Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/kJNDq6fJbE9-QLAmQZOvfmT1tms.roa
File: kJNDq6fJbE9-QLAmQZOvfmT1tms.roa (raw, json)
Hash identifier: iKW3HE4a4qlZgKgZOjRh7ngpIh5TpQRfULDMVrFv8/c=
Subject key identifier: 90:93:43:AB:A7:C9:6C:4F:7E:40:B0:26:41:93:AF:7E:64:F5:B6:6B
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195CFFB06525CF98FD72CCE0E8601155414
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/kJNDq6fJbE9-QLAmQZOvfmT1tms.roa
Signing time: Wed 26 Mar 2025 01:04:49 +0000
ROA not before: Wed 26 Mar 2025 01:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:cffa:8cb6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cf:fb:06:52:5c:f9:8f:d7:2c:ce:0e:86:01:15:54:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 26 01:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=909343aba7c96c4f7e40b0264193af7e64f5b66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:be:60:e1:97:1a:2f:54:7d:a2:36:5a:62:
77:9a:ed:79:4b:b3:bd:07:72:29:ab:b2:cf:11:7f:
ef:3e:cc:4d:62:6f:a7:36:29:08:2a:4e:30:86:6a:
2d:d4:0e:f7:a4:91:64:d0:72:1f:b5:92:c2:78:fc:
35:92:cc:21:74:93:84:45:ac:d1:f0:85:00:00:2b:
15:c9:9a:7e:3d:af:69:47:3c:6f:bf:fc:16:3e:1d:
21:24:97:8a:0d:26:36:d6:0d:e6:56:30:3d:9f:a4:
eb:e8:4b:3d:3e:01:1c:16:f8:fb:29:92:bf:2c:3a:
7e:cc:91:ca:9f:a9:f0:7f:b7:2a:65:32:bc:7a:5b:
50:9c:69:f9:dc:4b:eb:ff:17:37:36:f3:30:a3:e9:
25:ad:01:b6:49:a6:22:10:a0:91:8a:27:eb:60:2d:
7f:49:fb:4b:80:3a:ab:47:f0:83:2e:a5:3f:5b:ed:
71:55:c1:63:9b:a4:81:24:cd:0d:39:19:1f:63:29:
7e:bb:41:c8:e5:55:07:30:9e:c2:56:63:29:fe:4e:
c6:ae:ea:67:ac:b0:2b:cd:7e:2a:45:32:50:ed:52:
98:ae:11:55:58:d5:20:6e:eb:a0:c0:4e:f5:81:64:
01:2e:d7:ff:6c:c3:0a:95:8b:f9:b7:4f:5f:dc:9a:
b2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:93:43:AB:A7:C9:6C:4F:7E:40:B0:26:41:93:AF:7E:64:F5:B6:6B
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/kJNDq6fJbE9-QLAmQZOvfmT1tms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:cffa:8cb6/128
Signature Algorithm: sha256WithRSAEncryption
5e:9e:5f:28:47:7c:c4:6d:13:bd:32:11:38:27:59:71:c2:d9:
4e:ae:e6:00:79:6f:37:77:2c:9a:01:90:11:35:b1:75:76:79:
ae:5b:03:ed:c2:05:5d:09:a2:37:62:71:bd:86:ab:d9:04:82:
89:77:bb:e1:b9:05:3c:ea:4b:b4:00:67:ca:9d:53:a9:3f:62:
5a:e9:42:2f:ed:d9:2c:df:bd:70:74:ab:5c:00:1f:0e:6b:24:
1c:2d:de:3d:53:4f:9a:28:b4:3d:93:a4:db:ed:4d:ff:98:41:
e8:40:15:de:c2:d5:c1:44:9e:a4:4a:d6:8f:3c:16:9c:09:81:
10:1b:eb:45:89:eb:03:08:81:95:e9:4f:76:b6:e7:9c:dd:66:
6b:0a:3d:b8:e5:b5:79:de:be:49:71:58:ce:17:b7:b5:31:2c:
0c:2f:e7:ff:70:c7:c9:73:17:b7:24:f2:95:5c:b1:ad:83:dc:
a7:79:74:87:28:2b:5b:42:33:80:71:b5:80:cf:24:03:69:31:
d7:c5:cf:67:87:6a:7e:08:30:a2:cf:40:c9:c9:fb:1b:fb:ce:
5f:45:c0:b4:1d:df:6a:7a:47:51:b7:24:88:1b:ab:a4:fd:a1:
3b:84:32:26:f1:6a:cd:6d:e2:ec:88:b6:eb:f7:62:f9:ac:84:
6e:b6:de:55
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXP+wZSXPmP1yzODoYBFVQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI2MDEwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDkzNDNhYmE3Yzk2YzRmN2U0MGIwMjY0MTkzYWY3ZTY0ZjViNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaS+YOGXGi9UfaI2WmJ3mu15S7O9
B3Ipq7LPEX/vPsxNYm+nNikIKk4whmot1A73pJFk0HIftZLCePw1kswhdJOERazR
8IUAACsVyZp+Pa9pRzxvv/wWPh0hJJeKDSY21g3mVjA9n6Tr6Es9PgEcFvj7KZK/
LDp+zJHKn6nwf7cqZTK8eltQnGn53Evr/xc3NvMwo+klrQG2SaYiEKCRiifrYC1/
SftLgDqrR/CDLqU/W+1xVcFjm6SBJM0NORkfYyl+u0HI5VUHMJ7CVmMp/k7Grupn
rLArzX4qRTJQ7VKYrhFVWNUgbuugwE71gWQBLtf/bMMKlYv5t09f3Jqy/QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJCTQ6unyWxPfkCwJkGTr35k9bZrMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEva0pORHE2ZkpiRTktUUxBbVFaT3ZmbVQxdG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVz/qMtjANBgkqhkiG9w0BAQsFAAOCAQEAXp5fKEd8xG0TvTIROCdZccLZ
Tq7mAHlvN3csmgGQETWxdXZ5rlsD7cIFXQmiN2JxvYar2QSCiXe74bkFPOpLtABn
yp1TqT9iWulCL+3ZLN+9cHSrXAAfDmskHC3ePVNPmii0PZOk2+1N/5hB6EAV3sLV
wUSepErWjzwWnAmBEBvrRYnrAwiBlelPdrbnnN1mawo9uOW1ed6+SXFYzhe3tTEs
DC/n/3DHyXMXtyTylVyxrYPcp3l0hygrW0IzgHG1gM8kA2kx18XPZ4dqfggwos9A
ycn7G/vOX0XAtB3fanpHUbckiBurpP2hO4QyJvFqzW3i7Ii26/di+ayEbrbeVQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:03:07 2025 by rpki-client