Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/JRhp07gAyDwd6sABkzmu7N3UQwo.roa
File: JRhp07gAyDwd6sABkzmu7N3UQwo.roa (raw, json)
Hash identifier: 2iqKCBGqADsk5sksPltno1PmXCzutjrHA6bfQAFEako=
Subject key identifier: 25:18:69:D3:B8:00:C8:3C:1D:EA:C0:01:93:39:AE:EC:DD:D4:43:0A
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195B3034111371F0BEAD4AE20DB4391BCAD
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/JRhp07gAyDwd6sABkzmu7N3UQwo.roa
Signing time: Thu 20 Mar 2025 10:04:49 +0000
ROA not before: Thu 20 Mar 2025 10:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:b302:e0d3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:03:41:11:37:1f:0b:ea:d4:ae:20:db:43:91:bc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 20 10:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=251869d3b800c83c1deac0019339aeecddd4430a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:d1:8b:83:49:c1:86:04:fc:dd:19:db:f2:
fe:80:73:48:1e:ee:2d:8e:c9:28:f8:d0:ab:73:53:
6c:f1:80:e0:b7:ab:45:c2:50:75:2a:06:f2:1f:e1:
39:67:8e:8d:1d:63:6b:5a:f8:39:31:fd:d3:56:aa:
5b:85:b3:90:90:f9:42:c8:b0:5c:a2:e0:f6:13:3f:
c2:1f:52:94:2e:b3:41:ba:5c:53:84:87:9f:b0:6a:
d6:a1:38:bd:98:a0:7e:58:30:f1:a4:84:98:d9:50:
b4:e7:58:d0:36:53:9a:11:d2:58:57:cc:65:2f:c1:
34:b1:a8:ae:10:24:74:65:ca:d2:00:72:23:3a:13:
22:e5:c7:a3:a7:46:57:08:95:85:bd:94:5d:50:a1:
00:83:e6:c9:94:9e:db:c4:c7:b0:cf:a6:d5:0b:f4:
dd:9b:d1:46:25:72:6c:c8:be:85:80:a6:e1:49:0e:
53:60:e3:3c:a3:c2:98:51:ae:0b:dc:da:c2:86:6d:
11:da:a7:2d:3d:4e:b5:4a:6b:21:5d:77:eb:dd:93:
2a:23:75:bc:ad:0a:92:d0:34:2f:cd:2f:b2:ee:c6:
20:9f:e7:2f:e9:00:0d:7e:de:1a:c2:3c:a4:c9:bf:
44:b5:15:87:e3:e0:73:06:e6:ee:0e:6b:c5:46:1e:
00:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:18:69:D3:B8:00:C8:3C:1D:EA:C0:01:93:39:AE:EC:DD:D4:43:0A
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/JRhp07gAyDwd6sABkzmu7N3UQwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:b302:e0d3/128
Signature Algorithm: sha256WithRSAEncryption
54:c9:1d:68:30:0c:c7:cb:e3:28:b9:9a:81:db:18:5d:af:69:
7e:ed:74:5b:56:30:81:ed:b5:15:95:f6:22:26:d4:68:17:cb:
c4:2a:2a:87:6f:e0:ec:7b:e0:61:9a:78:56:eb:a3:96:04:1d:
99:a5:1b:65:96:bc:a9:be:24:69:b4:6a:93:74:44:b6:d4:8a:
42:b3:79:60:24:82:8d:9b:b7:69:4a:cf:de:ff:2d:2f:09:c0:
83:28:79:c6:f7:e1:3f:e3:46:6a:ae:62:4f:bb:1a:d1:e6:83:
34:c7:22:16:d6:1e:2d:98:65:a5:40:f6:bf:a9:0c:6b:26:84:
45:e4:0b:d4:5e:de:84:6f:ad:40:19:0a:ea:8d:23:9d:63:85:
a4:e8:be:a2:d3:4d:5d:1b:9a:d2:e4:e2:08:5f:67:b2:a8:69:
04:b1:f4:16:70:46:8d:26:1e:7b:8a:ec:7e:aa:2c:95:e4:ce:
42:d0:bd:6e:8c:4e:04:a5:24:37:fa:0d:59:49:e4:51:84:54:
b8:6f:74:41:b1:a4:99:79:3a:a4:33:04:9e:bb:7c:5e:e0:ed:
51:2b:ab:fb:ba:f9:57:77:8c:f6:6d:a3:bf:6d:12:24:2c:e9:
a0:c7:4c:ff:79:a0:cc:94:fa:ee:9c:97:87:31:7e:d6:fb:8c:
6f:34:2f:19
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWzA0ERNx8L6tSuINtDkbytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzIwMTAwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE4NjlkM2I4MDBjODNjMWRlYWMwMDE5MzM5YWVlY2RkZDQ0MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFDRi4NJwYYE/N0Z2/L+gHNIHu4t
jsko+NCrc1Ns8YDgt6tFwlB1KgbyH+E5Z46NHWNrWvg5Mf3TVqpbhbOQkPlCyLBc
ouD2Ez/CH1KULrNBulxThIefsGrWoTi9mKB+WDDxpISY2VC051jQNlOaEdJYV8xl
L8E0saiuECR0ZcrSAHIjOhMi5cejp0ZXCJWFvZRdUKEAg+bJlJ7bxMewz6bVC/Td
m9FGJXJsyL6FgKbhSQ5TYOM8o8KYUa4L3NrChm0R2qctPU61SmshXXfr3ZMqI3W8
rQqS0DQvzS+y7sYgn+cv6QANft4awjykyb9EtRWH4+BzBubuDmvFRh4AyQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCUYadO4AMg8HerAAZM5ruzd1EMKMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvSlJocDA3Z0F5RHdkNnNBQmt6bXU3TjNVUXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVswLg0zANBgkqhkiG9w0BAQsFAAOCAQEAVMkdaDAMx8vjKLmagdsYXa9p
fu10W1Ywge21FZX2IibUaBfLxCoqh2/g7HvgYZp4VuujlgQdmaUbZZa8qb4kabRq
k3REttSKQrN5YCSCjZu3aUrP3v8tLwnAgyh5xvfhP+NGaq5iT7sa0eaDNMciFtYe
LZhlpUD2v6kMayaEReQL1F7ehG+tQBkK6o0jnWOFpOi+otNNXRua0uTiCF9nsqhp
BLH0FnBGjSYee4rsfqosleTOQtC9boxOBKUkN/oNWUnkUYRUuG90QbGkmXk6pDME
nrt8XuDtUSur+7r5V3eM9m2jv20SJCzpoMdM/3mgzJT67pyXhzF+1vuMbzQvGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:59:41 2025 by rpki-client