Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/jckJEC_UHPIB6oMhR9ounzabV98.roa
File: jckJEC_UHPIB6oMhR9ounzabV98.roa (raw, json)
Hash identifier: ErPsb3JkLHZYEF6SEwNtACkrb/N/+ceCmCP8I70ABCw=
Subject key identifier: 8D:C9:09:10:2F:D4:1C:F2:01:EA:83:21:47:DA:2E:9F:36:9B:57:DF
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F3A10050FB1F6CBFCA93BF09E4202903
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/jckJEC_UHPIB6oMhR9ounzabV98.roa
Signing time: Tue 01 Apr 2025 23:12:49 +0000
ROA not before: Tue 01 Apr 2025 23:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:a1:00:50:fb:1f:6c:bf:ca:93:bf:09:e4:20:29:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 23:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dc909102fd41cf201ea832147da2e9f369b57df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:b6:b1:53:38:bf:5e:dc:8e:4b:4a:3d:b1:
6a:c5:89:70:67:ee:7f:56:d5:1e:f4:35:e0:ac:3f:
08:89:44:74:ca:d0:60:e1:4e:ae:d1:4a:c3:80:4d:
e8:fd:9c:a9:cc:f0:fe:5c:ee:b9:87:c4:15:f2:d6:
f1:e2:85:90:85:d1:e1:07:08:92:a3:9d:b0:06:ac:
60:f7:10:a0:e3:15:3c:d8:fb:17:70:d7:0e:c7:50:
1e:4b:87:b6:39:d1:aa:41:da:99:96:b3:22:9e:ea:
2e:d3:0e:8d:bf:3c:54:f1:fa:9b:7c:db:14:33:12:
f6:eb:a5:8f:7b:f5:0b:d2:6a:16:51:f8:cd:70:e7:
3f:4e:9b:0d:9b:fe:6d:ec:54:82:f4:5b:a7:3c:3a:
d2:78:9c:40:ba:c2:2c:c0:84:4f:7a:04:07:05:48:
8a:52:3c:53:1b:1b:24:55:e6:90:29:16:b0:0c:4e:
aa:d4:c9:66:08:e6:25:2f:5a:e7:ba:78:07:86:01:
3f:85:4e:15:f3:6a:51:27:27:f7:3a:43:6c:15:a3:
57:cb:86:eb:19:08:41:db:a9:99:fa:b1:6b:1d:6b:
8a:92:67:5e:5d:68:11:64:9c:c5:cb:4a:01:c4:14:
9e:1f:fe:43:d5:78:d8:8b:85:97:78:ee:3a:b1:44:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C9:09:10:2F:D4:1C:F2:01:EA:83:21:47:DA:2E:9F:36:9B:57:DF
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/jckJEC_UHPIB6oMhR9ounzabV98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
57:d1:fc:5f:b0:1e:31:7c:e4:71:38:f0:c4:e1:69:80:f2:19:
b4:7e:dc:32:ad:eb:7e:0a:17:65:03:f6:7d:47:29:b1:68:11:
01:ec:15:eb:e9:2e:6f:c1:7b:95:a0:88:e2:a0:81:dd:ca:1a:
a8:8b:e7:af:99:de:06:c1:2f:0c:33:dc:55:15:9b:ee:e9:8d:
65:fb:6e:75:63:5c:4f:c0:6b:3d:f8:2e:e7:0f:d7:53:b8:2e:
7d:9d:48:ee:f7:27:ee:c8:16:66:13:13:bb:0e:3a:59:43:58:
f4:10:69:85:4b:ba:3a:55:f3:37:dd:8d:1b:5e:08:f7:9c:e1:
12:b1:56:a8:51:10:20:3b:e3:4c:bd:f2:b8:18:57:db:18:94:
62:fd:de:cc:40:7a:63:1b:4f:25:ef:9e:18:8f:32:a0:94:10:
6e:f1:d8:c6:b7:85:67:71:19:e4:da:8a:ae:94:e1:c1:d7:52:
de:1b:e6:38:1b:17:c2:3c:44:85:de:28:3b:f9:0f:0f:86:c2:
3f:13:7b:a1:d3:51:75:c9:fe:ec:5d:2d:3c:24:b4:e5:b7:76:
01:92:bd:59:11:92:c6:76:13:84:02:a9:75:ef:05:b2:94:71:
5c:b6:88:06:ad:e8:7c:b2:e2:f2:61:81:18:07:7e:c5:b8:02:
6a:dd:ff:a5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXzoQBQ+x9sv8qTvwnkICkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMjMxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGM5MDkxMDJmZDQxY2YyMDFlYTgzMjE0N2RhMmU5ZjM2OWI1N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl+2sVM4v17cjktKPbFqxYlwZ+5/
VtUe9DXgrD8IiUR0ytBg4U6u0UrDgE3o/ZypzPD+XO65h8QV8tbx4oWQhdHhBwiS
o52wBqxg9xCg4xU82PsXcNcOx1AeS4e2OdGqQdqZlrMinuou0w6NvzxU8fqbfNsU
MxL266WPe/UL0moWUfjNcOc/TpsNm/5t7FSC9FunPDrSeJxAusIswIRPegQHBUiK
UjxTGxskVeaQKRawDE6q1MlmCOYlL1rnungHhgE/hU4V82pRJyf3OkNsFaNXy4br
GQhB26mZ+rFrHWuKkmdeXWgRZJzFy0oBxBSeH/5D1XjYi4WXeO46sUR0eQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI3JCRAv1BzyAeqDIUfaLp82m1ffMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvamNrSkVDX1VIUElCNm9NaFI5b3VuemFiVjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAV9H8X7AeMXzkcTjwxOFpgPIZ
tH7cMq3rfgoXZQP2fUcpsWgRAewV6+kub8F7laCI4qCB3coaqIvnr5neBsEvDDPc
VRWb7umNZftudWNcT8BrPfgu5w/XU7gufZ1I7vcn7sgWZhMTuw46WUNY9BBphUu6
OlXzN92NG14I95zhErFWqFEQIDvjTL3yuBhX2xiUYv3ezEB6YxtPJe+eGI8yoJQQ
bvHYxreFZ3EZ5NqKrpThwddS3hvmOBsXwjxEhd4oO/kPD4bCPxN7odNRdcn+7F0t
PCS05bd2AZK9WRGSxnYThAKpde8FspRxXLaIBq3ofLLi8mGBGAd+xbgCat3/pQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:36 2025 by rpki-client