Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/GSDtn6K3I17jJhmSo-WbmxVeKoA.roa
File: GSDtn6K3I17jJhmSo-WbmxVeKoA.roa (raw, json)
Hash identifier: zNKB/0zXwidBPfYYuu2N8VDlGZSGDvJn1A9C6HWzVtk=
Subject key identifier: 19:20:ED:9F:A2:B7:23:5E:E3:26:19:92:A3:E5:9B:9B:15:5E:2A:80
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EE44A0910367ACA3A10CA5DD83702CE8
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/GSDtn6K3I17jJhmSo-WbmxVeKoA.roa
Signing time: Mon 31 Mar 2025 22:13:49 +0000
ROA not before: Mon 31 Mar 2025 22:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ee:44:a0:91:03:67:ac:a3:a1:0c:a5:dd:83:70:2c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 22:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1920ed9fa2b7235ee3261992a3e59b9b155e2a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:65:a4:c3:62:7e:c7:68:21:da:13:3f:de:
62:0a:ab:8c:d0:a6:8c:e2:e7:4e:c1:3b:42:e9:76:
f1:a9:22:49:ed:e9:f9:fa:08:de:86:a2:a5:71:f0:
e5:67:24:07:00:d9:66:11:b9:d7:e5:c2:08:3e:f5:
c2:0c:c1:95:97:d7:51:19:3f:98:11:5a:63:b1:54:
c0:47:f3:25:5a:10:27:62:ed:e6:eb:d9:d5:00:dc:
08:34:e7:4e:9c:a4:94:3c:10:7e:bc:f8:52:1d:d4:
42:47:45:ac:2d:b4:b3:ad:df:bc:4e:2d:90:2b:99:
0d:37:1a:07:e5:1c:be:e8:1d:bc:c2:7d:00:81:fc:
7f:ed:0d:97:33:15:1a:a2:b3:a5:4d:cf:87:45:02:
4b:09:a4:ff:b0:62:c6:9f:12:1d:f7:95:44:c9:67:
50:78:82:b0:64:ef:49:84:ae:cc:78:47:2b:69:4f:
f3:7d:ee:df:c5:98:bd:1e:cd:39:d2:10:3a:67:73:
b3:b1:6b:a9:89:a7:f8:cf:1f:d4:84:6e:43:da:44:
24:67:18:24:7c:98:cb:49:6d:90:5d:29:17:b2:88:
86:7a:76:d0:08:9e:22:49:7a:00:58:c6:3b:bd:a8:
47:2b:7b:c8:c2:8c:ed:05:7a:ed:8b:f8:ac:76:8d:
90:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:20:ED:9F:A2:B7:23:5E:E3:26:19:92:A3:E5:9B:9B:15:5E:2A:80
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/GSDtn6K3I17jJhmSo-WbmxVeKoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
80:24:16:61:c2:86:89:78:54:62:08:1f:f2:5c:fc:87:11:dd:
11:e3:c8:be:98:d9:05:1f:5d:f7:c9:60:10:ce:0d:ba:21:02:
e9:e3:eb:1a:2a:bd:f4:fc:c2:60:7f:28:2c:6e:cd:0e:42:a5:
d2:2c:81:63:85:9c:4e:86:db:1d:df:da:b6:b8:55:8b:56:e7:
3e:ea:d9:e4:60:80:90:64:fe:5c:4d:af:7c:2e:73:30:de:0f:
f9:57:37:70:de:64:69:20:6e:cc:5f:66:de:0a:68:f7:df:47:
a2:6e:e0:56:aa:29:ff:5b:60:0a:fc:88:19:4a:44:b1:97:ca:
14:3e:23:dd:52:b9:99:59:a0:40:49:9c:f5:11:38:24:ac:0a:
3a:7f:d1:77:7b:b4:95:f9:68:d2:e0:cd:c8:a5:83:0e:00:81:
ea:c4:2c:c5:03:cc:ce:19:e0:63:61:65:2e:40:59:80:dd:3c:
cb:72:4e:bb:d1:c3:f4:d4:29:8b:e5:73:29:0c:24:c4:61:50:
87:d6:c1:e5:3d:69:b3:d1:80:cc:61:10:1e:74:b4:49:0b:fc:
61:bd:e8:79:b7:aa:b9:ca:62:5a:51:97:8e:ce:5a:06:b6:e4:
b0:06:5e:50:96:9e:c3:2b:e7:5b:93:31:c4:07:b4:10:e0:01:
60:a2:77:2d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXuRKCRA2eso6EMpd2DcCzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMjIxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTIwZWQ5ZmEyYjcyMzVlZTMyNjE5OTJhM2U1OWI5YjE1NWUyYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqFlpMNifsdoIdoTP95iCquM0KaM
4udOwTtC6XbxqSJJ7en5+gjehqKlcfDlZyQHANlmEbnX5cIIPvXCDMGVl9dRGT+Y
EVpjsVTAR/MlWhAnYu3m69nVANwINOdOnKSUPBB+vPhSHdRCR0WsLbSzrd+8Ti2Q
K5kNNxoH5Ry+6B28wn0Agfx/7Q2XMxUaorOlTc+HRQJLCaT/sGLGnxId95VEyWdQ
eIKwZO9JhK7MeEcraU/zfe7fxZi9Hs050hA6Z3OzsWupiaf4zx/UhG5D2kQkZxgk
fJjLSW2QXSkXsoiGenbQCJ4iSXoAWMY7vahHK3vIwoztBXrti/isdo2QawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBkg7Z+ityNe4yYZkqPlm5sVXiqAMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvR1NEdG42SzNJMTdqSmhtU28tV2JteFZlS29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAgCQWYcKGiXhUYggf8lz8hxHd
EePIvpjZBR9d98lgEM4NuiEC6ePrGiq99PzCYH8oLG7NDkKl0iyBY4WcTobbHd/a
trhVi1bnPurZ5GCAkGT+XE2vfC5zMN4P+Vc3cN5kaSBuzF9m3gpo999Hom7gVqop
/1tgCvyIGUpEsZfKFD4j3VK5mVmgQEmc9RE4JKwKOn/Rd3u0lflo0uDNyKWDDgCB
6sQsxQPMzhngY2FlLkBZgN08y3JOu9HD9NQpi+VzKQwkxGFQh9bB5T1ps9GAzGEQ
HnS0SQv8Yb3oebequcpiWlGXjs5aBrbksAZeUJaewyvnW5MxxAe0EOABYKJ3LQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:28 2025 by rpki-client