Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CkkYaKTNHSVEmYsMwH97QM584bU.roa
File: CkkYaKTNHSVEmYsMwH97QM584bU.roa (raw, json)
Hash identifier: /TDOlHrn80KTGvjt7UC+SDzC66AfyWFSvUAu14q5QWQ=
Subject key identifier: 0A:49:18:68:A4:CD:1D:25:44:99:8B:0C:C0:7F:7B:40:CE:7C:E1:B5
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FBC868AF2DE1307E85B2E549E29DF4B2
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CkkYaKTNHSVEmYsMwH97QM584bU.roa
Signing time: Thu 03 Apr 2025 13:12:50 +0000
ROA not before: Thu 03 Apr 2025 13:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:c8:68:af:2d:e1:30:7e:85:b2:e5:49:e2:9d:f4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 13:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a491868a4cd1d2544998b0cc07f7b40ce7ce1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:0c:b7:8c:d1:2f:03:63:c0:95:e9:70:78:
3e:ce:d7:9e:4d:b9:80:4b:6d:e4:d0:c0:10:7f:3d:
ff:7a:ac:6e:86:23:38:e6:34:0d:d8:ae:ac:2a:da:
11:15:9f:21:60:98:63:ec:74:f5:3d:8c:67:0b:c3:
98:db:0f:85:e3:c5:a2:47:02:1a:15:33:04:02:b2:
4d:6a:1f:92:ca:e3:92:fe:60:45:38:ad:e7:86:f7:
5c:58:43:fb:98:25:67:94:80:7f:90:cd:31:0e:20:
04:40:26:fc:03:a5:e5:4e:07:80:e2:e1:e3:b9:ca:
23:cc:1c:45:fd:32:42:32:8b:7b:ac:c7:b5:ea:03:
94:ea:89:a9:97:03:50:80:67:a8:ec:b9:b6:64:12:
9a:5a:e8:f5:6a:f2:3c:c1:f4:57:78:dc:55:7d:93:
34:00:ec:31:97:0d:b2:7f:82:9c:15:60:78:eb:e1:
36:c3:6d:b3:80:20:f8:d7:ca:5a:ed:38:35:b7:9b:
93:58:7a:fc:4d:15:38:4c:73:ea:2d:84:63:26:4c:
9a:6d:33:b6:05:1c:39:70:e7:cc:04:64:39:6f:8e:
88:ca:bd:27:cf:f4:a7:a2:fc:c7:17:11:19:10:79:
fd:bc:9e:f3:67:a6:4b:6d:fc:2e:c3:5e:bc:98:55:
ba:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:49:18:68:A4:CD:1D:25:44:99:8B:0C:C0:7F:7B:40:CE:7C:E1:B5
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CkkYaKTNHSVEmYsMwH97QM584bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
25:c9:1e:e4:eb:f0:da:aa:5e:a0:0d:1e:8f:66:be:f8:ff:af:
94:21:08:c3:0d:2f:0a:79:12:15:ec:f6:fc:4f:8e:72:e1:3f:
f7:f5:33:03:6f:2a:06:75:58:85:d3:0f:74:c5:e6:e4:31:19:
f2:bc:8c:39:9a:00:34:f0:15:a6:b5:10:6b:0a:b5:d4:5d:6b:
8b:4b:35:ff:26:9b:af:48:1a:30:b0:e8:6d:9f:df:a4:17:44:
29:66:fa:02:59:05:91:73:ee:24:f4:cd:d2:0b:34:a8:e4:8b:
3e:e4:de:68:0c:87:7b:7e:87:4f:b9:84:34:76:85:8b:c1:d1:
b3:3e:11:79:a2:9b:5c:46:89:54:62:76:92:d0:d1:83:c1:7e:
12:19:1b:2e:8a:5e:7e:1b:3b:6e:7f:ad:d1:9c:b7:18:32:f1:
a0:1b:f4:21:17:f4:cd:80:c3:32:4d:b6:f1:5d:b8:5c:4b:e8:
7d:01:78:b3:79:7e:31:8b:e6:4b:cb:47:7a:28:bc:2f:46:b2:
d4:24:84:30:9d:6a:8f:36:36:64:78:c3:e7:f9:66:fd:6b:ff:
ad:79:53:05:ec:c0:ef:a8:9d:60:8e:1b:e3:db:67:b0:fa:49:
1c:e2:a9:bc:72:de:3f:9e:12:16:f5:26:fa:10:b9:b5:7f:60:
fa:5b:a6:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX7yGivLeEwfoWy5UninfSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMTMxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ5MTg2OGE0Y2QxZDI1NDQ5OThiMGNjMDdmN2I0MGNlN2NlMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQYMt4zRLwNjwJXpcHg+zteeTbmA
S23k0MAQfz3/eqxuhiM45jQN2K6sKtoRFZ8hYJhj7HT1PYxnC8OY2w+F48WiRwIa
FTMEArJNah+SyuOS/mBFOK3nhvdcWEP7mCVnlIB/kM0xDiAEQCb8A6XlTgeA4uHj
ucojzBxF/TJCMot7rMe16gOU6omplwNQgGeo7Lm2ZBKaWuj1avI8wfRXeNxVfZM0
AOwxlw2yf4KcFWB46+E2w22zgCD418pa7Tg1t5uTWHr8TRU4THPqLYRjJkyabTO2
BRw5cOfMBGQ5b46Iyr0nz/SnovzHFxEZEHn9vJ7zZ6ZLbfwuw168mFW6xQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFApJGGikzR0lRJmLDMB/e0DOfOG1MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvQ2trWWFLVE5IU1ZFbVlzTXdIOTdRTTU4NGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAJcke5Ovw2qpeoA0ej2a++P+v
lCEIww0vCnkSFez2/E+OcuE/9/UzA28qBnVYhdMPdMXm5DEZ8ryMOZoANPAVprUQ
awq11F1ri0s1/yabr0gaMLDobZ/fpBdEKWb6AlkFkXPuJPTN0gs0qOSLPuTeaAyH
e36HT7mENHaFi8HRsz4ReaKbXEaJVGJ2ktDRg8F+EhkbLopefhs7bn+t0Zy3GDLx
oBv0IRf0zYDDMk228V24XEvofQF4s3l+MYvmS8tHeii8L0ay1CSEMJ1qjzY2ZHjD
5/lm/Wv/rXlTBezA76idYI4b49tnsPpJHOKpvHLeP54SFvUm+hC5tX9g+lumYg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:33 2025 by rpki-client