Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/ji0bMXh0x2PUq7h7nJa6mP2P_Lg.roa
File: ji0bMXh0x2PUq7h7nJa6mP2P_Lg.roa (raw, json)
Hash identifier: MlenSZcQukw4Q5FUvNG01CH855ClmOiB+J0Gr2Sjj/g=
Subject key identifier: 8E:2D:1B:31:78:74:C7:63:D4:AB:B8:7B:9C:96:BA:98:FD:8F:FC:B8
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DE2BD697DE5A1C9871271851C675DF48
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/ji0bMXh0x2PUq7h7nJa6mP2P_Lg.roa
Signing time: Fri 28 Mar 2025 19:12:49 +0000
ROA not before: Fri 28 Mar 2025 19:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:de:2b:d6:97:de:5a:1c:98:71:27:18:51:c6:75:df:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 19:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e2d1b317874c763d4abb87b9c96ba98fd8ffcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:a6:3e:c7:04:1a:1b:54:01:9b:00:e0:ad:
a7:2a:06:f8:62:e0:5b:1f:f5:27:5b:ae:fb:74:40:
cc:f6:ad:82:b5:66:d5:c6:63:aa:59:98:cc:da:2c:
04:93:09:6a:29:ce:19:4f:b7:d0:b9:16:f4:57:b7:
d8:f0:5a:21:49:02:5e:d0:bb:34:0d:51:09:8e:a8:
3c:29:fc:a8:84:5e:c0:9e:14:95:4c:a0:7a:fd:f3:
7a:a7:c3:62:8a:ab:dc:2b:69:06:be:dc:6c:aa:fa:
a8:46:a3:3a:76:21:18:7b:68:33:1e:17:13:55:4d:
17:6a:69:16:ad:d5:9e:c7:70:e4:4a:3e:32:ac:33:
c0:cb:ba:fd:9a:2c:2c:3a:1d:f6:35:1f:22:46:82:
59:4f:29:ae:ae:e1:b6:7c:e7:cc:12:5c:3f:22:91:
3e:8f:31:f1:b6:05:4d:ec:5e:21:de:9d:6e:2c:06:
11:56:87:bf:6c:0a:03:44:5c:6f:23:5a:93:eb:82:
10:ef:fc:8d:29:2f:3f:95:de:a0:60:62:34:a8:d8:
14:6c:13:44:50:7b:6c:79:0b:03:67:90:b6:83:da:
a2:5b:7f:f8:be:76:4a:1d:97:51:50:47:1a:b7:41:
a8:d1:0e:b7:7d:c1:3a:08:89:fe:24:f0:af:7c:f3:
b0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2D:1B:31:78:74:C7:63:D4:AB:B8:7B:9C:96:BA:98:FD:8F:FC:B8
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/ji0bMXh0x2PUq7h7nJa6mP2P_Lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
91:e1:ee:cf:ae:2b:c1:d1:3f:fc:be:98:7d:05:fa:e5:e9:98:
d2:f4:76:0c:68:9c:a7:5b:81:e3:aa:79:89:71:47:1a:fc:d3:
f6:6e:81:d0:ee:bf:bd:f3:9b:81:43:0a:fa:6f:b4:72:3c:da:
a2:24:bc:1f:ae:23:76:18:e1:50:dd:96:01:2c:6a:ed:17:5a:
60:ae:03:87:9e:76:65:d1:04:7f:16:65:60:89:a6:92:41:63:
f7:23:7e:be:f9:dc:16:db:83:76:1b:ad:58:0a:6a:53:2d:e9:
83:89:49:03:15:07:0a:6d:b1:42:c8:48:46:69:2c:bf:3a:e1:
a9:85:27:b3:f5:0e:59:01:e4:2c:16:94:62:f9:62:d0:32:8e:
62:93:72:cc:51:16:e8:55:e8:14:14:1a:22:0f:42:e1:83:83:
bc:44:88:a4:8c:0d:4b:8b:d4:88:66:30:ed:5a:5a:1e:da:7f:
a2:27:f6:d3:25:54:8a:3d:26:e1:fb:1b:6a:64:f1:52:9f:e1:
3f:eb:c4:a1:8d:42:3f:cf:02:56:13:6b:80:e2:9d:da:0e:d8:
1e:8f:0a:81:43:43:ce:ca:b9:13:2a:a1:d7:6a:6b:90:b9:6b:
b9:59:1f:ff:78:bd:a6:d5:5a:0a:c3:ae:b4:bb:05:38:56:a9:
c9:e5:a7:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXeK9aX3locmHEnGFHGdd9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MTkxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJkMWIzMTc4NzRjNzYzZDRhYmI4N2I5Yzk2YmE5OGZkOGZmY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruumPscEGhtUAZsA4K2nKgb4YuBb
H/UnW677dEDM9q2CtWbVxmOqWZjM2iwEkwlqKc4ZT7fQuRb0V7fY8FohSQJe0Ls0
DVEJjqg8KfyohF7AnhSVTKB6/fN6p8NiiqvcK2kGvtxsqvqoRqM6diEYe2gzHhcT
VU0XamkWrdWex3DkSj4yrDPAy7r9miwsOh32NR8iRoJZTymuruG2fOfMElw/IpE+
jzHxtgVN7F4h3p1uLAYRVoe/bAoDRFxvI1qT64IQ7/yNKS8/ld6gYGI0qNgUbBNE
UHtseQsDZ5C2g9qiW3/4vnZKHZdRUEcat0Go0Q63fcE6CIn+JPCvfPOwzQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI4tGzF4dMdj1Ku4e5yWupj9j/y4MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvamkwYk1YaDB4MlBVcTdoN25KYTZtUDJQX0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAkeHuz64rwdE//L6YfQX65emY
0vR2DGicp1uB46p5iXFHGvzT9m6B0O6/vfObgUMK+m+0cjzaoiS8H64jdhjhUN2W
ASxq7RdaYK4Dh552ZdEEfxZlYImmkkFj9yN+vvncFtuDdhutWApqUy3pg4lJAxUH
Cm2xQshIRmksvzrhqYUns/UOWQHkLBaUYvli0DKOYpNyzFEW6FXoFBQaIg9C4YOD
vESIpIwNS4vUiGYw7VpaHtp/oif20yVUij0m4fsbamTxUp/hP+vEoY1CP88CVhNr
gOKd2g7YHo8KgUNDzsq5Eyqh12prkLlruVkf/3i9ptVaCsOutLsFOFapyeWnQg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:02:17 2025 by rpki-client