Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7Zg-FvlGAapdlv08p0cpE6Z365k.roa
File: 7Zg-FvlGAapdlv08p0cpE6Z365k.roa (raw, json)
Hash identifier: LuwdHdE/L12Dxk67a3TtJSmaJu8Em2p8YY2mGfXDtvc=
Subject key identifier: ED:98:3E:16:F9:46:01:AA:5D:96:FD:3C:A7:47:29:13:A6:77:EB:99
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195D5C62E06036D931B7B429DDF8D22DFD9
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7Zg-FvlGAapdlv08p0cpE6Z365k.roa
Signing time: Thu 27 Mar 2025 04:04:49 +0000
ROA not before: Thu 27 Mar 2025 04:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:d5c5:d6a2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d5:c6:2e:06:03:6d:93:1b:7b:42:9d:df:8d:22:df:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 27 04:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed983e16f94601aa5d96fd3ca7472913a677eb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a7:82:55:35:8c:44:76:cd:32:c7:bc:9d:ef:
8c:04:ef:df:8a:a8:f8:9f:6c:38:49:da:f4:2b:d6:
83:68:fb:30:5a:ed:03:73:10:b1:5f:f1:37:bb:fc:
c7:7b:8f:fc:fb:46:33:4f:0a:eb:eb:17:7c:d7:c2:
21:ad:49:be:34:be:d7:a8:d6:14:71:e3:0a:5d:3c:
59:60:af:19:a8:09:7d:6a:33:b6:4d:f2:da:5e:44:
96:89:3c:bf:ae:a5:40:88:a2:8f:22:37:0c:42:6f:
a3:5c:cb:18:10:57:f1:60:35:ec:1e:0f:94:7b:46:
a2:d3:2a:88:b4:cc:01:f1:db:5d:8e:7f:0f:46:d9:
fd:17:b4:39:36:c1:20:e6:d7:c9:d8:eb:41:e0:24:
46:58:05:91:fb:63:96:78:f2:8f:f7:56:9f:71:ad:
bb:54:98:8a:9a:e0:5e:15:53:69:4e:17:61:ad:ef:
93:dc:5d:89:f8:91:32:b7:37:c9:3b:8a:b3:13:fc:
ca:21:5b:c3:93:fb:17:46:8f:23:a9:83:3f:35:0c:
84:01:28:e5:b9:02:60:23:fc:77:c9:fd:bc:56:7f:
3a:23:ff:55:7b:71:58:f0:44:b4:5a:cd:cd:68:74:
47:80:82:57:91:5f:a3:d0:8e:15:76:91:58:f4:ce:
f7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:98:3E:16:F9:46:01:AA:5D:96:FD:3C:A7:47:29:13:A6:77:EB:99
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7Zg-FvlGAapdlv08p0cpE6Z365k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:d5c5:d6a2/128
Signature Algorithm: sha256WithRSAEncryption
56:60:09:20:37:c7:7b:cc:6c:9a:38:99:0c:bc:3c:a6:11:e8:
67:c8:98:31:c9:fc:c0:06:ad:b7:b5:30:82:80:68:65:92:df:
06:98:26:63:d9:c4:c9:08:9a:4e:9d:b0:6b:e9:c2:f1:3c:b5:
3e:4a:49:0f:f5:11:41:82:1c:cc:dd:e1:88:7d:2c:a7:01:fc:
92:40:1a:4e:62:5b:bc:b2:ec:6e:e3:66:95:0e:01:4d:b8:f5:
90:26:53:4b:34:a7:d3:4b:72:fe:16:9f:76:e6:91:b7:db:6d:
15:e6:f2:d6:98:20:f1:29:f3:df:30:b5:ec:00:46:a9:b7:01:
05:1d:46:95:5f:e4:13:b1:9a:6c:2e:72:df:84:e9:99:52:33:
41:84:98:b7:03:35:28:12:95:da:40:0b:c2:45:82:f8:a7:b5:
f4:13:88:f6:5d:7b:13:81:c9:99:f4:40:02:1a:3d:6d:c8:e3:
10:72:05:4b:f8:49:a3:08:39:be:d3:45:c6:78:23:4f:cc:cd:
dd:53:c5:66:95:13:ab:84:56:62:e0:c2:a3:81:33:3f:7d:2e:
cb:80:ea:12:a0:de:b0:0f:79:bb:2d:71:41:b5:41:f0:73:f0:
85:f2:0e:e6:7e:b3:2f:4d:75:7e:24:1c:41:15:87:23:d7:80:
85:72:5c:1a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXVxi4GA22TG3tCnd+NIt/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI3MDQwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDk4M2UxNmY5NDYwMWFhNWQ5NmZkM2NhNzQ3MjkxM2E2NzdlYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaeCVTWMRHbNMse8ne+MBO/fiqj4
n2w4Sdr0K9aDaPswWu0DcxCxX/E3u/zHe4/8+0YzTwrr6xd818IhrUm+NL7XqNYU
ceMKXTxZYK8ZqAl9ajO2TfLaXkSWiTy/rqVAiKKPIjcMQm+jXMsYEFfxYDXsHg+U
e0ai0yqItMwB8dtdjn8PRtn9F7Q5NsEg5tfJ2OtB4CRGWAWR+2OWePKP91afca27
VJiKmuBeFVNpThdhre+T3F2J+JEytzfJO4qzE/zKIVvDk/sXRo8jqYM/NQyEASjl
uQJgI/x3yf28Vn86I/9Ve3FY8ES0Ws3NaHRHgIJXkV+j0I4VdpFY9M73qQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFO2YPhb5RgGqXZb9PKdHKROmd+uZMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvN1pnLUZ2bEdBYXBkbHYwOHAwY3BFNlozNjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV1cXWojANBgkqhkiG9w0BAQsFAAOCAQEAVmAJIDfHe8xsmjiZDLw8phHo
Z8iYMcn8wAatt7UwgoBoZZLfBpgmY9nEyQiaTp2wa+nC8Ty1PkpJD/URQYIczN3h
iH0spwH8kkAaTmJbvLLsbuNmlQ4BTbj1kCZTSzSn00ty/hafduaRt9ttFeby1pgg
8Snz3zC17ABGqbcBBR1GlV/kE7GabC5y34TpmVIzQYSYtwM1KBKV2kALwkWC+Ke1
9BOI9l17E4HJmfRAAho9bcjjEHIFS/hJowg5vtNFxngjT8zN3VPFZpUTq4RWYuDC
o4EzP30uy4DqEqDesA95uy1xQbVB8HPwhfIO5n6zL011fiQcQRWHI9eAhXJcGg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:23:06 2025 by rpki-client