Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/9l6jSquQrYedVMgOoECE97xGz0E.roa
File: 9l6jSquQrYedVMgOoECE97xGz0E.roa (raw, json)
Hash identifier: ZN3Dz1rJ7AEFon9BQyCruaRXO/NzgBl/OxWVjeHhwk8=
Subject key identifier: F6:5E:A3:4A:AB:90:AD:87:9D:54:C8:0E:A0:40:84:F7:BC:46:CF:41
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DF096594216C422548BE2CDD4661091F
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/9l6jSquQrYedVMgOoECE97xGz0E.roa
Signing time: Fri 28 Mar 2025 23:14:49 +0000
ROA not before: Fri 28 Mar 2025 23:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:09:65:94:21:6c:42:25:48:be:2c:dd:46:61:09:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 23:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f65ea34aab90ad879d54c80ea04084f7bc46cf41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:2d:51:c1:a5:6c:0f:f8:8b:9a:0f:c7:83:
f1:30:6c:13:f2:00:d2:d4:00:73:08:b8:76:9a:a8:
ac:c5:2f:3e:7c:35:ed:5d:aa:47:5b:b1:2e:d8:ac:
01:c5:d6:ae:0c:72:6a:a3:12:cf:99:29:02:38:35:
72:23:91:5c:a6:8f:d8:47:ac:d4:6b:60:28:33:63:
e3:06:80:c1:1a:eb:c1:7e:c3:5f:66:51:86:cf:85:
68:18:eb:7c:c5:5c:6c:b1:1e:de:4c:bd:ea:4e:ad:
82:f6:2a:3b:83:23:fe:6e:ee:fb:a2:dc:48:29:75:
e5:57:1c:c2:83:79:79:aa:63:32:6a:4e:2c:37:c3:
41:ed:7b:b2:90:5d:88:d7:dd:0a:44:da:a2:c4:0c:
02:d8:b3:3a:af:f8:74:29:eb:54:81:7b:8b:21:f0:
a8:11:56:1d:ae:a7:6c:93:d4:36:b3:97:be:ee:da:
84:b8:4d:a0:30:dd:06:f4:7a:f4:17:52:74:6e:ff:
87:4e:61:b6:47:1f:b4:42:b6:de:43:18:eb:f3:80:
29:f5:d4:5c:31:58:4c:e8:8c:b6:3c:be:65:6a:b6:
70:37:f0:14:51:5b:07:13:86:bd:76:0d:38:4c:00:
62:78:1a:ac:20:96:f8:3e:c6:15:ef:2d:0b:99:8c:
84:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5E:A3:4A:AB:90:AD:87:9D:54:C8:0E:A0:40:84:F7:BC:46:CF:41
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/9l6jSquQrYedVMgOoECE97xGz0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
05:bb:be:69:69:86:aa:d7:06:34:23:90:cb:7a:5d:85:ac:f9:
33:dc:1b:ef:a6:09:e7:70:ed:7c:cb:43:dd:73:3d:bc:8e:84:
e3:af:00:94:97:2d:94:c5:1b:06:77:f6:f7:a4:81:35:d9:88:
c0:2a:4b:bf:b9:aa:fd:b1:55:ea:65:72:7d:24:77:49:55:8f:
25:ee:98:24:77:d1:a2:9a:27:95:94:0e:06:53:a3:30:c2:46:
3e:6d:54:8f:23:db:db:f0:fa:04:02:1e:1b:44:e0:06:d7:a3:
fb:dc:82:aa:cb:5c:d0:0d:39:a3:06:ae:5b:50:15:da:5b:45:
b6:58:45:4a:a6:75:35:07:ba:22:93:09:8c:37:af:e6:44:de:
c0:8f:f7:6c:06:fe:10:cc:e3:31:28:ba:b5:d6:c9:1a:b5:26:
e8:20:7c:58:46:59:a4:7d:f3:44:b7:b8:de:1c:d3:cd:54:a9:
fc:3e:fe:59:5a:f4:95:7b:19:a1:cf:7a:c9:eb:34:24:6f:d9:
68:bc:ba:ae:fa:c3:f3:f2:41:71:23:1d:f5:67:c8:a3:9c:ff:
90:b5:44:64:38:cf:58:ae:ed:20:28:53:3d:64:ed:2e:ea:c4:
06:31:0f:b1:8f:3d:33:16:4d:19:a0:d4:ad:a2:83:31:27:3f:
8d:f7:54:81
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXfCWWUIWxCJUi+LN1GYQkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MjMxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVlYTM0YWFiOTBhZDg3OWQ1NGM4MGVhMDQwODRmN2JjNDZjZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3stUcGlbA/4i5oPx4PxMGwT8gDS
1ABzCLh2mqisxS8+fDXtXapHW7Eu2KwBxdauDHJqoxLPmSkCODVyI5Fcpo/YR6zU
a2AoM2PjBoDBGuvBfsNfZlGGz4VoGOt8xVxssR7eTL3qTq2C9io7gyP+bu77otxI
KXXlVxzCg3l5qmMyak4sN8NB7XuykF2I190KRNqixAwC2LM6r/h0KetUgXuLIfCo
EVYdrqdsk9Q2s5e+7tqEuE2gMN0G9Hr0F1J0bv+HTmG2Rx+0QrbeQxjr84Ap9dRc
MVhM6Iy2PL5larZwN/AUUVsHE4a9dg04TABieBqsIJb4PsYV7y0LmYyEdwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPZeo0qrkK2HnVTIDqBAhPe8Rs9BMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvOWw2alNxdVFyWWVkVk1nT29FQ0U5N3hHejBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEABbu+aWmGqtcGNCOQy3pdhaz5
M9wb76YJ53DtfMtD3XM9vI6E468AlJctlMUbBnf296SBNdmIwCpLv7mq/bFV6mVy
fSR3SVWPJe6YJHfRoponlZQOBlOjMMJGPm1UjyPb2/D6BAIeG0TgBtej+9yCqstc
0A05owauW1AV2ltFtlhFSqZ1NQe6IpMJjDev5kTewI/3bAb+EMzjMSi6tdbJGrUm
6CB8WEZZpH3zRLe43hzTzVSp/D7+WVr0lXsZoc96yes0JG/ZaLy6rvrD8/JBcSMd
9WfIo5z/kLVEZDjPWK7tIChTPWTtLurEBjEPsY89MxZNGaDUraKDMSc/jfdUgQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:47:54 2025 by rpki-client