Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SsFI2u0j4vIxNPyc9IrkiOTwFvE.roa
File: SsFI2u0j4vIxNPyc9IrkiOTwFvE.roa (raw, json)
Hash identifier: V8PyxJXZ7raQrEE65AYOHGzso/Da7Z+BM4JlUJuG1K0=
Subject key identifier: 4A:C1:48:DA:ED:23:E2:F2:31:34:FC:9C:F4:8A:E4:88:E4:F0:16:F1
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195C98B1438EE6FB500CAF18686F4EE7DA5
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SsFI2u0j4vIxNPyc9IrkiOTwFvE.roa
Signing time: Mon 24 Mar 2025 19:04:49 +0000
ROA not before: Mon 24 Mar 2025 19:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:c98a:67ba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:8b:14:38:ee:6f:b5:00:ca:f1:86:86:f4:ee:7d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 24 19:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ac148daed23e2f23134fc9cf48ae488e4f016f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:05:1a:90:8c:f2:8a:b2:70:ff:0e:d4:c7:
f8:3d:44:6a:d8:70:22:4e:d3:99:42:80:3f:28:1c:
a1:f5:d4:d3:47:57:b6:36:c6:1b:59:35:75:31:38:
e8:ca:54:d7:4f:e4:b4:ec:5b:21:48:92:06:31:7e:
8b:18:9a:be:e2:14:08:a4:74:c0:d5:4c:b5:12:17:
ca:a0:0d:ed:7c:49:87:f6:a9:02:63:39:e6:91:bf:
31:8d:6c:09:1d:32:bc:8d:f7:8c:d5:3c:95:92:ff:
12:cb:8d:cd:4f:26:90:4a:0f:d7:ef:13:61:7d:c8:
72:0a:20:7a:bd:64:ca:e0:7c:26:fd:c3:1e:32:8e:
9e:f3:4f:b5:8f:d8:49:aa:3e:33:fd:8e:8a:64:d3:
92:18:98:14:55:b8:69:91:95:df:6d:ae:ae:0d:f2:
8c:09:2e:27:0b:17:f6:ba:77:2a:97:ea:f4:7b:50:
c9:2f:5a:f9:20:f5:80:b4:f3:de:5a:36:bd:42:39:
72:df:f2:3d:ae:aa:7c:41:64:66:21:25:43:d3:0d:
00:e6:a2:e1:5b:1d:64:ce:c8:92:08:76:86:b3:5b:
34:89:ac:55:2c:4f:91:98:9b:be:04:50:98:39:4d:
25:bd:31:fc:54:79:39:c3:68:2b:c4:3e:7f:aa:3e:
e2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C1:48:DA:ED:23:E2:F2:31:34:FC:9C:F4:8A:E4:88:E4:F0:16:F1
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SsFI2u0j4vIxNPyc9IrkiOTwFvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:c98a:67ba/128
Signature Algorithm: sha256WithRSAEncryption
69:3f:0c:7e:9c:1d:60:7b:9b:a6:59:78:e7:d2:4f:74:41:36:
79:47:05:9c:88:98:0d:35:ea:9d:ce:11:c9:d8:f9:26:5f:26:
d9:49:ec:fd:7a:fc:37:54:3a:2a:d4:7a:e6:71:4b:10:a4:7a:
5d:6b:e3:fb:31:f1:f6:07:5f:73:41:68:c2:bd:c9:52:16:40:
4d:a2:e3:73:3e:f1:31:cd:27:76:a4:a2:27:26:e0:0d:b4:af:
13:05:da:db:c6:ed:aa:89:7a:44:48:5c:13:1e:49:96:11:b0:
49:cb:3b:9d:24:12:1b:ed:cd:76:38:56:94:81:b8:42:ce:cf:
03:f8:e0:94:c4:df:ff:49:c7:db:41:b1:71:76:a2:77:26:b3:
bf:32:8c:ec:5c:fe:bc:b6:9f:31:5c:ac:68:fb:82:c2:13:84:
70:f3:73:eb:94:7f:75:b6:63:bc:da:6c:ed:38:18:13:c3:62:
41:a6:31:ad:12:e3:13:99:f8:e0:59:cf:87:94:c2:4d:c6:64:
d3:da:9b:f4:86:1c:35:4b:73:83:3e:e5:24:7a:0b:ac:e2:8d:
af:23:45:74:66:0c:3b:83:b9:54:74:a9:07:7d:32:72:8c:b6:
4c:9d:c1:91:eb:75:0b:df:fa:d3:0a:79:b3:1c:bd:eb:10:09:
96:82:00:9e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXJixQ47m+1AMrxhob07n2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI0MTkwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMxNDhkYWVkMjNlMmYyMzEzNGZjOWNmNDhhZTQ4OGU0ZjAxNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTcFGpCM8oqycP8O1Mf4PURq2HAi
TtOZQoA/KByh9dTTR1e2NsYbWTV1MTjoylTXT+S07FshSJIGMX6LGJq+4hQIpHTA
1Uy1EhfKoA3tfEmH9qkCYznmkb8xjWwJHTK8jfeM1TyVkv8Sy43NTyaQSg/X7xNh
fchyCiB6vWTK4Hwm/cMeMo6e80+1j9hJqj4z/Y6KZNOSGJgUVbhpkZXfba6uDfKM
CS4nCxf2uncql+r0e1DJL1r5IPWAtPPeWja9Qjly3/I9rqp8QWRmISVD0w0A5qLh
Wx1kzsiSCHaGs1s0iaxVLE+RmJu+BFCYOU0lvTH8VHk5w2grxD5/qj7iWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFErBSNrtI+LyMTT8nPSK5Ijk8BbxMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvU3NGSTJ1MGo0dkl4TlB5YzlJcmtpT1R3RnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVyYpnujANBgkqhkiG9w0BAQsFAAOCAQEAaT8MfpwdYHubpll459JPdEE2
eUcFnIiYDTXqnc4Rydj5Jl8m2Uns/Xr8N1Q6KtR65nFLEKR6XWvj+zHx9gdfc0Fo
wr3JUhZATaLjcz7xMc0ndqSiJybgDbSvEwXa28btqol6REhcEx5JlhGwScs7nSQS
G+3NdjhWlIG4Qs7PA/jglMTf/0nH20GxcXaidyazvzKM7Fz+vLafMVysaPuCwhOE
cPNz65R/dbZjvNps7TgYE8NiQaYxrRLjE5n44FnPh5TCTcZk09qb9IYcNUtzgz7l
JHoLrOKNryNFdGYMO4O5VHSpB30ycoy2TJ3Bket1C9/60wp5sxy96xAJloIAng==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:47:49 2025 by rpki-client