Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/WhtxAYrawjrWPciv8MUMLDN1tO0.roa
File: WhtxAYrawjrWPciv8MUMLDN1tO0.roa (raw, json)
Hash identifier: FWHiAcJMGZiKj/7QZ4eCldwAk4pf4NUSioxWWTpVSa4=
Subject key identifier: 5A:1B:71:01:8A:DA:C2:3A:D6:3D:C8:AF:F0:C5:0C:2C:33:75:B4:ED
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E84549FAE32E1386B44D61A29BFE851C
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/WhtxAYrawjrWPciv8MUMLDN1tO0.roa
Signing time: Sun 30 Mar 2025 18:16:49 +0000
ROA not before: Sun 30 Mar 2025 18:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:45:49:fa:e3:2e:13:86:b4:4d:61:a2:9b:fe:85:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 30 18:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a1b71018adac23ad63dc8aff0c50c2c3375b4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ac:ba:9e:e9:5f:91:5c:50:0f:eb:05:06:8c:
7c:69:94:1c:41:ae:db:63:36:ed:d5:b4:f8:fa:2e:
59:fb:df:9e:2b:1a:e5:b4:bc:d7:01:08:94:c6:db:
8a:ac:2c:23:6c:e8:cf:98:f3:d2:3d:0b:86:13:f9:
99:63:e1:07:1a:a6:d8:80:f0:ad:ea:e9:4d:8d:d1:
2f:dd:fd:e2:fa:06:2f:7d:2e:ab:64:47:c7:ad:8e:
df:bf:a4:bc:0a:e3:a1:e6:91:56:dd:89:c2:d3:dc:
f1:47:cf:a7:c8:3e:6c:fd:25:e8:02:ca:61:07:d3:
99:eb:40:91:ce:f2:a1:5c:87:6f:01:e8:a3:3e:23:
4c:5c:43:11:17:0f:e9:a1:6d:b4:68:47:86:f9:91:
3f:50:0a:c0:0a:89:7c:0c:46:ef:63:f3:ca:b3:4d:
b9:d7:43:42:e1:97:39:5a:7f:1a:6a:bf:b4:9c:65:
8d:9a:cd:cd:dc:97:82:7a:c6:85:c5:1a:62:f7:e7:
81:46:5f:81:ab:29:cc:d1:ca:84:db:58:f7:1f:4c:
b4:d3:f1:c4:b6:33:cd:dd:a4:76:f5:1f:1c:78:69:
8a:cd:05:b8:ea:e1:6d:f5:7a:36:6d:35:43:c9:c0:
cd:39:8f:6c:77:5b:98:d0:11:50:e7:9b:06:fd:e5:
35:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1B:71:01:8A:DA:C2:3A:D6:3D:C8:AF:F0:C5:0C:2C:33:75:B4:ED
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/WhtxAYrawjrWPciv8MUMLDN1tO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
23:5c:3f:00:3d:9d:89:f8:d0:ab:68:ff:34:d5:51:2b:61:31:
7d:0a:b9:84:a8:d4:43:6f:c1:8a:ce:e0:ad:48:58:22:c4:de:
32:7a:0a:54:ee:bb:bb:df:a1:03:a9:84:34:24:72:f1:22:f4:
ee:31:eb:9e:07:f7:99:84:60:58:89:e0:65:ad:5e:cf:e4:8b:
79:39:e7:d2:8f:5d:95:ee:93:78:7e:b3:71:29:07:7e:d8:8f:
df:f4:bc:29:4f:17:a9:8e:d9:f7:81:24:aa:97:a1:9e:e3:c0:
a3:4d:6e:41:3e:51:99:71:9e:c1:b1:ba:f6:32:23:63:2b:1b:
6c:e4:85:cb:68:78:48:2c:94:f2:4c:e8:5a:2a:09:11:e1:74:
48:24:3a:e0:f5:69:0f:d9:4a:d9:df:16:6d:d1:bb:90:6e:0e:
f8:5a:59:c9:fb:9a:51:de:20:c6:90:aa:2b:bc:8d:ac:35:59:
4b:03:3e:4d:90:20:24:94:dc:d0:d1:10:12:df:93:62:a6:f7:
9b:13:fd:c5:13:26:98:9f:31:06:cd:0e:93:88:f5:b5:fd:9d:
1a:c1:92:86:30:c0:88:46:ab:df:cb:a9:65:82:45:16:32:de:
27:82:37:17:53:2f:3d:39:b4:6d:31:88:c8:ef:e3:1e:c7:75:
63:bb:08:bf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXoRUn64y4ThrRNYaKb/oUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMwMTgxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFiNzEwMThhZGFjMjNhZDYzZGM4YWZmMGM1MGMyYzMzNzViNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqy6nulfkVxQD+sFBox8aZQcQa7b
Yzbt1bT4+i5Z+9+eKxrltLzXAQiUxtuKrCwjbOjPmPPSPQuGE/mZY+EHGqbYgPCt
6ulNjdEv3f3i+gYvfS6rZEfHrY7fv6S8CuOh5pFW3YnC09zxR8+nyD5s/SXoAsph
B9OZ60CRzvKhXIdvAeijPiNMXEMRFw/poW20aEeG+ZE/UArACol8DEbvY/PKs025
10NC4Zc5Wn8aar+0nGWNms3N3JeCesaFxRpi9+eBRl+BqynM0cqE21j3H0y00/HE
tjPN3aR29R8ceGmKzQW46uFt9Xo2bTVDycDNOY9sd1uY0BFQ55sG/eU1IQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFobcQGK2sI61j3Ir/DFDCwzdbTtMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvV2h0eEFZcmF3anJXUGNpdjhNVU1MRE4xdE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAI1w/AD2difjQq2j/NNVRK2Ex
fQq5hKjUQ2/Bis7grUhYIsTeMnoKVO67u9+hA6mENCRy8SL07jHrngf3mYRgWIng
Za1ez+SLeTnn0o9dle6TeH6zcSkHftiP3/S8KU8XqY7Z94EkqpehnuPAo01uQT5R
mXGewbG69jIjYysbbOSFy2h4SCyU8kzoWioJEeF0SCQ64PVpD9lK2d8WbdG7kG4O
+FpZyfuaUd4gxpCqK7yNrDVZSwM+TZAgJJTc0NEQEt+TYqb3mxP9xRMmmJ8xBs0O
k4j1tf2dGsGShjDAiEar38upZYJFFjLeJ4I3F1MvPTm0bTGIyO/jHsd1Y7sIvw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:07 2025 by rpki-client