Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7o9FAzKMe-QnslPjOA0zIqjx1Xc.roa
File: 7o9FAzKMe-QnslPjOA0zIqjx1Xc.roa (raw, json)
Hash identifier: jRCxrce/2qKHoGMQDd0CZgFQE+LbSQmGo3/0VFqehRo=
Subject key identifier: EE:8F:45:03:32:8C:7B:E4:27:B2:53:E3:38:0D:33:22:A8:F1:D5:77
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FE5D6AC4C70466A412A7CB4EB89E5C7E
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7o9FAzKMe-QnslPjOA0zIqjx1Xc.roa
Signing time: Fri 04 Apr 2025 01:14:49 +0000
ROA not before: Fri 04 Apr 2025 01:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fe:5d:6a:c4:c7:04:66:a4:12:a7:cb:4e:b8:9e:5c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 4 01:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee8f4503328c7be427b253e3380d3322a8f1d577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:14:9d:3e:b8:53:33:f6:ab:d4:74:8c:41:5e:
ef:9f:6b:87:23:20:59:b4:16:2c:33:50:c3:75:16:
b6:8d:c6:be:81:0b:34:77:73:fd:3f:6d:04:ef:6f:
fb:93:8a:f2:67:bc:77:91:f7:cb:54:4d:77:d3:b4:
db:39:85:8b:96:21:e2:b1:2a:9d:84:d1:ec:57:1a:
cd:f5:65:c4:68:5b:a9:b4:3a:26:66:71:63:ba:7c:
2e:7c:5a:de:bf:0f:00:c9:b6:79:27:79:e5:70:6c:
5c:6c:7a:74:c1:2d:68:c6:6f:fa:bf:44:0b:3c:ce:
b2:97:f5:7e:43:af:4f:2b:e8:f7:c8:af:03:11:78:
81:93:0d:43:b3:d3:3c:ab:fd:f8:75:17:0f:5e:0d:
ef:4a:c5:56:1f:65:2b:79:0a:dc:63:86:1e:92:74:
37:33:54:0b:3b:d4:a9:11:7a:a8:35:fa:98:db:83:
68:b3:d8:92:8b:85:13:59:fb:f8:39:93:83:06:5c:
0c:6e:e5:00:e1:27:67:7e:c2:53:84:b9:96:a4:c0:
4e:86:eb:20:7f:0c:12:62:3e:e7:92:a2:dd:fd:f1:
53:a9:72:67:42:0c:f8:e8:5d:7d:fe:40:95:51:42:
fb:5c:ea:b2:29:17:72:c8:2c:b8:1b:c6:da:94:2e:
51:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8F:45:03:32:8C:7B:E4:27:B2:53:E3:38:0D:33:22:A8:F1:D5:77
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/7o9FAzKMe-QnslPjOA0zIqjx1Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
6a:e7:21:2e:d5:68:11:8f:4d:10:bf:7e:0d:bd:95:35:de:7f:
33:1d:f7:eb:d2:65:b7:2d:03:27:71:41:48:aa:33:7f:17:03:
60:f8:d8:09:56:00:cb:03:a3:63:44:bb:d8:79:19:38:da:68:
f1:fb:e2:f2:af:a6:b4:fd:9e:7f:3a:89:65:3a:99:f6:6c:bc:
ee:e7:de:36:99:2d:d6:77:86:97:37:41:37:42:47:a2:1c:45:
2f:e5:92:58:4f:96:9e:fc:40:c2:65:cf:89:fd:81:9b:aa:20:
c6:56:71:72:14:3b:e1:e4:01:8e:fa:b7:2b:3b:6e:8e:79:52:
7f:57:a0:a6:ce:29:94:e2:5e:a8:46:e3:0c:5e:3b:b2:8c:19:
56:70:c0:c5:c1:1e:57:13:89:c3:9c:25:fc:60:cb:ba:7f:7f:
8f:d8:25:bb:5b:61:b6:e1:a0:0d:29:a3:8c:e5:30:5c:32:fc:
94:74:6f:c0:7b:fb:e6:8b:35:46:54:67:32:1c:e1:d8:f0:f6:
ec:b1:a5:db:29:3a:06:c4:46:00:73:fb:5a:24:f6:6b:59:82:
9a:20:87:02:72:71:1e:c8:d4:24:c2:cf:95:e5:53:d9:56:7d:
83:64:ec:4f:28:0f:20:cd:5b:2d:75:39:64:f7:25:aa:53:3e:
9f:95:52:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX+XWrExwRmpBKny064nlx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDA0MDExNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThmNDUwMzMyOGM3YmU0MjdiMjUzZTMzODBkMzMyMmE4ZjFkNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRSdPrhTM/ar1HSMQV7vn2uHIyBZ
tBYsM1DDdRa2jca+gQs0d3P9P20E72/7k4ryZ7x3kffLVE1307TbOYWLliHisSqd
hNHsVxrN9WXEaFuptDomZnFjunwufFrevw8AybZ5J3nlcGxcbHp0wS1oxm/6v0QL
PM6yl/V+Q69PK+j3yK8DEXiBkw1Ds9M8q/34dRcPXg3vSsVWH2UreQrcY4YeknQ3
M1QLO9SpEXqoNfqY24Nos9iSi4UTWfv4OZODBlwMbuUA4SdnfsJThLmWpMBOhusg
fwwSYj7nkqLd/fFTqXJnQgz46F19/kCVUUL7XOqyKRdyyCy4G8balC5RcwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFO6PRQMyjHvkJ7JT4zgNMyKo8dV3MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvN285RkF6S01lLVFuc2xQak9BMHpJcWp4MVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAauchLtVoEY9NEL9+Db2VNd5/
Mx3369Jlty0DJ3FBSKozfxcDYPjYCVYAywOjY0S72HkZONpo8fvi8q+mtP2efzqJ
ZTqZ9my87ufeNpkt1neGlzdBN0JHohxFL+WSWE+WnvxAwmXPif2Bm6ogxlZxchQ7
4eQBjvq3KztujnlSf1egps4plOJeqEbjDF47sowZVnDAxcEeVxOJw5wl/GDLun9/
j9glu1thtuGgDSmjjOUwXDL8lHRvwHv75os1RlRnMhzh2PD27LGl2yk6BsRGAHP7
WiT2a1mCmiCHAnJxHsjUJMLPleVT2VZ9g2TsTygPIM1bLXU5ZPclqlM+n5VSZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:21:38 2025 by rpki-client