Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/acmr2y18f68L_DTpydKOsuiMLEE.roa
File: acmr2y18f68L_DTpydKOsuiMLEE.roa (raw, json)
Hash identifier: XHaBT4IpqVq00cq4TfonO8lfeo0mPcU88r1lWqulkX8=
Subject key identifier: 69:C9:AB:DB:2D:7C:7F:AF:0B:FC:34:E9:C9:D2:8E:B2:E8:8C:2C:41
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DD48C9A03ED778D096655935A3246308
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/acmr2y18f68L_DTpydKOsuiMLEE.roa
Signing time: Fri 28 Mar 2025 15:04:49 +0000
ROA not before: Fri 28 Mar 2025 15:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
2001:67c:64:ffff:0:195:dd48:e5a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:48:c9:a0:3e:d7:78:d0:96:65:59:35:a3:24:63:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 15:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c9abdb2d7c7faf0bfc34e9c9d28eb2e88c2c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:8e:8e:fc:94:f7:94:33:3a:71:3a:a2:8b:
1a:39:78:b6:bc:5a:f4:08:84:a3:e0:23:7c:85:f7:
fc:05:f0:92:6e:3c:64:d7:3e:eb:03:67:05:4e:ff:
ad:b5:ee:03:e4:a6:a5:31:b7:9c:de:5a:87:3f:3f:
87:e6:db:23:20:1f:14:f0:d7:1a:e3:6f:86:ef:2c:
cc:a8:0b:30:a5:28:82:37:e5:92:97:4e:0d:54:f9:
27:09:1c:0c:79:29:45:96:fe:84:b3:f8:18:4d:84:
c5:f3:21:56:98:5f:9e:6e:0c:a6:8e:f2:86:fd:a0:
1a:61:03:0b:2a:d5:30:43:d0:db:d6:23:e6:8b:a2:
b8:27:11:25:85:d1:fd:fa:2b:fa:bd:78:9d:fe:1b:
c4:bd:87:f7:8b:c4:b1:2e:62:2e:f6:43:b0:8d:2c:
a5:10:c8:8d:2d:eb:60:39:a2:fd:4f:56:60:c8:03:
f9:dd:c1:1d:fd:77:39:41:aa:13:53:0e:15:b8:f1:
ad:99:98:69:cd:90:8d:24:22:49:67:78:c6:12:df:
73:e4:69:38:99:ce:1a:97:48:49:97:65:4a:81:9e:
5a:06:b5:70:2e:cd:23:0c:13:13:38:5e:88:98:00:
5f:e8:d1:92:56:6e:15:e1:ad:c1:6d:db:c1:37:27:
9b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C9:AB:DB:2D:7C:7F:AF:0B:FC:34:E9:C9:D2:8E:B2:E8:8C:2C:41
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/acmr2y18f68L_DTpydKOsuiMLEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
2001:67c:64:ffff:0:195:dd48:e5a/128
Signature Algorithm: sha256WithRSAEncryption
6a:16:b2:57:72:f1:0d:20:cb:8d:dd:99:b2:11:2c:53:ee:c4:
89:da:d1:b8:75:ad:38:c5:d4:2d:dd:4b:1e:73:cb:e6:d3:ae:
a4:8c:8a:d0:de:0f:5a:26:d9:3f:c3:2b:82:89:0a:47:48:6a:
3e:83:7c:91:b8:72:e1:86:2e:d3:bf:3a:bc:7c:16:69:61:e2:
29:92:cf:b3:47:cc:dd:a7:32:25:07:82:eb:b5:12:b3:74:66:
9d:9f:52:7c:7a:e4:42:96:63:6b:16:75:14:77:be:28:7f:f0:
ba:da:e5:b6:60:7c:df:f1:c3:c5:8b:28:b6:5c:ce:01:16:f2:
d1:0f:4b:4e:8c:24:e9:e7:8e:01:c1:9a:a3:21:e7:46:32:2e:
93:fd:3a:7b:d4:f6:7e:d2:5f:e0:e5:96:53:ed:c0:27:63:43:
5c:3f:ef:cb:10:49:63:16:35:e1:e2:af:94:11:77:a5:3e:1d:
0d:e9:ad:6f:0f:38:91:ad:84:35:62:ca:b3:76:ee:fb:b6:f7:
db:0d:17:83:8f:31:12:ce:d0:1a:42:77:3b:5c:66:81:03:b6:
e9:3e:f4:96:6e:06:c4:d0:e6:c1:9d:66:db:77:d2:42:f3:1a:
3e:66:5b:c2:66:fd:40:df:a1:fe:3d:ae:d1:02:31:7d:7a:ba:
b2:5d:8c:4a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZXdSMmgPtd40JZlWTWjJGMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MTUwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM5YWJkYjJkN2M3ZmFmMGJmYzM0ZTljOWQyOGViMmU4OGMyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwCOjvyU95QzOnE6oosaOXi2vFr0
CISj4CN8hff8BfCSbjxk1z7rA2cFTv+tte4D5KalMbec3lqHPz+H5tsjIB8U8Nca
42+G7yzMqAswpSiCN+WSl04NVPknCRwMeSlFlv6Es/gYTYTF8yFWmF+ebgymjvKG
/aAaYQMLKtUwQ9Db1iPmi6K4JxElhdH9+iv6vXid/hvEvYf3i8SxLmIu9kOwjSyl
EMiNLetgOaL9T1ZgyAP53cEd/Xc5QaoTUw4VuPGtmZhpzZCNJCJJZ3jGEt9z5Gk4
mc4al0hJl2VKgZ5aBrVwLs0jDBMTOF6ImABf6NGSVm4V4a3BbdvBNyebsQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGnJq9stfH+vC/w06cnSjrLojCxBMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvYWNtcjJ5MThmNjhMX0RUcHlkS09zdWlNTEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGV3GzZ3wMRACABBnwAZP//AAABld1IDlowDQYJKoZIhvcNAQELBQADggEB
AGoWsldy8Q0gy43dmbIRLFPuxIna0bh1rTjF1C3dSx5zy+bTrqSMitDeD1om2T/D
K4KJCkdIaj6DfJG4cuGGLtO/Orx8Fmlh4imSz7NHzN2nMiUHguu1ErN0Zp2fUnx6
5EKWY2sWdRR3vih/8Lra5bZgfN/xw8WLKLZczgEW8tEPS06MJOnnjgHBmqMh50Yy
LpP9OnvU9n7SX+DlllPtwCdjQ1w/78sQSWMWNeHir5QRd6U+HQ3prW8POJGthDVi
yrN27vu299sNF4OPMRLO0BpCdztcZoEDtuk+9JZuBsTQ5sGdZtt30kLzGj5mW8Jm
/UDfof49rtECMX16urJdjEo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:10:35 2025 by rpki-client