Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/G2zbQeZvjbcvLWLFv-BgX1lFZPM.roa
File: G2zbQeZvjbcvLWLFv-BgX1lFZPM.roa (raw, json)
Hash identifier: DnBFealRFr7kaosHQFU6vDfJC3HG5uf1MevRSlEcmpg=
Subject key identifier: 1B:6C:DB:41:E6:6F:8D:B7:2F:2D:62:C5:BF:E0:60:5F:59:45:64:F3
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F1B55D1D2B621F9DA1A9C592CB86D59F
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/G2zbQeZvjbcvLWLFv-BgX1lFZPM.roa
Signing time: Tue 01 Apr 2025 14:15:49 +0000
ROA not before: Tue 01 Apr 2025 14:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:b5:5d:1d:2b:62:1f:9d:a1:a9:c5:92:cb:86:d5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 14:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b6cdb41e66f8db72f2d62c5bfe0605f594564f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:44:83:41:6e:ce:30:a6:48:67:b7:52:78:fd:
f4:73:15:5f:a0:96:d0:57:03:37:dc:c7:40:e0:fb:
a1:22:d8:4c:11:58:72:61:25:74:d7:8c:a1:20:b4:
7e:70:a4:2b:66:11:9c:be:0a:e3:c2:79:a0:4a:a0:
6e:ca:6b:4e:13:6a:f6:a7:ad:ac:99:fd:0f:10:25:
94:15:a8:5a:40:80:76:3b:c1:0a:23:a6:60:0e:ec:
bb:0b:46:e4:28:0f:a9:7e:40:4a:83:b0:dd:10:e5:
f0:e9:1a:99:c0:c6:2d:1f:9e:35:06:df:fc:ac:35:
c2:52:f3:84:cf:03:52:c9:98:50:ad:77:ea:e9:9d:
ed:19:74:22:6b:a8:46:50:23:8d:42:fa:8a:27:5e:
82:52:86:1a:81:4a:5c:7a:15:0a:1e:c5:01:7e:57:
c5:9a:ed:18:d5:26:05:d3:60:33:5a:65:12:8d:35:
4e:26:72:29:c6:0f:ac:ff:b9:88:81:9c:69:a5:65:
57:9b:7d:1b:99:00:31:1f:93:22:b4:e0:ee:c2:89:
55:51:bb:5e:be:a9:02:0d:6a:c0:01:21:24:2f:87:
88:13:05:95:cb:2d:16:07:6c:5d:69:5c:a1:18:74:
8a:56:40:d6:fd:92:b4:73:e6:c4:eb:87:58:b3:1e:
97:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6C:DB:41:E6:6F:8D:B7:2F:2D:62:C5:BF:E0:60:5F:59:45:64:F3
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/G2zbQeZvjbcvLWLFv-BgX1lFZPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
72:6d:9c:ca:a9:48:1f:b5:59:6b:7e:79:87:5d:fa:b7:bf:99:
99:70:65:e2:ae:49:64:4d:27:17:12:13:bd:58:29:72:ac:8f:
d7:2c:a2:ef:2a:46:3c:cf:e8:bb:8b:01:76:eb:75:44:ef:e3:
e5:72:48:a9:db:60:ce:fd:3f:3b:89:ba:e9:ae:29:6e:ba:19:
1d:68:88:37:20:e4:36:ba:02:c6:ca:59:6c:dc:fa:58:87:c4:
82:17:3d:3d:0f:f8:cb:cd:3e:7c:ac:d2:66:06:81:b6:40:0d:
37:f8:a9:fa:7a:54:cf:1d:6e:48:1f:e5:36:5c:85:40:c5:8d:
77:6f:64:55:49:af:39:eb:ba:db:3f:54:df:43:69:38:a4:70:
54:d8:5c:32:ac:85:73:ff:84:fb:a6:a4:06:6e:57:48:75:4f:
47:e4:44:1f:a9:d0:1c:0e:9c:71:5a:9f:5d:80:a9:cb:a0:c1:
8f:7b:9b:d1:22:ed:59:22:2a:fb:f1:b5:e5:30:57:12:d4:07:
b6:40:46:f5:13:13:cc:4c:29:ed:fd:74:b0:3d:ec:22:ad:49:
68:8a:ee:da:49:37:f8:12:6f:d5:fb:19:e1:bb:94:c1:07:8b:
c6:f3:78:2c:44:40:3a:9f:c2:2f:de:33:91:69:0b:ef:4c:3e:
ef:fc:cd:1e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXxtV0dK2IfnaGpxZLLhtWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMTQxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZjZGI0MWU2NmY4ZGI3MmYyZDYyYzViZmUwNjA1ZjU5NDU2NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0SDQW7OMKZIZ7dSeP30cxVfoJbQ
VwM33MdA4PuhIthMEVhyYSV014yhILR+cKQrZhGcvgrjwnmgSqBuymtOE2r2p62s
mf0PECWUFahaQIB2O8EKI6ZgDuy7C0bkKA+pfkBKg7DdEOXw6RqZwMYtH541Bt/8
rDXCUvOEzwNSyZhQrXfq6Z3tGXQia6hGUCONQvqKJ16CUoYagUpcehUKHsUBflfF
mu0Y1SYF02AzWmUSjTVOJnIpxg+s/7mIgZxppWVXm30bmQAxH5MitODuwolVUbte
vqkCDWrAASEkL4eIEwWVyy0WB2xdaVyhGHSKVkDW/ZK0c+bE64dYsx6X3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBts20Hmb423Ly1ixb/gYF9ZRWTzMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvRzJ6YlFlWnZqYmN2TFdMRnYtQmdYMWxGWlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAcm2cyqlIH7VZa355h136t7+Z
mXBl4q5JZE0nFxITvVgpcqyP1yyi7ypGPM/ou4sBdut1RO/j5XJIqdtgzv0/O4m6
6a4pbroZHWiINyDkNroCxspZbNz6WIfEghc9PQ/4y80+fKzSZgaBtkANN/ip+npU
zx1uSB/lNlyFQMWNd29kVUmvOeu62z9U30NpOKRwVNhcMqyFc/+E+6akBm5XSHVP
R+REH6nQHA6ccVqfXYCpy6DBj3ub0SLtWSIq+/G15TBXEtQHtkBG9RMTzEwp7f10
sD3sIq1JaIru2kk3+BJv1fsZ4buUwQeLxvN4LERAOp/CL94zkWkL70w+7/zNHg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:16 2025 by rpki-client