Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sQygEQM5LtVZyj8mMZAX_hQ1p2o.roa
File: sQygEQM5LtVZyj8mMZAX_hQ1p2o.roa (raw, json)
Hash identifier: njJM9wv6yawdZWBxJ6eEO4EmeJg2M+pGl1yOIbvMJ1Y=
Subject key identifier: B1:0C:A0:11:03:39:2E:D5:59:CA:3F:26:31:90:17:FE:14:35:A7:6A
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E0F8B304BB580DC6B093BDDD12ECBD40
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sQygEQM5LtVZyj8mMZAX_hQ1p2o.roa
Signing time: Sat 29 Mar 2025 08:15:49 +0000
ROA not before: Sat 29 Mar 2025 08:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:f8:b3:04:bb:58:0d:c6:b0:93:bd:dd:12:ec:bd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 08:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b10ca01103392ed559ca3f26319017fe1435a76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c0:c4:05:bc:81:0e:34:08:1e:15:11:f3:b0:
92:1f:86:52:a2:52:02:05:ab:e5:69:51:20:1c:77:
b3:1d:91:8d:34:3d:75:1f:c1:4b:b5:52:db:46:cd:
61:7e:7e:2f:20:73:4b:cf:49:ca:13:b9:85:25:3b:
5d:4a:84:63:b3:7b:99:0e:25:a8:aa:30:c3:6c:75:
db:22:54:e3:35:68:fa:7d:02:7a:7a:e3:31:f6:27:
17:dd:dc:5a:cd:87:ea:0f:d5:b4:2f:80:53:d3:90:
86:6e:ef:bc:66:48:c7:94:53:f9:1d:e5:a6:d2:d9:
a4:8f:89:b7:71:50:36:b5:a7:b9:6a:a7:16:40:b0:
d6:cf:fd:57:5b:da:b5:ef:70:7a:66:36:1b:58:dc:
bd:f0:0f:c1:18:a9:b7:19:c5:63:0d:fe:97:72:7b:
1b:61:63:fd:04:67:82:d3:2e:f9:f1:4a:4d:14:7e:
90:6c:18:d0:84:17:4c:78:68:87:e5:29:a8:f9:2b:
78:c4:f4:b0:f8:fc:ed:f1:b6:61:ce:90:46:3a:6b:
40:13:f8:dd:2b:02:94:e1:ed:84:f6:d0:d2:25:83:
82:10:70:47:83:e8:c6:e6:7a:bc:b5:a4:d4:4c:9d:
5e:bf:f9:07:37:96:19:8c:7b:5f:9f:1f:d6:f7:8d:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0C:A0:11:03:39:2E:D5:59:CA:3F:26:31:90:17:FE:14:35:A7:6A
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sQygEQM5LtVZyj8mMZAX_hQ1p2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
54:27:66:3c:fa:d5:6e:1b:1f:66:e6:05:98:f4:e4:4e:cb:4c:
02:4a:23:7b:45:f7:4f:80:ab:e2:a3:77:23:4a:a9:2e:af:c8:
40:e5:54:7a:74:c5:61:76:dd:49:4d:55:e2:37:ff:03:2b:04:
56:78:19:ca:e8:19:5b:e2:b5:5c:4f:6f:81:cf:cb:1f:e1:0b:
a5:56:49:11:1d:af:ba:7f:e5:97:72:5d:a9:d6:4b:3f:3f:03:
25:76:dc:95:c7:4f:0d:96:b4:6b:49:11:f1:ce:21:51:b2:4c:
f6:37:b9:cd:44:f3:9e:68:ee:54:fa:f5:9f:4c:9d:13:1b:77:
28:32:8d:b0:de:55:3b:35:94:61:a4:a0:17:9d:f1:75:9c:85:
ff:8b:8d:14:c4:b9:6f:6d:c9:b2:b6:2a:2d:7f:69:62:39:7c:
e9:58:38:a0:9e:5d:0a:1f:5c:e6:04:08:c2:53:6b:74:ec:4d:
38:82:a9:1c:37:0f:3a:3b:ab:9b:cc:75:84:d5:b4:f6:6c:53:
d3:0a:87:28:a0:65:85:ae:b9:48:f4:81:f6:01:10:34:ec:a4:
2f:95:ea:04:81:e8:d0:7c:c8:b0:cb:ab:73:e8:02:06:bb:3b:
e8:9d:3e:c8:b2:ef:a5:11:92:12:58:b7:ef:1c:0d:91:99:67:
14:f1:41:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXg+LMEu1gNxrCTvd0S7L1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MDgxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBjYTAxMTAzMzkyZWQ1NTljYTNmMjYzMTkwMTdmZTE0MzVhNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sDEBbyBDjQIHhUR87CSH4ZSolIC
BavlaVEgHHezHZGNND11H8FLtVLbRs1hfn4vIHNLz0nKE7mFJTtdSoRjs3uZDiWo
qjDDbHXbIlTjNWj6fQJ6euMx9icX3dxazYfqD9W0L4BT05CGbu+8ZkjHlFP5HeWm
0tmkj4m3cVA2tae5aqcWQLDWz/1XW9q173B6ZjYbWNy98A/BGKm3GcVjDf6Xcnsb
YWP9BGeC0y758UpNFH6QbBjQhBdMeGiH5Smo+St4xPSw+Pzt8bZhzpBGOmtAE/jd
KwKU4e2E9tDSJYOCEHBHg+jG5nq8taTUTJ1ev/kHN5YZjHtfnx/W943UCwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLEMoBEDOS7VWco/JjGQF/4UNadqMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvc1F5Z0VRTTVMdFZaeWo4bU1aQVhfaFExcDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAVCdmPPrVbhsfZuYFmPTkTstM
Akoje0X3T4Cr4qN3I0qpLq/IQOVUenTFYXbdSU1V4jf/AysEVngZyugZW+K1XE9v
gc/LH+ELpVZJER2vun/ll3JdqdZLPz8DJXbclcdPDZa0a0kR8c4hUbJM9je5zUTz
nmjuVPr1n0ydExt3KDKNsN5VOzWUYaSgF53xdZyF/4uNFMS5b23JsrYqLX9pYjl8
6Vg4oJ5dCh9c5gQIwlNrdOxNOIKpHDcPOjurm8x1hNW09mxT0wqHKKBlha65SPSB
9gEQNOykL5XqBIHo0HzIsMurc+gCBrs76J0+yLLvpRGSEli37xwNkZlnFPFBjw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:21:22 2025 by rpki-client