Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/vusgVthdL7-9Zww6eNFnsMEaCOg.roa
File: vusgVthdL7-9Zww6eNFnsMEaCOg.roa (raw, json)
Hash identifier: xbBthHj2/OCTJB4Wu203ZOOPk+CZD4Ih457SIULgI1M=
Subject key identifier: BE:EB:20:56:D8:5D:2F:BF:BD:67:0C:3A:78:D1:67:B0:C1:1A:08:E8
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E68B1616B2623885D51ED4EE0D346775
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/vusgVthdL7-9Zww6eNFnsMEaCOg.roa
Signing time: Sun 30 Mar 2025 10:13:49 +0000
ROA not before: Sun 30 Mar 2025 10:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e6:8b:16:16:b2:62:38:85:d5:1e:d4:ee:0d:34:67:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 30 10:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beeb2056d85d2fbfbd670c3a78d167b0c11a08e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:b7:d7:19:d6:2b:c5:0b:94:ac:e6:0c:b9:
aa:1f:96:6d:cf:1a:5b:ef:cd:dc:20:5b:90:a0:05:
89:4b:c0:a9:8b:d0:50:75:93:23:bb:33:9b:b0:7b:
fd:7a:58:ed:0d:e4:0e:d2:a8:61:34:9c:e0:e8:af:
b1:4b:0c:6e:76:f1:9b:b5:a4:4b:07:a1:d8:c1:21:
43:ca:6d:81:4f:33:cf:eb:c7:8e:0c:8b:44:b6:df:
9a:79:e5:89:60:6a:7b:e2:9c:f5:4b:16:a7:89:16:
1c:ee:a7:df:63:75:ac:67:b8:c0:9d:08:91:03:46:
9b:f1:19:29:73:da:ff:2d:a7:b7:17:ae:88:35:12:
d3:bd:ff:61:bb:c6:d1:d9:f3:12:88:d6:69:6e:a2:
6b:95:9a:47:34:8f:ca:b4:35:a2:67:7d:62:a0:c1:
db:fe:86:9e:aa:38:9e:22:b8:f6:16:27:a6:00:ad:
f8:9c:4a:e6:2b:60:73:b2:4f:51:77:79:c1:91:b4:
8e:8e:11:2c:0e:9a:41:f8:27:20:a5:72:88:4c:c3:
99:ba:f4:00:12:c9:ab:cd:fb:d0:ba:b1:82:06:3c:
26:0f:d9:aa:d3:20:ce:45:1e:a8:71:4e:3a:56:12:
ee:aa:b8:49:38:d0:5d:2c:f6:53:11:96:d1:b6:d6:
b6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EB:20:56:D8:5D:2F:BF:BD:67:0C:3A:78:D1:67:B0:C1:1A:08:E8
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/vusgVthdL7-9Zww6eNFnsMEaCOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
65:35:91:11:87:ce:c0:27:f4:6b:51:32:8b:fa:c6:dc:b6:c1:
09:48:43:a7:32:70:49:a8:6d:88:4f:9f:e9:7b:b0:ee:dc:a2:
dc:ea:31:47:2c:bf:48:68:03:db:db:c3:79:29:a5:82:c7:33:
8d:0d:fe:3e:26:84:f4:51:f2:c3:ea:08:67:cd:d6:ac:a2:ab:
db:67:ee:14:62:ad:52:72:11:76:9b:a1:51:87:9d:d3:df:7e:
c2:77:8a:31:9f:92:7f:f4:4c:b7:53:36:7a:97:23:6a:85:7a:
3b:ab:e8:09:e1:c8:48:4e:a4:49:ea:f6:2a:2b:8f:9c:6a:da:
74:90:70:7a:ac:bf:a5:e0:80:fa:38:bc:f3:a6:dd:18:1f:14:
87:7b:59:ff:06:49:bc:73:12:3f:38:9a:60:cd:a3:9e:6f:d0:
b6:04:a9:01:7f:7a:6d:1a:e8:8b:4b:69:0f:d4:ec:6a:e4:40:
fc:f1:d7:20:5d:a7:b9:72:e0:d4:8c:9f:63:09:2e:b2:79:8c:
ca:6d:8b:6e:1e:bc:7f:81:fb:b2:de:0e:84:e6:14:9e:35:e8:
7e:38:b7:6d:a1:97:33:77:d3:bc:78:64:ef:55:b5:42:3f:90:
31:44:5b:4f:e0:74:11:dd:5a:29:34:78:f1:b7:b4:27:b2:65:
ea:c6:66:a1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXmixYWsmI4hdUe1O4NNGd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMwMTAxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWViMjA1NmQ4NWQyZmJmYmQ2NzBjM2E3OGQxNjdiMGMxMWEwOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCe31xnWK8ULlKzmDLmqH5Ztzxpb
783cIFuQoAWJS8Cpi9BQdZMjuzObsHv9eljtDeQO0qhhNJzg6K+xSwxudvGbtaRL
B6HYwSFDym2BTzPP68eODItEtt+aeeWJYGp74pz1SxaniRYc7qffY3WsZ7jAnQiR
A0ab8Rkpc9r/Lae3F66INRLTvf9hu8bR2fMSiNZpbqJrlZpHNI/KtDWiZ31ioMHb
/oaeqjieIrj2FiemAK34nErmK2Bzsk9Rd3nBkbSOjhEsDppB+CcgpXKITMOZuvQA
EsmrzfvQurGCBjwmD9mq0yDORR6ocU46VhLuqrhJONBdLPZTEZbRtta2cwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL7rIFbYXS+/vWcMOnjRZ7DBGgjoMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvdnVzZ1Z0aGRMNy05Wnd3NmVORm5zTUVhQ09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAZTWREYfOwCf0a1Eyi/rG3LbB
CUhDpzJwSahtiE+f6Xuw7tyi3OoxRyy/SGgD29vDeSmlgsczjQ3+PiaE9FHyw+oI
Z83WrKKr22fuFGKtUnIRdpuhUYed099+wneKMZ+Sf/RMt1M2epcjaoV6O6voCeHI
SE6kSer2KiuPnGradJBweqy/peCA+ji886bdGB8Uh3tZ/wZJvHMSPziaYM2jnm/Q
tgSpAX96bRroi0tpD9TsauRA/PHXIF2nuXLg1IyfYwkusnmMym2Lbh68f4H7st4O
hOYUnjXofji3baGXM3fTvHhk71W1Qj+QMURbT+B0Ed1aKTR48be0J7Jl6sZmoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:22:16 2025 by rpki-client