Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/fTb1GZRUDsS4w6-g2IrPXccQ2_c.roa
File: fTb1GZRUDsS4w6-g2IrPXccQ2_c.roa (raw, json)
Hash identifier: /eIpcc+R1qA3BglCIXuyAnAcmpCZ/aA9d37WgsOqFDQ=
Subject key identifier: 7D:36:F5:19:94:54:0E:C4:B8:C3:AF:A0:D8:8A:CF:5D:C7:10:DB:F7
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195C7D39F67AFF0587856E3173BE4F1BA4A
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/fTb1GZRUDsS4w6-g2IrPXccQ2_c.roa
Signing time: Mon 24 Mar 2025 11:04:49 +0000
ROA not before: Mon 24 Mar 2025 11:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:c7d2:eb73/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:d3:9f:67:af:f0:58:78:56:e3:17:3b:e4:f1:ba:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 24 11:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d36f51994540ec4b8c3afa0d88acf5dc710dbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c2:64:1a:4a:d9:e2:66:4f:90:51:3e:df:ee:
71:25:7a:d7:0c:ec:05:a0:b8:c1:53:52:b6:ff:3a:
c4:7b:41:f7:4f:0b:b3:3e:3b:2d:49:39:e2:c4:28:
58:8c:cb:bf:65:5e:b8:eb:78:c6:59:96:0d:60:79:
fb:5a:70:17:11:bf:bd:5a:b2:72:19:08:c7:32:79:
4b:89:09:8d:b2:a0:6c:43:4e:c7:ff:d8:65:12:f8:
97:04:d6:29:5c:e5:f9:d3:69:fc:db:f1:36:f0:69:
45:05:67:30:b8:f7:cc:76:a7:18:2f:48:d4:ae:64:
12:67:e6:1f:49:24:e8:93:35:49:61:7c:d2:9f:15:
ff:0f:67:a7:e5:af:ef:0e:28:47:7c:d6:a8:9c:48:
2a:bd:01:ea:61:8f:11:34:b1:db:83:2c:f3:d3:be:
f1:23:44:b5:f8:52:ad:b4:06:44:71:2f:fc:d6:fb:
2e:a2:18:60:c4:5b:94:4f:3a:c3:42:b9:5b:50:55:
14:65:d9:2d:32:65:1f:9f:db:1d:97:9d:a0:93:5d:
4d:4f:bc:26:cd:4e:6d:0c:bd:e3:87:40:39:65:e8:
18:7b:6f:da:17:bc:70:65:6f:f7:79:31:7c:cb:e7:
b9:f7:19:91:e9:97:d0:5a:3b:ec:32:ca:f2:3b:8f:
7e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:36:F5:19:94:54:0E:C4:B8:C3:AF:A0:D8:8A:CF:5D:C7:10:DB:F7
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/fTb1GZRUDsS4w6-g2IrPXccQ2_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:c7d2:eb73/128
Signature Algorithm: sha256WithRSAEncryption
31:89:f8:bd:73:ca:d7:de:e5:c3:bd:f7:9e:b3:29:d2:03:34:
f3:ea:fc:54:d2:38:31:74:5c:63:11:0c:c9:e7:de:10:4c:a2:
00:b5:f6:76:6b:ff:d3:cf:6f:d7:40:56:db:0d:48:01:6e:0a:
58:c0:c5:9f:3a:03:fa:62:c7:db:b9:df:f1:7d:09:a4:8a:94:
8e:e7:c7:2c:38:26:6a:80:6e:5c:16:6f:0b:c6:c1:a6:bc:8f:
3d:0d:9b:08:42:fa:6b:62:e6:a3:82:15:91:6c:fb:5f:89:e8:
1e:b5:4c:1e:ef:95:eb:d5:2e:ac:83:06:da:44:cc:65:1c:37:
64:29:7f:a0:4a:44:10:88:35:a3:9b:45:74:6c:52:58:a8:cd:
42:bc:9f:b9:f8:2c:7f:9f:02:c3:52:94:41:74:72:73:30:55:
9c:4e:f4:97:6f:3e:67:f2:76:b6:e3:0a:f2:9a:d2:9d:dc:23:
82:89:1e:2f:aa:87:4b:21:4c:c0:72:7e:9f:02:a0:60:2b:e5:
c5:e0:b4:14:d1:b9:d6:91:e3:8e:c8:46:5a:0b:ad:3f:47:f8:
42:23:ea:8f:f7:20:27:84:49:4f:38:b1:a3:1f:70:85:69:fe:
2f:95:8c:8b:bf:69:77:cf:25:b0:24:5b:77:d0:e1:c5:e7:b2:
7b:4e:7f:50
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXH059nr/BYeFbjFzvk8bpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI0MTEwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM2ZjUxOTk0NTQwZWM0YjhjM2FmYTBkODhhY2Y1ZGM3MTBkYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosJkGkrZ4mZPkFE+3+5xJXrXDOwF
oLjBU1K2/zrEe0H3TwuzPjstSTnixChYjMu/ZV6463jGWZYNYHn7WnAXEb+9WrJy
GQjHMnlLiQmNsqBsQ07H/9hlEviXBNYpXOX502n82/E28GlFBWcwuPfMdqcYL0jU
rmQSZ+YfSSTokzVJYXzSnxX/D2en5a/vDihHfNaonEgqvQHqYY8RNLHbgyzz077x
I0S1+FKttAZEcS/81vsuohhgxFuUTzrDQrlbUFUUZdktMmUfn9sdl52gk11NT7wm
zU5tDL3jh0A5ZegYe2/aF7xwZW/3eTF8y+e59xmR6ZfQWjvsMsryO49+vQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFH029RmUVA7EuMOvoNiKz13HENv3MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvZlRiMUdaUlVEc1M0dzYtZzJJclBYY2NRMl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVx9LrczANBgkqhkiG9w0BAQsFAAOCAQEAMYn4vXPK197lw733nrMp0gM0
8+r8VNI4MXRcYxEMyefeEEyiALX2dmv/089v10BW2w1IAW4KWMDFnzoD+mLH27nf
8X0JpIqUjufHLDgmaoBuXBZvC8bBpryPPQ2bCEL6a2Lmo4IVkWz7X4noHrVMHu+V
69UurIMG2kTMZRw3ZCl/oEpEEIg1o5tFdGxSWKjNQryfufgsf58Cw1KUQXRyczBV
nE70l28+Z/J2tuMK8prSndwjgokeL6qHSyFMwHJ+nwKgYCvlxeC0FNG51pHjjshG
WgutP0f4QiPqj/cgJ4RJTzixox9whWn+L5WMi79pd88lsCRbd9Dhxeeye05/UA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:04:26 2025 by rpki-client