Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/uG38OPC0My_fTNArkAgp-7k8foE.roa
File: uG38OPC0My_fTNArkAgp-7k8foE.roa (raw, json)
Hash identifier: mTLMEUAoGgyvXDC9aJXx1UhQtLWASAIvGUrsy1fHNGQ=
Subject key identifier: B8:6D:FC:38:F0:B4:33:2F:DF:4C:D0:2B:90:08:29:FB:B9:3C:7E:81
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DDC0B96A3ECF47CF51D30D075CF7B545
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/uG38OPC0My_fTNArkAgp-7k8foE.roa
Signing time: Fri 28 Mar 2025 17:15:49 +0000
ROA not before: Fri 28 Mar 2025 17:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:c0:b9:6a:3e:cf:47:cf:51:d3:0d:07:5c:f7:b5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 17:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b86dfc38f0b4332fdf4cd02b900829fbb93c7e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f0:71:39:f1:78:3a:0e:13:e1:99:9d:c8:ce:
dd:e9:c3:1c:ed:a0:bc:e1:82:a0:c6:02:30:3a:e6:
5e:b2:93:32:6b:e7:10:45:49:87:2b:f1:c9:2f:ac:
10:d3:57:9c:b1:29:ec:76:0b:0a:70:fb:9d:12:e6:
62:8e:25:f6:bd:a3:e0:96:f9:d0:d6:35:be:20:54:
21:3b:7f:35:31:a4:35:3e:15:c4:c7:a4:de:8a:47:
83:4c:62:c2:0e:2e:bd:40:be:0e:be:ea:40:d5:ca:
ca:83:67:2a:cc:a1:89:bc:8b:96:cb:97:7d:e1:26:
7e:bb:d8:09:76:a1:8a:d5:a9:fb:48:eb:bb:de:99:
91:4b:ee:47:16:d6:82:02:a4:d6:c2:0d:2c:51:f2:
3c:d1:ae:23:da:9b:0f:de:22:b3:2e:a6:22:38:6b:
05:2c:0d:28:78:96:15:ae:83:aa:24:b7:94:45:bd:
af:de:bf:25:92:e8:c9:8d:f0:9f:0c:2d:6d:b5:d2:
3b:21:e9:5d:c5:db:a4:4d:95:c2:3b:7f:f8:3b:44:
15:5f:8e:00:0c:80:3a:e8:cd:a8:2a:3e:b8:d9:33:
e1:6a:2d:d3:84:57:f2:b3:e8:56:25:6c:a2:83:19:
dd:03:4b:d0:51:51:e8:53:52:d3:6b:7f:5a:9c:b6:
aa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6D:FC:38:F0:B4:33:2F:DF:4C:D0:2B:90:08:29:FB:B9:3C:7E:81
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/uG38OPC0My_fTNArkAgp-7k8foE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
5b:6b:ed:01:68:c2:0b:87:ae:1b:99:ed:3d:c8:ad:a5:c9:69:
ec:0a:c5:66:3c:86:6d:ef:ec:b4:3e:09:51:19:8e:db:7c:4e:
dd:fb:eb:e2:85:65:cd:e6:b3:42:c4:e4:22:32:52:96:9d:1e:
bd:23:ad:08:57:0a:30:7c:e8:e5:96:2a:7a:4d:67:dc:54:35:
1c:42:3c:c5:05:10:a0:28:23:13:fd:86:39:d3:16:02:92:55:
82:90:92:00:69:4c:3a:2d:69:4e:a7:db:39:bd:86:d8:9d:b5:
25:8d:13:c1:a6:18:9b:1f:df:8a:c9:5c:9f:75:77:0d:1e:e0:
fe:b6:fd:f5:41:c9:d2:29:82:05:63:5b:3a:b9:9d:6b:8b:c8:
34:d1:66:91:31:75:47:f7:3b:d3:7b:d8:c3:08:2f:74:89:87:
6b:23:7a:0f:1d:82:35:24:b7:f9:b9:fe:3c:60:36:23:18:d5:
22:f2:ee:9c:e3:6f:78:1d:d0:c9:fa:9f:fa:83:3c:6f:3d:a0:
65:53:52:93:db:33:d9:d4:3e:ee:29:b1:0b:18:b3:be:96:d0:
50:c3:aa:2a:d7:26:dd:a5:a2:27:24:c1:ed:d1:cc:5b:c0:6d:
e8:b7:6e:f4:78:fa:c0:af:ff:36:87:ed:d8:5f:64:ce:99:4a:
cf:9b:8c:4d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXdwLlqPs9Hz1HTDQdc97VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MTcxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZkZmMzOGYwYjQzMzJmZGY0Y2QwMmI5MDA4MjlmYmI5M2M3ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/BxOfF4Og4T4ZmdyM7d6cMc7aC8
4YKgxgIwOuZespMya+cQRUmHK/HJL6wQ01ecsSnsdgsKcPudEuZijiX2vaPglvnQ
1jW+IFQhO381MaQ1PhXEx6TeikeDTGLCDi69QL4OvupA1crKg2cqzKGJvIuWy5d9
4SZ+u9gJdqGK1an7SOu73pmRS+5HFtaCAqTWwg0sUfI80a4j2psP3iKzLqYiOGsF
LA0oeJYVroOqJLeURb2v3r8lkujJjfCfDC1ttdI7IeldxdukTZXCO3/4O0QVX44A
DIA66M2oKj642TPhai3ThFfys+hWJWyigxndA0vQUVHoU1LTa39anLaqcQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLht/DjwtDMv30zQK5AIKfu5PH6BMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvdUczOE9QQzBNeV9mVE5BcmtBZ3AtN2s4Zm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAW2vtAWjCC4euG5ntPcitpclp
7ArFZjyGbe/stD4JURmO23xO3fvr4oVlzeazQsTkIjJSlp0evSOtCFcKMHzo5ZYq
ek1n3FQ1HEI8xQUQoCgjE/2GOdMWApJVgpCSAGlMOi1pTqfbOb2G2J21JY0TwaYY
mx/fislcn3V3DR7g/rb99UHJ0imCBWNbOrmda4vINNFmkTF1R/c703vYwwgvdImH
ayN6Dx2CNSS3+bn+PGA2IxjVIvLunONveB3Qyfqf+oM8bz2gZVNSk9sz2dQ+7imx
CxizvpbQUMOqKtcm3aWiJyTB7dHMW8Bt6Ldu9Hj6wK//Noft2F9kzplKz5uMTQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:02 2025 by rpki-client