Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wiiBGUL81shyhvqaFlwUFdqUi6A.roa
File: wiiBGUL81shyhvqaFlwUFdqUi6A.roa (raw, json)
Hash identifier: nFRpPcg/WwT+PnAAV9nsNkqBwnJ0ayiOox2D2nUKzDw=
Subject key identifier: C2:28:81:19:42:FC:D6:C8:72:86:FA:9A:16:5C:14:15:DA:94:8B:A0
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EA66F0B81A42ADEB712D8E78E153C368
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wiiBGUL81shyhvqaFlwUFdqUi6A.roa
Signing time: Mon 31 Mar 2025 04:12:49 +0000
ROA not before: Mon 31 Mar 2025 04:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:66:f0:b8:1a:42:ad:eb:71:2d:8e:78:e1:53:c3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 04:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c228811942fcd6c87286fa9a165c1415da948ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c7:3f:81:c2:a6:c5:3f:01:30:3b:90:cc:e4:
0e:56:bc:40:33:0f:76:f4:ce:1b:a2:33:cb:54:0b:
43:45:aa:62:6b:d1:85:f5:ad:e3:4b:54:20:67:cd:
a6:0e:69:e6:8f:1c:03:79:83:94:c2:7a:72:36:c3:
ff:7a:44:f9:c5:96:cd:93:b6:42:e3:19:54:79:c0:
b2:e4:71:cd:86:da:52:c1:b5:05:f2:49:41:e4:7e:
ae:16:c9:6e:51:ff:49:96:11:83:dd:ef:8b:71:1a:
ed:36:c7:d3:01:fe:3f:d9:ea:71:53:fb:0c:bd:36:
f6:f3:a6:1a:28:a4:28:48:ef:02:d0:6e:3a:91:eb:
5e:a0:97:1b:3a:d5:38:6f:d6:ab:9a:c7:06:a1:15:
35:7b:9c:61:18:9f:2c:30:2d:bb:fb:f1:a0:a1:5a:
4c:45:59:a1:12:c3:35:2d:0c:57:da:bd:c8:04:76:
14:c7:40:32:e5:d8:31:aa:81:e8:2b:22:b5:73:2a:
65:c8:00:5b:31:e4:94:95:1d:78:5f:ce:9b:6c:12:
da:77:6c:42:01:1a:1b:df:85:7a:f4:15:09:15:46:
3e:fb:d7:04:3a:30:77:e4:14:50:f5:cd:04:b0:21:
bf:01:b2:cd:57:e7:db:01:0a:7a:a9:95:4b:31:2d:
98:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:28:81:19:42:FC:D6:C8:72:86:FA:9A:16:5C:14:15:DA:94:8B:A0
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wiiBGUL81shyhvqaFlwUFdqUi6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
90:69:1a:67:b8:8b:7e:4f:99:0a:2d:1b:54:51:60:86:52:d0:
d3:f9:64:5e:95:d2:32:c7:b9:0d:70:e4:98:e1:02:73:94:a6:
f9:d2:63:7a:2d:a8:84:79:0c:3d:d2:24:05:ac:f3:63:e4:bb:
d3:3f:10:b0:0f:60:d7:5b:01:cb:28:17:9e:2e:a3:8e:cd:27:
36:d2:ae:74:32:1d:7e:30:0f:30:04:ac:22:2e:40:32:13:0c:
47:d2:d2:91:47:31:ef:a8:9f:23:1f:f0:02:35:1d:98:be:9d:
53:36:10:ca:6c:79:9b:68:ef:36:41:72:5d:8c:ce:75:37:f3:
82:b7:3c:e9:a1:5b:31:36:18:3e:21:f9:df:44:14:a3:4c:ec:
1e:b3:01:50:7a:e3:a4:3e:11:b0:18:85:01:7e:1a:05:48:f7:
d2:db:29:d7:41:3d:5e:41:d7:bb:85:5b:db:e7:de:a1:5b:93:
c6:af:97:bf:7d:0e:bf:6b:fc:1e:34:16:09:55:b7:aa:3b:f3:
43:1c:5b:f4:c6:d1:44:8f:77:b0:03:5c:12:44:82:72:63:e4:
5c:f8:7f:30:5e:f7:33:2b:f5:ac:42:d4:9c:3f:b7:9b:1f:49:
b0:72:b9:02:ba:dd:a0:77:40:4b:7d:11:af:50:30:4b:97:a7:
0f:da:28:9d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXqZvC4GkKt63EtjnjhU8NoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMDQxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI4ODExOTQyZmNkNmM4NzI4NmZhOWExNjVjMTQxNWRhOTQ4YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMc/gcKmxT8BMDuQzOQOVrxAMw92
9M4bojPLVAtDRapia9GF9a3jS1QgZ82mDmnmjxwDeYOUwnpyNsP/ekT5xZbNk7ZC
4xlUecCy5HHNhtpSwbUF8klB5H6uFsluUf9JlhGD3e+LcRrtNsfTAf4/2epxU/sM
vTb286YaKKQoSO8C0G46keteoJcbOtU4b9armscGoRU1e5xhGJ8sMC27+/GgoVpM
RVmhEsM1LQxX2r3IBHYUx0Ay5dgxqoHoKyK1cyplyABbMeSUlR14X86bbBLad2xC
ARob34V69BUJFUY++9cEOjB35BRQ9c0EsCG/AbLNV+fbAQp6qZVLMS2YbQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMIogRlC/NbIcob6mhZcFBXalIugMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvd2lpQkdVTDgxc2h5aHZxYUZsd1VGZHFVaTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAkGkaZ7iLfk+ZCi0bVFFghlLQ
0/lkXpXSMse5DXDkmOECc5Sm+dJjei2ohHkMPdIkBazzY+S70z8QsA9g11sByygX
ni6jjs0nNtKudDIdfjAPMASsIi5AMhMMR9LSkUcx76ifIx/wAjUdmL6dUzYQymx5
m2jvNkFyXYzOdTfzgrc86aFbMTYYPiH530QUo0zsHrMBUHrjpD4RsBiFAX4aBUj3
0tsp10E9XkHXu4Vb2+feoVuTxq+Xv30Ov2v8HjQWCVW3qjvzQxxb9MbRRI93sANc
EkSCcmPkXPh/MF73Myv1rELUnD+3mx9JsHK5ArrdoHdAS30Rr1AwS5enD9oonQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:31 2025 by rpki-client