Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yOssROq5v21qynxW4DjCcBTVHsU.roa
File: yOssROq5v21qynxW4DjCcBTVHsU.roa (raw, json)
Hash identifier: 4QKEvY+ymYitcCPSB8JRYHJK4wj2RL9EAJdRmSoV+Y4=
Subject key identifier: C8:EB:2C:44:EA:B9:BF:6D:6A:CA:7C:56:E0:38:C2:70:14:D5:1E:C5
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EAD6A419F139A13F60F40D75383FB21E
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yOssROq5v21qynxW4DjCcBTVHsU.roa
Signing time: Mon 31 Mar 2025 06:14:49 +0000
ROA not before: Mon 31 Mar 2025 06:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:d6:a4:19:f1:39:a1:3f:60:f4:0d:75:38:3f:b2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 06:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8eb2c44eab9bf6d6aca7c56e038c27014d51ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ac:65:40:2d:c7:81:74:63:da:30:21:5f:62:
2c:c7:9f:ad:46:93:75:b7:9b:25:34:20:94:cc:44:
bd:b6:87:49:60:c5:90:49:63:87:a7:a7:dc:9f:85:
a6:a2:f2:f4:26:76:f1:37:7f:d4:92:f7:68:b3:0d:
07:68:75:13:d0:3a:ad:7b:a0:e3:b7:0a:fd:d1:28:
60:15:01:7e:21:9c:cf:38:5d:3e:9f:f1:25:61:63:
88:2a:1a:4d:3e:75:18:a9:d2:6f:5f:96:76:76:80:
de:f5:71:9f:e0:e0:f0:d5:1b:94:07:8c:01:b4:d8:
d5:89:24:a3:79:bb:27:e9:1b:a6:7d:15:71:b1:a4:
44:77:55:e3:f9:8b:c3:44:d0:e6:54:e7:71:9a:e4:
c3:36:0e:61:30:9e:d7:64:0e:60:74:bd:74:f8:09:
39:bd:51:32:43:b3:60:0c:06:55:92:c3:db:74:f1:
ca:e1:77:34:bd:2b:ab:a3:65:7a:8b:7f:34:51:1c:
89:b5:c1:2d:3b:6b:a8:47:52:02:0d:94:89:0f:dd:
21:5f:97:22:ef:21:36:d6:ce:5f:01:ba:fb:1f:c1:
af:10:91:9b:e5:05:23:41:9e:74:3d:8e:04:af:a1:
73:db:19:76:cb:16:ae:98:00:78:cc:83:7b:7a:05:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EB:2C:44:EA:B9:BF:6D:6A:CA:7C:56:E0:38:C2:70:14:D5:1E:C5
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yOssROq5v21qynxW4DjCcBTVHsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
37:28:63:43:f5:a6:15:6c:b0:22:ee:36:57:09:b9:fb:38:0b:
69:42:72:fb:7b:e2:6b:1d:72:f7:7c:3d:16:a2:3d:8d:d7:c4:
5e:02:30:7f:75:dd:7c:31:9b:56:0e:d2:51:55:75:f1:9d:0c:
91:22:89:c5:eb:29:9f:ff:3f:d3:4f:26:28:aa:12:b3:bc:eb:
a0:9f:a0:77:f8:60:ff:f2:da:bc:8e:a3:f7:88:ab:0f:4f:0d:
4e:ce:01:bb:81:8d:d2:51:e6:08:fd:b1:a3:e8:37:31:4f:b5:
19:e4:e1:cb:ab:cd:6e:5d:e6:14:cd:32:01:b2:22:4d:0f:2d:
47:33:e0:40:d0:f1:d9:be:98:7a:e3:51:ee:9f:05:4e:1e:a5:
19:f2:cc:40:6f:3b:72:01:10:6d:d0:b9:e3:33:a7:c2:00:8a:
b4:a4:96:25:b4:f4:06:40:47:2c:d4:c1:7a:fc:c9:bd:23:ea:
3e:b6:89:6e:08:bc:13:4e:83:a6:fa:eb:91:dd:5f:0b:22:81:
d5:1c:2f:a0:ac:89:43:ab:19:23:7a:b7:81:ce:2c:f7:28:80:
43:89:81:bf:fc:05:1c:5a:be:03:74:23:94:f5:dc:64:11:03:
f2:93:31:e9:4d:25:a5:36:df:6e:9c:43:0d:49:81:c0:ee:81:
78:8c:c1:bf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXq1qQZ8TmhP2D0DXU4P7IeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMDYxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGViMmM0NGVhYjliZjZkNmFjYTdjNTZlMDM4YzI3MDE0ZDUxZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6xlQC3HgXRj2jAhX2Isx5+tRpN1
t5slNCCUzES9todJYMWQSWOHp6fcn4WmovL0JnbxN3/Ukvdosw0HaHUT0Dqte6Dj
twr90ShgFQF+IZzPOF0+n/ElYWOIKhpNPnUYqdJvX5Z2doDe9XGf4ODw1RuUB4wB
tNjViSSjebsn6RumfRVxsaREd1Xj+YvDRNDmVOdxmuTDNg5hMJ7XZA5gdL10+Ak5
vVEyQ7NgDAZVksPbdPHK4Xc0vSuro2V6i380URyJtcEtO2uoR1ICDZSJD90hX5ci
7yE21s5fAbr7H8GvEJGb5QUjQZ50PY4Er6Fz2xl2yxaumAB4zIN7egXodwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMjrLETqub9tasp8VuA4wnAU1R7FMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEveU9zc1JPcTV2MjFxeW54VzREakNjQlRWSHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEANyhjQ/WmFWywIu42Vwm5+zgL
aUJy+3viax1y93w9FqI9jdfEXgIwf3XdfDGbVg7SUVV18Z0MkSKJxespn/8/008m
KKoSs7zroJ+gd/hg//LavI6j94irD08NTs4Bu4GN0lHmCP2xo+g3MU+1GeThy6vN
bl3mFM0yAbIiTQ8tRzPgQNDx2b6YeuNR7p8FTh6lGfLMQG87cgEQbdC54zOnwgCK
tKSWJbT0BkBHLNTBevzJvSPqPraJbgi8E06Dpvrrkd1fCyKB1RwvoKyJQ6sZI3q3
gc4s9yiAQ4mBv/wFHFq+A3QjlPXcZBED8pMx6U0lpTbfbpxDDUmBwO6BeIzBvw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:14:11 2025 by rpki-client