Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_j2yl7L1I6c8xClk5ohXO4BZosw.roa
File: _j2yl7L1I6c8xClk5ohXO4BZosw.roa (raw, json)
Hash identifier: NWsfJzP4ckX7GCZ5zVGD7qw9kjmmqJ7qaaWw3jD0fPY=
Subject key identifier: FE:3D:B2:97:B2:F5:23:A7:3C:C4:29:64:E6:88:57:3B:80:59:A2:CC
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DF4053BC230F3D069236481C1BAFB44F
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_j2yl7L1I6c8xClk5ohXO4BZosw.roa
Signing time: Sat 29 Mar 2025 00:14:49 +0000
ROA not before: Sat 29 Mar 2025 00:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:40:53:bc:23:0f:3d:06:92:36:48:1c:1b:af:b4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 00:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe3db297b2f523a73cc42964e688573b8059a2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ff:01:46:75:34:ac:e5:b9:73:35:93:19:e0:
c9:f1:7a:18:b1:c4:e0:91:43:3d:2a:16:88:5d:c4:
7d:7a:50:36:58:9c:85:a8:cb:ad:8e:0c:f1:ea:e6:
cb:42:56:44:b3:2d:25:25:02:f0:74:ee:51:cf:85:
b1:0d:9e:f3:1b:4f:a1:ff:a2:90:5c:52:f9:2c:b8:
de:ab:2e:eb:5d:d4:ba:07:14:0b:fe:0b:e8:c2:10:
24:56:47:5f:a8:b2:4c:37:c8:46:fb:b8:e0:e3:85:
e3:09:d5:cd:63:d0:b5:7c:31:5a:89:e3:c8:2c:6b:
a6:8f:cc:ba:69:44:dd:77:aa:d5:5b:06:ac:22:7a:
03:b7:7e:23:f7:ca:a8:92:0c:52:a9:b9:6c:b5:87:
29:a7:2f:50:06:41:21:0b:83:b8:a4:d7:58:b2:4d:
c2:27:7e:76:64:c3:eb:d4:88:dc:d1:7b:48:0e:03:
eb:23:ba:1a:2f:59:46:3f:87:dc:1d:49:bd:89:77:
de:c9:75:3f:65:2d:91:7a:52:91:5f:67:8e:cf:81:
fa:21:d0:b7:3e:e7:1d:38:eb:b8:73:45:f7:59:0f:
76:4f:f3:4c:5f:44:64:b6:1a:38:e6:ab:e9:2e:6d:
4e:dd:ef:83:d6:9f:ae:6b:32:c8:b0:b0:74:52:3e:
95:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:3D:B2:97:B2:F5:23:A7:3C:C4:29:64:E6:88:57:3B:80:59:A2:CC
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/_j2yl7L1I6c8xClk5ohXO4BZosw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
2b:8c:7a:87:2a:a6:58:5e:f9:a8:60:1d:e8:9d:d4:4a:65:64:
d7:fc:33:ce:56:7d:e1:66:df:78:25:9c:9a:52:46:44:d9:bc:
99:47:79:63:18:36:f0:33:ed:ee:6e:b4:75:70:69:91:9a:7b:
ae:fa:52:54:76:2c:40:77:86:fe:8f:70:d8:a3:c3:c2:22:d0:
4a:f6:dd:7e:01:5a:f7:9d:77:b0:4d:b1:f5:99:d9:34:ff:92:
06:19:21:14:2f:8d:0a:49:a4:e2:99:cc:6c:af:bb:c0:b5:b9:
e6:9d:e1:77:fd:e0:aa:d1:f8:c9:f2:c4:e5:ab:2b:c8:c9:11:
80:de:9a:ce:5d:a8:cd:55:a0:a4:61:d5:63:c7:5e:b4:04:d7:
9a:3e:7b:41:ae:71:e7:07:44:a1:df:ef:6e:db:17:87:08:be:
d7:9d:7b:04:e2:9f:98:f8:c7:88:aa:cd:78:5e:01:37:db:e2:
a6:40:16:cb:75:0b:bf:0c:a9:08:3b:16:33:8a:d4:09:c0:d7:
85:ab:58:8f:16:70:3b:bf:ed:24:70:eb:50:af:50:40:86:66:
ed:ec:93:35:c7:68:03:cd:db:3b:9c:20:11:83:ce:ae:14:03:
0e:25:41:a7:34:d6:c0:37:a5:56:73:92:ed:62:3f:26:57:45:
06:36:e5:be
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXfQFO8Iw89BpI2SBwbr7RPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MDAxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTNkYjI5N2IyZjUyM2E3M2NjNDI5NjRlNjg4NTczYjgwNTlhMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6P8BRnU0rOW5czWTGeDJ8XoYscTg
kUM9KhaIXcR9elA2WJyFqMutjgzx6ubLQlZEsy0lJQLwdO5Rz4WxDZ7zG0+h/6KQ
XFL5LLjeqy7rXdS6BxQL/gvowhAkVkdfqLJMN8hG+7jg44XjCdXNY9C1fDFaiePI
LGumj8y6aUTdd6rVWwasInoDt34j98qokgxSqblstYcppy9QBkEhC4O4pNdYsk3C
J352ZMPr1Ijc0XtIDgPrI7oaL1lGP4fcHUm9iXfeyXU/ZS2RelKRX2eOz4H6IdC3
PucdOOu4c0X3WQ92T/NMX0Rktho45qvpLm1O3e+D1p+uazLIsLB0Uj6VzQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFP49spey9SOnPMQpZOaIVzuAWaLMMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvX2oyeWw3TDFJNmM4eENsazVvaFhPNEJab3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAK4x6hyqmWF75qGAd6J3USmVk
1/wzzlZ94WbfeCWcmlJGRNm8mUd5Yxg28DPt7m60dXBpkZp7rvpSVHYsQHeG/o9w
2KPDwiLQSvbdfgFa9513sE2x9ZnZNP+SBhkhFC+NCkmk4pnMbK+7wLW55p3hd/3g
qtH4yfLE5asryMkRgN6azl2ozVWgpGHVY8detATXmj57Qa5x5wdEod/vbtsXhwi+
1517BOKfmPjHiKrNeF4BN9vipkAWy3ULvwypCDsWM4rUCcDXhatYjxZwO7/tJHDr
UK9QQIZm7eyTNcdoA83bO5wgEYPOrhQDDiVBpzTWwDelVnOS7WI/JldFBjblvg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 13:57:15 2025 by rpki-client