Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1vm3V3LUDtc0zGxAIJrAdItY0Y8.roa
File: 1vm3V3LUDtc0zGxAIJrAdItY0Y8.roa (raw, json)
Hash identifier: szrjSQwPrkRFSIs5teYO0crpMMY/zYktWApJEY1DSEo=
Subject key identifier: D6:F9:B7:57:72:D4:0E:D7:34:CC:6C:40:20:9A:C0:74:8B:58:D1:8F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195C9F8F04651B85365B67B78A3D53EB9A6
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1vm3V3LUDtc0zGxAIJrAdItY0Y8.roa
Signing time: Mon 24 Mar 2025 21:04:49 +0000
ROA not before: Mon 24 Mar 2025 21:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:c9f8:34d0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:f8:f0:46:51:b8:53:65:b6:7b:78:a3:d5:3e:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 24 21:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6f9b75772d40ed734cc6c40209ac0748b58d18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a9:cf:a8:90:67:88:80:60:f9:0a:f0:99:53:
47:4d:57:e4:ec:89:ae:26:31:cb:11:c1:91:e8:81:
22:5f:a1:41:b6:fa:0b:06:81:98:a3:a6:59:7d:68:
90:50:da:19:7c:9f:be:c4:06:6c:c0:ca:9c:eb:0a:
ee:ed:ee:ea:b6:39:71:03:1c:84:cf:ad:da:e8:7d:
7d:4b:6e:f3:cd:3d:21:42:d6:2a:6b:06:e9:7e:8f:
5e:be:9e:5f:97:3c:d9:21:d8:b8:55:50:67:f1:23:
7f:ba:9f:17:98:ad:3d:54:f2:5f:61:b3:c9:79:76:
fe:1c:2d:a8:97:86:ce:a5:d4:17:d2:f8:23:a2:fa:
7d:83:5c:76:03:19:9f:18:d1:fd:cc:26:20:69:c8:
66:17:5d:aa:1f:b3:34:f4:13:85:3b:29:5f:75:34:
8b:18:b1:71:95:e6:2e:c0:b3:49:0c:31:06:bf:b1:
3f:d1:1b:bc:32:1c:5e:b3:33:fc:77:86:59:41:df:
e6:c1:9f:fe:2f:e1:aa:de:58:3a:af:4b:7d:db:55:
09:24:6a:a0:9a:f9:32:2c:15:85:7c:61:c6:bb:e2:
ee:3a:3c:be:b2:0b:cf:a5:6c:93:cd:c3:ae:ff:4d:
7d:1f:95:af:71:61:11:42:72:09:13:99:a5:be:33:
c5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F9:B7:57:72:D4:0E:D7:34:CC:6C:40:20:9A:C0:74:8B:58:D1:8F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1vm3V3LUDtc0zGxAIJrAdItY0Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:c9f8:34d0/128
Signature Algorithm: sha256WithRSAEncryption
6e:65:ba:82:c7:de:80:4a:6a:57:0c:4f:71:80:a6:2c:5a:0b:
5c:12:3c:aa:30:c0:34:1a:ac:e2:76:7d:fc:f2:85:e3:be:52:
c6:5d:b8:c8:4c:ff:bb:48:01:1a:2a:88:fb:62:76:12:de:5a:
df:a5:8f:86:2d:c1:f2:d3:47:3e:c9:f4:38:4f:a7:45:57:c1:
03:95:5e:a8:6c:d2:08:8b:aa:93:0f:bc:74:24:51:24:24:4a:
82:e4:db:48:d6:fb:5d:c9:b1:dc:0c:95:79:7f:c3:7a:15:b8:
11:f5:4f:32:44:b4:30:2b:db:12:5a:ac:8a:0d:fa:a6:26:06:
52:8d:af:14:cb:51:0a:99:c8:bc:a4:b5:af:ba:57:b7:6e:a4:
9f:d4:71:81:10:61:1a:c2:82:26:da:79:3f:c9:de:10:34:4f:
a9:9b:2c:9f:50:06:b2:ec:1c:b2:c1:19:10:e9:c9:1a:92:74:
85:fa:6c:d5:dc:ad:38:23:3f:2a:cb:19:30:fb:e0:39:4d:92:
4a:9e:95:ee:5a:d8:99:66:b7:e5:76:46:ee:98:a6:e3:9e:e9:
63:79:05:6d:99:3a:bb:0a:60:57:9f:af:59:f5:49:fe:d2:5c:
a1:e6:ba:b7:62:94:c0:4a:a1:c1:61:c3:0b:08:35:87:56:9d:
06:3b:d7:b4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXJ+PBGUbhTZbZ7eKPVPrmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI0MjEwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY5Yjc1NzcyZDQwZWQ3MzRjYzZjNDAyMDlhYzA3NDhiNThkMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6nPqJBniIBg+QrwmVNHTVfk7Imu
JjHLEcGR6IEiX6FBtvoLBoGYo6ZZfWiQUNoZfJ++xAZswMqc6wru7e7qtjlxAxyE
z63a6H19S27zzT0hQtYqawbpfo9evp5flzzZIdi4VVBn8SN/up8XmK09VPJfYbPJ
eXb+HC2ol4bOpdQX0vgjovp9g1x2AxmfGNH9zCYgachmF12qH7M09BOFOylfdTSL
GLFxleYuwLNJDDEGv7E/0Ru8MhxeszP8d4ZZQd/mwZ/+L+Gq3lg6r0t921UJJGqg
mvkyLBWFfGHGu+LuOjy+sgvPpWyTzcOu/019H5WvcWERQnIJE5mlvjPFhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNb5t1dy1A7XNMxsQCCawHSLWNGPMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvMXZtM1YzTFVEdGMwekd4QUlKckFkSXRZMFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVyfg00DANBgkqhkiG9w0BAQsFAAOCAQEAbmW6gsfegEpqVwxPcYCmLFoL
XBI8qjDANBqs4nZ9/PKF475Sxl24yEz/u0gBGiqI+2J2Et5a36WPhi3B8tNHPsn0
OE+nRVfBA5VeqGzSCIuqkw+8dCRRJCRKguTbSNb7Xcmx3AyVeX/DehW4EfVPMkS0
MCvbElqsig36piYGUo2vFMtRCpnIvKS1r7pXt26kn9RxgRBhGsKCJtp5P8neEDRP
qZssn1AGsuwcssEZEOnJGpJ0hfps1dytOCM/KssZMPvgOU2SSp6V7lrYmWa35XZG
7pim457pY3kFbZk6uwpgV5+vWfVJ/tJcoea6t2KUwEqhwWHDCwg1h1adBjvXtA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:45 2025 by rpki-client