Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mzowNtGn_FbctUcN02fOwz-yYOA.roa
File: mzowNtGn_FbctUcN02fOwz-yYOA.roa (raw, json)
Hash identifier: PNUXqzp6Ci8J/OVRx7HkodjImQYvkXOJKpC7UJoTH+k=
Subject key identifier: 9B:3A:30:36:D1:A7:FC:56:DC:B5:47:0D:D3:67:CE:C3:3F:B2:60:E0
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E98DF7B6170BB9C174DFD6404479A9C9
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mzowNtGn_FbctUcN02fOwz-yYOA.roa
Signing time: Mon 31 Mar 2025 00:15:50 +0000
ROA not before: Mon 31 Mar 2025 00:15:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e9:8d:f7:b6:17:0b:b9:c1:74:df:d6:40:44:79:a9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 00:15:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b3a3036d1a7fc56dcb5470dd367cec33fb260e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:79:6d:a6:b7:13:a0:e7:ee:be:6e:7a:98:5f:
04:6f:c0:b3:1f:b3:97:a6:18:5c:aa:eb:aa:8f:2f:
97:db:ff:13:0b:4a:56:92:e6:a6:d9:82:c2:41:00:
ea:8d:cd:25:bb:80:ec:6c:04:b2:74:5d:b7:eb:c7:
38:1c:24:a5:2a:fe:f7:d0:ba:23:81:23:8e:3e:68:
94:c0:ee:aa:ec:05:34:94:ec:84:16:22:48:7d:60:
12:73:42:36:78:11:11:84:f8:8d:e9:30:9d:c2:7c:
65:06:96:a3:56:54:95:d0:d9:56:66:71:2c:38:b6:
d9:7b:56:ed:ca:99:6f:76:85:ae:8b:88:38:d3:28:
b6:b8:97:28:3e:f1:8f:e9:d2:0a:e2:89:68:c4:0d:
b3:ab:df:69:37:97:76:7a:21:aa:2f:a1:55:e2:18:
e8:66:a4:db:3c:71:6b:8e:25:15:9c:7c:cf:ef:dc:
49:58:3e:d3:f6:23:04:5b:1e:e9:3a:12:66:38:73:
2d:d6:4b:cc:f1:ed:92:68:45:8e:fc:a8:46:79:b0:
35:5f:11:77:db:eb:f0:7b:e0:c8:e8:aa:65:7b:fe:
6c:5a:fd:c8:2a:3f:f9:96:f4:68:09:32:e6:39:20:
bc:4e:79:05:e6:2b:9a:c8:97:5e:2d:dd:c5:49:c6:
21:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3A:30:36:D1:A7:FC:56:DC:B5:47:0D:D3:67:CE:C3:3F:B2:60:E0
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mzowNtGn_FbctUcN02fOwz-yYOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
30:76:08:62:e5:52:51:b6:ed:df:5f:bf:ee:4f:3c:93:58:bd:
94:09:ac:a5:63:03:c0:b7:da:cd:14:fd:4f:0c:28:2f:b5:16:
5f:ca:ac:26:46:1a:c9:b6:bd:eb:ba:08:e5:9b:c5:59:0a:5a:
4e:84:85:fd:0d:b1:d5:da:18:81:3b:c6:4c:d1:06:88:65:8a:
db:9a:45:d7:2a:22:36:24:ba:a1:e4:01:5b:cb:51:14:3d:e9:
74:a9:77:d8:fc:8c:e9:7b:76:18:78:c6:85:dd:90:e2:da:a6:
88:5b:d3:0e:99:82:82:c8:50:65:a2:f9:a5:41:40:05:a4:05:
f6:ff:e7:d4:e7:41:15:9c:b9:05:95:ec:e4:e6:dd:e0:c5:c1:
ed:d3:42:59:e1:f2:ad:5f:9c:1f:04:13:19:69:95:e2:45:59:
7c:1e:67:e5:46:d2:37:8a:e5:3e:98:68:83:d9:ab:37:6d:88:
38:ef:59:cc:b7:51:68:f6:b0:fc:33:0c:8b:9e:f5:c5:f8:38:
68:49:2a:69:0e:aa:12:c3:10:6a:26:9b:76:e2:53:a5:a5:41:
ca:c4:de:b8:87:a8:1b:16:f8:66:1d:67:fb:13:77:93:20:73:
3f:1d:d0:2a:98:16:55:16:ba:07:e5:ad:03:2c:ce:d6:c3:5e:
b7:02:6f:d5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXpjfe2Fwu5wXTf1kBEeanJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMDAxNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNhMzAzNmQxYTdmYzU2ZGNiNTQ3MGRkMzY3Y2VjMzNmYjI2MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3ltprcToOfuvm56mF8Eb8CzH7OX
phhcquuqjy+X2/8TC0pWkuam2YLCQQDqjc0lu4DsbASydF2368c4HCSlKv730Loj
gSOOPmiUwO6q7AU0lOyEFiJIfWASc0I2eBERhPiN6TCdwnxlBpajVlSV0NlWZnEs
OLbZe1btyplvdoWui4g40yi2uJcoPvGP6dIK4oloxA2zq99pN5d2eiGqL6FV4hjo
ZqTbPHFrjiUVnHzP79xJWD7T9iMEWx7pOhJmOHMt1kvM8e2SaEWO/KhGebA1XxF3
2+vwe+DI6Kple/5sWv3IKj/5lvRoCTLmOSC8TnkF5iuayJdeLd3FScYhfQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJs6MDbRp/xW3LVHDdNnzsM/smDgMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvbXpvd050R25fRmJjdFVjTjAyZk93ei15WU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAMHYIYuVSUbbt31+/7k88k1i9
lAmspWMDwLfazRT9TwwoL7UWX8qsJkYayba967oI5ZvFWQpaToSF/Q2x1doYgTvG
TNEGiGWK25pF1yoiNiS6oeQBW8tRFD3pdKl32PyM6Xt2GHjGhd2Q4tqmiFvTDpmC
gshQZaL5pUFABaQF9v/n1OdBFZy5BZXs5Obd4MXB7dNCWeHyrV+cHwQTGWmV4kVZ
fB5n5UbSN4rlPphog9mrN22IOO9ZzLdRaPaw/DMMi571xfg4aEkqaQ6qEsMQaiab
duJTpaVBysTeuIeoGxb4Zh1n+xN3kyBzPx3QKpgWVRa6B+WtAyzO1sNetwJv1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:28:10 2025 by rpki-client