/Eax
CrB5HsMTN9HS9TcxwmJiIa4HLEDd8+nAHkR5qdVCVGoKzeW9oy8i0ONtpCiJ+r93
MB3M1h35kWO/AlnmjERCOyKYjGb/FQpR5T2cKHhUvKZAEssvLw+fJaBcVlSN+MDF
AYLYcjTLVyhu5iTbzuuxmUoQw5KmiW6p4SyqJx7dGQV6us3sHzyCLjoh3zP0enY4
Dj801AkC61wK8POy3V7kHcGUmElkZakjobGxrlVqDWoChHMqxfmIOv48L8AG7nVz
YvUokfUTQt9lK2YAwzs96v9noHxVpJy1m+ZyhhTLCZCtxwv2lVIWV21w2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPuCKqnRvOM2Iw22MYdYik7VvUpqMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvMS00SXFxZEc4NHpZakRiWXhoMWlLVHRXOVNtby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvYmNkODI5LTNmM2QtNGU1YS1hZGFmLTAzYWE1NTExYTc1
Zi8xL1lKRVdDWVRMeVpIcnljb0toWEFIMGZMQkdpMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABldxs2d8wDQYJKoZIhvcNAQELBQADggEBAGMSdXshatbyYIGucP43jIEX
W9e3K/xgnmmOl7FSO64Uub754MvcGEynzb9ZqSBA+WRJEkg8w158W8IAAp2PSmt+
trftYcSdeMr7cLd9Qu+hK87/0p/xBghbebjq4tcKZdFeY1tukG+xhGmR8PAqiZnb
bG+xDxnq3Z8VJDld76Gn6rH04zkJGS4Tbvatjo7QqScjNUZKFeXR6Gc3V1UKKFoM
Us3TTMWZfJBHejDx0iSLhm3j01Oy9iAT6EqS2xvEXDR5lg+93GG3A0qEX8IBlcWO
Cj74JODjOwNtVUcPILo9dm+2AD0OpmOwDUDNTZ7xhvywqAWv909or2iAgbkEUoo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:42 2025 by rpki-client