Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/QTvL9XtcYiTz4WU9xVX-RNt1cnQ.roa
File: QTvL9XtcYiTz4WU9xVX-RNt1cnQ.roa (raw, json)
Hash identifier: HALOBLJFxWY2JXjJxSeV3QHgD1v6/K76PJaID/c6ouw=
Subject key identifier: 41:3B:CB:F5:7B:5C:62:24:F3:E1:65:3D:C5:55:FE:44:DB:75:72:74
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E6F9DD997B0DB4BCF524E51D67C5E2F2
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/QTvL9XtcYiTz4WU9xVX-RNt1cnQ.roa
Signing time: Sun 30 Mar 2025 12:14:49 +0000
ROA not before: Sun 30 Mar 2025 12:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e6:f9:dd:99:7b:0d:b4:bc:f5:24:e5:1d:67:c5:e2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 30 12:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=413bcbf57b5c6224f3e1653dc555fe44db757274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:c7:01:be:c2:bc:da:b6:db:18:cf:02:ef:
f8:1e:cd:6c:32:b5:83:fc:20:e1:85:19:1a:51:c2:
18:82:78:6b:df:bd:31:41:89:01:7c:c2:c5:a9:2c:
d2:ca:8a:7c:14:5c:0d:75:f3:ac:a0:df:34:f9:00:
a9:d4:be:30:99:1e:8d:b1:92:02:5d:ad:fe:86:1d:
11:13:d5:40:d0:92:9e:f3:03:fa:9a:70:ee:6f:4d:
dd:a9:dd:88:f4:79:d6:48:64:1a:0a:fb:7e:6c:43:
a3:ee:d9:21:27:a9:e8:9f:eb:6b:40:75:29:28:19:
c7:12:dd:90:dd:80:54:44:40:eb:d7:8e:46:1f:21:
01:50:ad:fb:2f:bf:83:63:a7:32:9d:32:56:7e:a6:
81:96:78:e5:0a:ac:3c:01:eb:ab:19:3d:3c:c7:39:
44:bb:2a:4c:fe:01:6d:73:9c:4e:21:e0:20:4d:eb:
9a:bf:06:9e:c4:53:30:df:6b:e0:ee:64:d3:be:d9:
e2:5a:5b:bb:b3:0a:a0:bb:7d:ba:48:e1:1a:7a:53:
d8:bd:cb:08:9b:22:80:45:d0:0e:0b:ad:3d:b5:f0:
87:fd:1a:25:9f:2e:4a:fe:9b:c5:1d:1e:8f:d3:7c:
b9:34:09:5a:b0:5c:4d:ce:a2:1c:06:9b:d2:7d:20:
55:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3B:CB:F5:7B:5C:62:24:F3:E1:65:3D:C5:55:FE:44:DB:75:72:74
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/QTvL9XtcYiTz4WU9xVX-RNt1cnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
11:bd:d6:09:79:69:fb:e9:2c:6a:24:1a:45:d5:4d:c6:93:a0:
29:65:b3:1a:ee:19:9b:2c:88:1d:b7:70:6c:57:3b:b4:1b:44:
1e:2d:42:1d:16:53:3e:ff:46:bd:d2:8c:64:d2:b6:34:62:9c:
ef:bd:44:68:f2:2a:98:b7:c1:70:0f:32:79:c1:ec:6f:60:ed:
0d:95:88:b7:d6:cc:b0:2d:4e:6e:50:9d:2d:99:ed:f7:0e:d7:
81:b0:75:97:64:ba:91:85:c6:a2:0d:5e:a4:5e:99:83:9c:eb:
69:7e:2e:89:02:09:d2:7d:65:e9:39:55:65:ea:60:9a:8b:22:
9f:75:f0:79:fc:70:76:77:8d:a5:68:99:60:1f:0e:b4:c7:c6:
bc:64:45:ea:9c:ae:64:36:88:54:39:2b:f1:1b:1f:ea:0e:24:
a3:35:ce:c1:d8:8e:af:19:f6:fc:0c:71:b9:a8:fd:ad:f3:cf:
df:fb:0b:c9:bc:a3:0a:f4:73:52:b4:7c:a4:94:d5:4a:e9:a3:
6c:a6:af:e4:0d:be:82:17:ee:b2:f7:2b:77:c8:74:db:2d:03:
b4:d1:c7:a1:5c:a8:b6:61:b4:6e:97:4d:92:31:ef:24:77:78:
85:16:e8:e9:28:8e:ec:f3:35:ab:07:19:5a:27:18:ca:03:9f:
0d:dc:09:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXm+d2Zew20vPUk5R1nxeLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMwMTIxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNiY2JmNTdiNWM2MjI0ZjNlMTY1M2RjNTU1ZmU0NGRiNzU3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufTHAb7CvNq22xjPAu/4Hs1sMrWD
/CDhhRkaUcIYgnhr370xQYkBfMLFqSzSyop8FFwNdfOsoN80+QCp1L4wmR6NsZIC
Xa3+hh0RE9VA0JKe8wP6mnDub03dqd2I9HnWSGQaCvt+bEOj7tkhJ6non+trQHUp
KBnHEt2Q3YBUREDr145GHyEBUK37L7+DY6cynTJWfqaBlnjlCqw8AeurGT08xzlE
uypM/gFtc5xOIeAgTeuavwaexFMw32vg7mTTvtniWlu7swqgu326SOEaelPYvcsI
myKARdAOC609tfCH/Rolny5K/pvFHR6P03y5NAlasFxNzqIcBpvSfSBVTwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEE7y/V7XGIk8+FlPcVV/kTbdXJ0MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvUVR2TDlYdGNZaVR6NFdVOXhWWC1STnQxY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAEb3WCXlp++ksaiQaRdVNxpOg
KWWzGu4ZmyyIHbdwbFc7tBtEHi1CHRZTPv9GvdKMZNK2NGKc771EaPIqmLfBcA8y
ecHsb2DtDZWIt9bMsC1OblCdLZnt9w7XgbB1l2S6kYXGog1epF6Zg5zraX4uiQIJ
0n1l6TlVZepgmosin3XwefxwdneNpWiZYB8OtMfGvGRF6pyuZDaIVDkr8Rsf6g4k
ozXOwdiOrxn2/Axxuaj9rfPP3/sLybyjCvRzUrR8pJTVSumjbKav5A2+ghfusvcr
d8h02y0DtNHHoVyotmG0bpdNkjHvJHd4hRbo6SiO7PM1qwcZWicYygOfDdwJZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:16:03 2025 by rpki-client