Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/59za8BZJBBxvH1h2mPZmkH73ibU.roa
File: 59za8BZJBBxvH1h2mPZmkH73ibU.roa (raw, json)
Hash identifier: Rd1DlQ0g4JcUh8q/oC26jKgu9+zAE/VEXgaphSXFdmo=
Subject key identifier: E7:DC:DA:F0:16:49:04:1C:6F:1F:58:76:98:F6:66:90:7E:F7:89:B5
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195BFE411AA4E511E84E87ED5109FAB73F2
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/59za8BZJBBxvH1h2mPZmkH73ibU.roa
Signing time: Sat 22 Mar 2025 22:05:49 +0000
ROA not before: Sat 22 Mar 2025 22:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:bfe3:5858/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:e4:11:aa:4e:51:1e:84:e8:7e:d5:10:9f:ab:73:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 22 22:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7dcdaf01649041c6f1f587698f666907ef789b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:ec:fe:34:19:d0:77:21:8b:4a:eb:25:df:
70:8a:3b:64:59:1c:f6:4f:75:53:a8:c7:c8:4e:8b:
eb:5b:e0:10:2a:e2:9a:c9:1e:ae:f0:7c:ad:98:c4:
fe:2b:01:12:70:94:ab:9a:0d:e1:f4:d1:81:43:70:
50:09:a1:d0:77:9e:58:e3:99:67:45:30:97:f4:4f:
95:6a:5e:49:99:b8:f3:c1:e8:7a:2f:53:a1:02:55:
a4:16:b3:fd:4e:dc:1d:60:3b:1f:40:fa:3f:c9:a6:
86:b5:ca:fa:84:99:50:33:2c:6b:6c:cb:29:5d:15:
83:b0:92:e9:26:f1:98:59:e6:ca:9a:78:31:f1:8d:
e9:78:72:90:9b:81:c2:86:81:7d:37:45:a6:25:78:
a6:10:96:72:a3:67:c4:eb:11:7d:3d:63:53:f9:ea:
5d:65:a0:5b:31:15:a4:f6:e9:aa:c6:ff:90:bb:66:
02:92:f1:93:31:7c:a5:ef:46:4a:8e:90:ef:dc:04:
23:f3:3d:6e:c5:c8:20:9d:59:8c:cd:1f:f6:d1:68:
b7:82:cd:71:73:0c:92:57:ad:52:26:6c:40:2f:bd:
12:f2:3e:0a:ce:a7:d2:6e:71:1f:0f:cd:00:5a:3d:
e9:a2:7c:a4:83:bb:70:e9:f5:21:52:54:89:ae:3f:
4d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:DA:F0:16:49:04:1C:6F:1F:58:76:98:F6:66:90:7E:F7:89:B5
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/59za8BZJBBxvH1h2mPZmkH73ibU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:bfe3:5858/128
Signature Algorithm: sha256WithRSAEncryption
31:70:c6:d3:ca:ea:71:e4:7d:96:f6:d9:73:13:dd:0b:c5:bd:
0e:f2:30:e9:d9:90:72:f6:89:19:ee:16:89:63:19:4b:54:c6:
f8:42:81:7c:09:ab:58:d4:62:f8:6d:08:00:fe:12:c7:db:80:
ce:0b:af:83:74:67:06:b2:65:eb:5f:4c:11:46:ac:b1:06:6b:
a7:03:41:5a:85:50:fe:b1:cb:69:ee:60:a8:78:24:d1:d8:bf:
61:93:71:32:74:6a:ae:51:d0:2f:50:2d:4b:db:c1:40:25:83:
39:12:f3:35:18:36:5f:b4:53:7e:7d:66:14:5f:ec:de:e7:d5:
5a:0b:53:d6:a0:4f:7d:58:45:10:58:57:89:49:13:24:bf:0b:
48:ab:ec:6f:54:64:55:aa:97:76:2d:db:89:06:61:2e:0f:db:
79:b6:22:f3:d1:22:e8:5c:8c:18:50:89:0a:4d:07:cd:d5:47:
4e:cf:91:30:93:10:c3:d8:08:14:24:bd:fd:5b:8d:5b:78:bc:
b5:80:98:46:24:e7:2a:47:14:89:95:b5:25:6b:99:f1:04:40:
9e:a3:bb:b4:33:8a:e2:02:42:12:f5:c5:75:3c:1c:e6:e7:f8:
82:89:d1:8e:d1:0b:bf:fe:33:08:bf:b6:0e:91:37:15:5b:e6:
57:33:cb:c7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZW/5BGqTlEehOh+1RCfq3PyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzIyMjIwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RjZGFmMDE2NDkwNDFjNmYxZjU4NzY5OGY2NjY5MDdlZjc4OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrHs/jQZ0Hchi0rrJd9wijtkWRz2
T3VTqMfITovrW+AQKuKayR6u8HytmMT+KwEScJSrmg3h9NGBQ3BQCaHQd55Y45ln
RTCX9E+Val5Jmbjzweh6L1OhAlWkFrP9TtwdYDsfQPo/yaaGtcr6hJlQMyxrbMsp
XRWDsJLpJvGYWebKmngx8Y3peHKQm4HChoF9N0WmJXimEJZyo2fE6xF9PWNT+epd
ZaBbMRWk9umqxv+Qu2YCkvGTMXyl70ZKjpDv3AQj8z1uxcggnVmMzR/20Wi3gs1x
cwySV61SJmxAL70S8j4KzqfSbnEfD80AWj3ponykg7tw6fUhUlSJrj9NEwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOfc2vAWSQQcbx9Ydpj2ZpB+94m1MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvNTl6YThCWkpCQnh2SDFoMm1QWm1rSDczaWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVv+NYWDANBgkqhkiG9w0BAQsFAAOCAQEAMXDG08rqceR9lvbZcxPdC8W9
DvIw6dmQcvaJGe4WiWMZS1TG+EKBfAmrWNRi+G0IAP4Sx9uAzguvg3RnBrJl619M
EUassQZrpwNBWoVQ/rHLae5gqHgk0di/YZNxMnRqrlHQL1AtS9vBQCWDORLzNRg2
X7RTfn1mFF/s3ufVWgtT1qBPfVhFEFhXiUkTJL8LSKvsb1RkVaqXdi3biQZhLg/b
ebYi89Ei6FyMGFCJCk0HzdVHTs+RMJMQw9gIFCS9/VuNW3i8tYCYRiTnKkcUiZW1
JWuZ8QRAnqO7tDOK4gJCEvXFdTwc5uf4gonRjtELv/4zCL+2DpE3FVvmVzPLxw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:54 2025 by rpki-client