Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sdfGEJWo5ElU5meCY_9UEWIGrD4.roa
File: sdfGEJWo5ElU5meCY_9UEWIGrD4.roa (raw, json)
Hash identifier: BQmGCIgZc/Gxz6H03VVQodE3UnzRqdOe/CAktVh+3Cg=
Subject key identifier: B1:D7:C6:10:95:A8:E4:49:54:E6:67:82:63:FF:54:11:62:06:AC:3E
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E87A640763339A76FC8A76EA3FF1920E
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sdfGEJWo5ElU5meCY_9UEWIGrD4.roa
Signing time: Sun 30 Mar 2025 19:14:49 +0000
ROA not before: Sun 30 Mar 2025 19:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:7a:64:07:63:33:9a:76:fc:8a:76:ea:3f:f1:92:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 30 19:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1d7c61095a8e44954e6678263ff54116206ac3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:35:a9:da:11:57:6f:64:0f:17:24:6c:ac:1f:
5e:5f:9a:ec:52:88:be:9d:ee:2b:c0:b4:4f:f8:a1:
08:00:14:b3:d9:fd:8e:f0:93:2b:95:84:e6:62:9f:
23:4b:46:94:8e:a1:07:2f:38:b8:37:9c:8b:ee:f6:
f3:fa:8a:42:3a:9f:88:f8:d3:20:5e:38:6f:53:86:
cf:37:83:57:3b:0b:c9:1d:66:07:bd:44:3a:51:57:
90:92:d3:19:87:91:16:36:ae:62:30:69:fe:69:87:
e2:a6:00:9a:4c:8d:f4:1c:46:57:e9:a5:5d:1b:a4:
8c:26:e0:ea:96:46:20:f3:7f:61:80:3b:cd:ca:9e:
92:15:46:87:68:51:b7:9c:54:28:04:f9:ef:f3:8a:
90:d8:34:66:0a:25:fe:94:81:ee:8c:5f:f6:94:36:
b1:9b:47:f4:c8:c5:2e:0c:45:53:88:aa:fd:c5:43:
33:4f:b0:e3:5f:ef:cf:73:32:72:cc:23:71:04:2a:
5f:b3:ed:13:93:0a:a5:bf:96:26:31:f1:01:36:d8:
0d:a5:ed:eb:c5:22:74:32:8e:a3:60:6e:b8:28:4b:
54:dd:13:5a:e7:66:7b:20:76:b2:3c:75:da:8a:b8:
7c:4e:36:a6:f5:bb:48:53:dd:09:45:69:0f:5f:af:
bd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D7:C6:10:95:A8:E4:49:54:E6:67:82:63:FF:54:11:62:06:AC:3E
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/sdfGEJWo5ElU5meCY_9UEWIGrD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
67:42:37:a5:f5:95:34:26:f2:79:ab:37:c6:77:3d:05:6a:be:
2b:92:e9:7b:8c:ba:68:64:de:32:92:4e:97:25:ee:20:95:60:
d3:ff:8c:c4:a3:b2:e7:6c:2a:3b:eb:2c:09:82:cf:ef:45:18:
5c:86:83:fb:ec:43:f3:94:42:a3:8d:14:1e:df:81:8c:fd:c4:
1c:cc:68:23:92:34:a1:e2:68:db:8a:b3:26:44:f0:c5:d8:9d:
76:be:b9:39:cd:e9:83:2b:2b:bb:a0:ea:1c:52:cb:6d:92:ac:
3c:11:5b:8d:42:f6:9e:41:01:7c:40:81:fa:29:c7:01:3c:55:
33:b1:f0:e2:8a:b1:fb:47:dc:de:ce:57:a6:c3:74:ec:f9:7f:
9b:1f:3e:13:0d:d1:62:c1:f7:0c:e2:f7:a3:f6:b0:9a:9e:d1:
e6:06:d0:24:5f:df:64:2c:6b:13:14:e3:ff:23:b2:6c:d0:db:
39:00:92:67:62:71:85:47:6f:6c:38:bc:fa:89:58:9b:73:68:
a9:aa:fe:a4:56:d1:52:8b:d2:3b:1c:11:3a:d9:3b:36:8c:b1:
9e:21:e4:47:44:84:56:85:1c:13:fc:79:5a:ff:2c:ce:f4:45:
80:3d:bb:f7:fe:6a:55:a6:db:bf:c0:f9:be:14:ca:ae:f8:ba:
04:53:b7:d2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXoemQHYzOadvyKduo/8ZIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMwMTkxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ3YzYxMDk1YThlNDQ5NTRlNjY3ODI2M2ZmNTQxMTYyMDZhYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTWp2hFXb2QPFyRsrB9eX5rsUoi+
ne4rwLRP+KEIABSz2f2O8JMrlYTmYp8jS0aUjqEHLzi4N5yL7vbz+opCOp+I+NMg
XjhvU4bPN4NXOwvJHWYHvUQ6UVeQktMZh5EWNq5iMGn+aYfipgCaTI30HEZX6aVd
G6SMJuDqlkYg839hgDvNyp6SFUaHaFG3nFQoBPnv84qQ2DRmCiX+lIHujF/2lDax
m0f0yMUuDEVTiKr9xUMzT7DjX+/PczJyzCNxBCpfs+0Tkwqlv5YmMfEBNtgNpe3r
xSJ0Mo6jYG64KEtU3RNa52Z7IHayPHXairh8Tjam9btIU90JRWkPX6+9iwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLHXxhCVqORJVOZngmP/VBFiBqw+MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvc2RmR0VKV281RWxVNW1lQ1lfOVVFV0lHckQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAZ0I3pfWVNCbyeas3xnc9BWq+
K5Lpe4y6aGTeMpJOlyXuIJVg0/+MxKOy52wqO+ssCYLP70UYXIaD++xD85RCo40U
Ht+BjP3EHMxoI5I0oeJo24qzJkTwxdiddr65Oc3pgysru6DqHFLLbZKsPBFbjUL2
nkEBfECB+inHATxVM7Hw4oqx+0fc3s5XpsN07Pl/mx8+Ew3RYsH3DOL3o/awmp7R
5gbQJF/fZCxrExTj/yOybNDbOQCSZ2JxhUdvbDi8+olYm3Noqar+pFbRUovSOxwR
Otk7NoyxniHkR0SEVoUcE/x5Wv8szvRFgD279/5qVabbv8D5vhTKrvi6BFO30g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:10:30 2025 by rpki-client