Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/oGQEXoP7xeghUnxzlGXTLDcyTWk.roa
File: oGQEXoP7xeghUnxzlGXTLDcyTWk.roa (raw, json)
Hash identifier: jibWfgSZjjNIPmAM/ukLY2oJuIPgcf+YKTK0bLvbP/k=
Subject key identifier: A0:64:04:5E:83:FB:C5:E8:21:52:7C:73:94:65:D3:2C:37:32:4D:69
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195D257463F24FBB11B8B097FF52C88ED74
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/oGQEXoP7xeghUnxzlGXTLDcyTWk.roa
Signing time: Wed 26 Mar 2025 12:04:49 +0000
ROA not before: Wed 26 Mar 2025 12:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:d256:eabb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:57:46:3f:24:fb:b1:1b:8b:09:7f:f5:2c:88:ed:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 26 12:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a064045e83fbc5e821527c739465d32c37324d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:59:78:c9:e1:02:99:d3:d8:be:0d:ee:78:7f:
97:fb:4d:87:1a:d2:df:bf:9d:61:0e:41:0c:ef:ba:
48:ca:3e:88:fe:d3:fd:fc:33:42:09:87:55:43:9e:
04:8b:4c:a0:4b:a2:2f:f1:e9:59:99:2b:70:1a:04:
cd:9d:3c:55:bd:44:33:38:15:33:4f:ae:d3:5a:c3:
21:33:9e:97:94:2e:dc:fd:9b:1d:d0:13:83:ff:9f:
ab:65:6a:c9:39:16:5d:46:4a:da:0d:0c:1b:7c:f0:
ac:c2:61:b3:9c:81:29:9a:62:a6:33:92:7a:c7:07:
c4:9d:d1:8d:1f:56:a1:7e:54:f4:ae:0b:80:cc:2c:
c0:35:dd:23:56:0d:e6:f6:3a:c8:fd:ba:51:27:7a:
76:ae:84:17:b2:7b:8d:e3:19:2f:55:6d:bc:6b:fe:
8c:0e:30:65:62:1b:e4:84:8b:db:b3:9f:9e:9c:08:
6f:65:7c:92:2e:eb:de:9d:66:5b:57:b1:ad:9a:d2:
a0:5d:88:f2:07:20:fb:a1:25:3e:2b:33:aa:ab:f4:
11:ea:99:bd:3a:5c:f3:71:7c:a9:dc:74:e7:ee:57:
f1:cc:c4:f1:91:8a:39:ba:0b:ce:b0:74:fc:94:8e:
0c:6c:a8:d1:54:76:c0:7d:68:2b:44:00:a5:27:54:
92:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:64:04:5E:83:FB:C5:E8:21:52:7C:73:94:65:D3:2C:37:32:4D:69
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/oGQEXoP7xeghUnxzlGXTLDcyTWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:d256:eabb/128
Signature Algorithm: sha256WithRSAEncryption
33:8a:ed:78:e1:39:07:ce:1d:ee:5c:ae:66:5d:39:98:bc:3f:
95:eb:56:2f:8f:9c:b7:1f:b0:65:b9:56:97:9e:2a:f3:21:70:
b3:91:c2:33:7b:a2:83:32:a9:2b:6b:87:07:5e:41:71:51:25:
58:23:11:25:17:ca:a1:6d:50:9b:41:be:76:d2:56:dd:b0:cf:
ea:a2:dd:ef:b6:cf:73:e2:02:0a:3f:d0:09:b3:00:42:89:de:
8e:e1:d3:dc:c1:86:b7:a1:73:0d:f7:fb:49:c9:f4:81:db:57:
7f:b0:8c:fb:ad:24:3c:ed:29:af:49:ea:f3:6c:f9:ea:77:41:
24:41:0b:f4:af:0b:6d:35:03:a3:c2:78:cb:2e:c7:26:eb:80:
4b:74:d8:bb:2d:72:b3:12:83:53:3c:12:63:6a:09:e7:27:04:
32:f4:29:ef:49:26:a2:8c:d2:17:c5:f6:87:4c:2e:f8:eb:17:
cb:42:cc:26:8e:44:3d:cb:9c:ec:8f:30:6f:92:c4:72:d6:6f:
a9:7a:22:b5:87:62:02:94:e5:2f:14:0f:39:3e:61:6e:d4:6b:
e0:5c:be:fc:ff:7d:52:3a:60:e8:f9:f3:71:43:2d:eb:1d:3c:
9f:dc:89:ce:7f:8d:a5:e3:54:86:b8:f0:da:4a:14:5e:33:fd:
94:fc:6f:9e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXSV0Y/JPuxG4sJf/UsiO10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI2MTIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY0MDQ1ZTgzZmJjNWU4MjE1MjdjNzM5NDY1ZDMyYzM3MzI0ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Fl4yeECmdPYvg3ueH+X+02HGtLf
v51hDkEM77pIyj6I/tP9/DNCCYdVQ54Ei0ygS6Iv8elZmStwGgTNnTxVvUQzOBUz
T67TWsMhM56XlC7c/Zsd0BOD/5+rZWrJORZdRkraDQwbfPCswmGznIEpmmKmM5J6
xwfEndGNH1ahflT0rguAzCzANd0jVg3m9jrI/bpRJ3p2roQXsnuN4xkvVW28a/6M
DjBlYhvkhIvbs5+enAhvZXySLuvenWZbV7GtmtKgXYjyByD7oSU+KzOqq/QR6pm9
OlzzcXyp3HTn7lfxzMTxkYo5ugvOsHT8lI4MbKjRVHbAfWgrRAClJ1SScwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKBkBF6D+8XoIVJ8c5Rl0yw3Mk1pMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvb0dRRVhvUDd4ZWdoVW54emxHWFRMRGN5VFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV0lbquzANBgkqhkiG9w0BAQsFAAOCAQEAM4rteOE5B84d7lyuZl05mLw/
letWL4+ctx+wZblWl54q8yFws5HCM3uigzKpK2uHB15BcVElWCMRJRfKoW1Qm0G+
dtJW3bDP6qLd77bPc+ICCj/QCbMAQonejuHT3MGGt6FzDff7Scn0gdtXf7CM+60k
PO0pr0nq82z56ndBJEEL9K8LbTUDo8J4yy7HJuuAS3TYuy1ysxKDUzwSY2oJ5ycE
MvQp70kmoozSF8X2h0wu+OsXy0LMJo5EPcuc7I8wb5LEctZvqXoitYdiApTlLxQP
OT5hbtRr4Fy+/P99Ujpg6PnzcUMt6x08n9yJzn+NpeNUhrjw2koUXjP9lPxvng==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:28:06 2025 by rpki-client