Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_NKGaPXiFP5IchDgRT-xX4vd618.roa
File: _NKGaPXiFP5IchDgRT-xX4vd618.roa (raw, json)
Hash identifier: wAoPRUiz37ijH40QIfkbN3XaAcelyHgr8CCPtA9FGpc=
Subject key identifier: FC:D2:86:68:F5:E2:14:FE:48:72:10:E0:45:3F:B1:5F:8B:DD:EB:5F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FECC3291C68FF2701CAC89429880DD47
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_NKGaPXiFP5IchDgRT-xX4vd618.roa
Signing time: Fri 04 Apr 2025 03:15:49 +0000
ROA not before: Fri 04 Apr 2025 03:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fe:cc:32:91:c6:8f:f2:70:1c:ac:89:42:98:80:dd:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 4 03:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcd28668f5e214fe487210e0453fb15f8bddeb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:45:ad:ce:06:9a:b4:73:69:50:59:6c:09:aa:
a1:15:eb:7c:f3:a4:d3:29:31:75:23:49:3c:46:19:
6a:c6:79:d3:ad:5d:25:c3:ad:4c:3d:1c:ae:83:b4:
4d:73:61:c8:e4:f2:6c:1a:06:01:cd:5e:8c:f8:89:
fe:d1:57:84:71:af:44:bb:2a:3e:ab:1f:86:06:3f:
e1:36:a7:ab:d6:3a:92:74:9f:15:b8:9a:19:1e:1d:
fe:44:54:7b:e6:4e:d8:c2:cb:f7:3e:1a:9d:08:7e:
3f:01:34:72:e5:d9:e4:99:61:7c:07:50:b3:e8:91:
eb:54:6e:6a:81:34:e7:71:a3:4f:88:d1:53:00:a5:
a1:ed:02:0a:30:35:ee:3d:b6:5d:2a:b5:aa:1d:5b:
ff:e5:45:c7:de:e5:e0:90:de:03:a8:16:5c:63:41:
f3:cf:cb:72:f4:05:eb:6a:1c:a5:5d:a2:ac:d5:ff:
f7:75:c7:de:bc:82:55:c9:98:ce:82:b7:a8:f2:05:
c5:6a:4c:ca:7b:e7:40:88:7d:62:08:e3:b8:a8:8e:
14:69:2d:b4:8c:f3:54:51:b4:4e:f3:2e:8e:14:e6:
ae:79:08:7c:fa:5d:d3:bc:86:06:45:ce:bd:03:62:
f0:bf:60:b4:90:41:37:06:d8:0b:53:3e:69:10:71:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D2:86:68:F5:E2:14:FE:48:72:10:E0:45:3F:B1:5F:8B:DD:EB:5F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_NKGaPXiFP5IchDgRT-xX4vd618.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
65:22:15:64:82:cb:f7:d7:c6:f7:68:46:e5:49:3c:08:93:a7:
16:20:ec:aa:0f:81:f5:c6:8f:5d:82:46:9d:ee:36:3c:df:02:
34:c9:c2:7d:58:ab:94:e6:25:f5:49:db:9e:f7:f9:ed:94:dd:
e9:05:99:53:17:cb:f9:1a:18:1a:ca:3b:8e:3e:4b:3a:24:38:
e9:bc:3d:6f:3a:4e:a2:28:dd:74:4a:e8:be:44:41:d9:ab:dd:
5c:16:a3:9d:70:0e:90:f4:0c:f1:f0:07:16:8e:63:ad:40:ba:
8f:8c:c7:bf:92:cd:18:6a:17:ca:c0:8c:ac:ef:20:4e:ae:7c:
a8:ab:8f:e9:51:ee:16:0c:67:17:01:a2:94:3d:5a:31:06:3d:
b9:43:a1:a6:c5:83:dd:99:8c:0a:2e:91:4d:38:b4:5e:95:20:
17:67:36:7d:38:06:30:4e:60:f0:26:4b:d3:32:55:c6:b2:56:
d1:01:c6:fc:f4:73:91:aa:fd:1d:c2:70:8f:a4:09:58:51:84:
36:f0:b7:52:7e:16:71:84:78:40:be:2f:e5:16:01:53:bb:11:
b4:3b:74:39:93:33:85:0c:3d:2a:1f:e0:8d:d6:c3:83:5c:f7:
bb:52:b5:80:32:86:55:14:ba:f2:8d:1b:a0:0b:ee:9a:c2:c2:
0e:27:57:fc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX+zDKRxo/ycBysiUKYgN1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDA0MDMxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2QyODY2OGY1ZTIxNGZlNDg3MjEwZTA0NTNmYjE1ZjhiZGRlYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20WtzgaatHNpUFlsCaqhFet886TT
KTF1I0k8RhlqxnnTrV0lw61MPRyug7RNc2HI5PJsGgYBzV6M+In+0VeEca9Euyo+
qx+GBj/hNqer1jqSdJ8VuJoZHh3+RFR75k7Ywsv3PhqdCH4/ATRy5dnkmWF8B1Cz
6JHrVG5qgTTncaNPiNFTAKWh7QIKMDXuPbZdKrWqHVv/5UXH3uXgkN4DqBZcY0Hz
z8ty9AXrahylXaKs1f/3dcfevIJVyZjOgreo8gXFakzKe+dAiH1iCOO4qI4UaS20
jPNUUbRO8y6OFOaueQh8+l3TvIYGRc69A2Lwv2C0kEE3BtgLUz5pEHFurwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPzShmj14hT+SHIQ4EU/sV+L3etfMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvX05LR2FQWGlGUDVJY2hEZ1JULXhYNHZkNjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAZSIVZILL99fG92hG5Uk8CJOn
FiDsqg+B9caPXYJGne42PN8CNMnCfVirlOYl9Unbnvf57ZTd6QWZUxfL+RoYGso7
jj5LOiQ46bw9bzpOoijddErovkRB2avdXBajnXAOkPQM8fAHFo5jrUC6j4zHv5LN
GGoXysCMrO8gTq58qKuP6VHuFgxnFwGilD1aMQY9uUOhpsWD3ZmMCi6RTTi0XpUg
F2c2fTgGME5g8CZL0zJVxrJW0QHG/PRzkar9HcJwj6QJWFGENvC3Un4WcYR4QL4v
5RYBU7sRtDt0OZMzhQw9Kh/gjdbDg1z3u1K1gDKGVRS68o0boAvumsLCDidX/A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:02:11 2025 by rpki-client