Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/m89L0jcCUZpGOqEiJIoiGyp72c0.roa
File: m89L0jcCUZpGOqEiJIoiGyp72c0.roa (raw, json)
Hash identifier: VFM0pV2qa4x13uzpgkiVELat8irvWD5r87otaSqH/yQ=
Subject key identifier: 9B:CF:4B:D2:37:02:51:9A:46:3A:A1:22:24:8A:22:1B:2A:7B:D9:CD
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DBFF3281B1A1D5EE6A0CE3CBC0DDF5A2
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/m89L0jcCUZpGOqEiJIoiGyp72c0.roa
Signing time: Fri 28 Mar 2025 09:04:49 +0000
ROA not before: Fri 28 Mar 2025 09:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dbff:bff/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:ff:32:81:b1:a1:d5:ee:6a:0c:e3:cb:c0:dd:f5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 09:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bcf4bd23702519a463aa122248a221b2a7bd9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:40:dd:17:fc:2d:9e:50:d7:b7:3f:38:6a:
cf:52:c3:9f:72:1d:09:0a:50:0b:73:d4:6d:fc:36:
ab:ff:f3:1d:23:18:92:2c:0e:6a:a9:87:6a:74:e6:
b6:13:ff:5f:5a:44:51:62:95:81:ff:54:e8:9f:32:
c7:79:25:8a:1e:8e:3f:cf:69:d3:e2:5c:4b:d3:75:
95:79:9b:8d:16:f5:a0:4d:4f:16:0c:e7:9f:44:b9:
b8:fb:50:5d:5f:29:9f:c1:41:7f:9a:39:f6:34:2e:
8a:27:e1:15:92:78:fa:d8:a3:be:56:97:a0:f5:e3:
f2:08:c8:1d:94:1e:52:37:36:a7:e4:87:91:76:5a:
71:34:73:48:a8:cd:63:a2:05:3a:48:c5:22:27:27:
7c:5e:49:eb:dd:1b:4c:62:37:44:9a:08:b2:c0:f9:
b5:be:39:28:45:15:d3:c7:e6:ed:02:89:58:05:2f:
dd:f7:39:0b:ac:79:2f:10:26:21:92:43:f6:d2:44:
c5:8f:79:47:68:61:60:82:56:34:a3:38:9e:98:c1:
fe:f4:e6:72:cc:af:40:58:17:46:08:d4:e8:ee:c9:
4a:d5:34:55:22:25:b5:c4:37:40:aa:26:19:1b:6b:
11:a7:b4:1d:87:bc:56:41:1a:f0:c1:07:45:ad:13:
b0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:CF:4B:D2:37:02:51:9A:46:3A:A1:22:24:8A:22:1B:2A:7B:D9:CD
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/m89L0jcCUZpGOqEiJIoiGyp72c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dbff:bff/128
Signature Algorithm: sha256WithRSAEncryption
5c:57:90:bd:ce:b7:49:34:1a:87:ff:3c:07:c1:09:67:6d:3f:
7d:17:50:e7:7d:86:ed:64:eb:83:6d:8e:b8:4d:17:29:00:47:
fe:d8:9e:36:af:d7:9c:ae:43:78:f8:26:02:44:3f:85:aa:aa:
71:7f:77:1b:42:bd:bb:b6:8c:bd:47:79:93:68:a2:8d:1d:da:
0a:64:d7:92:ef:c4:ff:53:b8:c1:b9:92:b4:db:50:f9:f7:24:
1b:a5:08:c4:ba:10:70:77:83:e7:86:88:ec:97:b4:8e:75:07:
b7:ca:8b:fa:91:02:8d:6c:0f:32:f3:4b:2d:94:21:d0:34:5b:
54:73:ee:0c:ec:bb:38:d0:14:3a:1a:22:4b:a5:8b:72:cf:10:
80:25:80:85:d7:10:f8:a8:69:b9:37:99:19:26:eb:d6:f8:05:
ca:83:85:65:b1:80:5e:9e:a4:1e:94:02:18:c2:29:15:4c:32:
ee:0d:69:05:8a:26:63:6f:63:c5:72:60:8b:0e:ee:65:cf:4b:
5f:df:7f:fe:48:3b:4e:55:a4:bf:e6:9d:f6:e3:88:a9:bc:87:
f3:ca:6c:2f:82:de:2d:01:55:4d:2a:d6:3b:70:61:a0:1a:72:
35:5f:a5:f7:09:17:87:9c:1c:4f:1b:2a:3f:53:8c:12:4e:68:
83:ea:45:54
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXb/zKBsaHV7moM48vA3fWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MDkwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmNmNGJkMjM3MDI1MTlhNDYzYWExMjIyNDhhMjIxYjJhN2JkOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu9A3Rf8LZ5Q17c/OGrPUsOfch0J
ClALc9Rt/Dar//MdIxiSLA5qqYdqdOa2E/9fWkRRYpWB/1TonzLHeSWKHo4/z2nT
4lxL03WVeZuNFvWgTU8WDOefRLm4+1BdXymfwUF/mjn2NC6KJ+EVknj62KO+Vpeg
9ePyCMgdlB5SNzan5IeRdlpxNHNIqM1jogU6SMUiJyd8Xknr3RtMYjdEmgiywPm1
vjkoRRXTx+btAolYBS/d9zkLrHkvECYhkkP20kTFj3lHaGFgglY0oziemMH+9OZy
zK9AWBdGCNTo7slK1TRVIiW1xDdAqiYZG2sRp7Qdh7xWQRrwwQdFrROwRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJvPS9I3AlGaRjqhIiSKIhsqe9nNMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvbTg5TDBqY0NVWnBHT3FFaUpJb2lHeXA3MmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV2/8L/zANBgkqhkiG9w0BAQsFAAOCAQEAXFeQvc63STQah/88B8EJZ20/
fRdQ532G7WTrg22OuE0XKQBH/tieNq/XnK5DePgmAkQ/haqqcX93G0K9u7aMvUd5
k2iijR3aCmTXku/E/1O4wbmStNtQ+fckG6UIxLoQcHeD54aI7Je0jnUHt8qL+pEC
jWwPMvNLLZQh0DRbVHPuDOy7ONAUOhoiS6WLcs8QgCWAhdcQ+KhpuTeZGSbr1vgF
yoOFZbGAXp6kHpQCGMIpFUwy7g1pBYomY29jxXJgiw7uZc9LX99//kg7TlWkv+ad
9uOIqbyH88psL4LeLQFVTSrWO3BhoBpyNV+l9wkXh5wcTxsqP1OMEk5og+pFVA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:28:14 2025 by rpki-client