Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yZkQONroyxTE6jKFqNg9Hr9TLg8.roa
File: yZkQONroyxTE6jKFqNg9Hr9TLg8.roa (raw, json)
Hash identifier: 3SjSQetsuzzRa8lufBZIrG7+lKUmnVWDaWl/dJZierQ=
Subject key identifier: C9:99:10:38:DA:E8:CB:14:C4:EA:32:85:A8:D8:3D:1E:BF:53:2E:0F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F17C99EA587B16422FCDF7A3ADE62FB1
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yZkQONroyxTE6jKFqNg9Hr9TLg8.roa
Signing time: Tue 01 Apr 2025 13:13:49 +0000
ROA not before: Tue 01 Apr 2025 13:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:7c:99:ea:58:7b:16:42:2f:cd:f7:a3:ad:e6:2f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 13:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9991038dae8cb14c4ea3285a8d83d1ebf532e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e7:21:4b:73:83:d5:f9:74:a0:53:b6:0f:a8:
ed:df:71:b0:e9:37:e5:56:a5:e4:09:aa:11:36:32:
c1:35:5f:c6:34:27:8c:c2:07:cd:2a:e6:25:f4:c6:
02:11:5c:a7:a1:a6:67:62:f6:11:27:24:ee:87:71:
46:46:70:dd:87:82:74:ee:fa:11:cc:bb:f4:71:91:
4a:22:b1:44:3d:5c:4b:74:38:9d:5d:22:31:06:6b:
0c:93:ce:c9:ae:26:03:d6:71:fd:92:19:6a:8a:ea:
aa:25:54:8c:26:d0:28:20:08:c2:b4:91:96:53:21:
cc:47:e3:52:29:f1:41:c6:86:04:83:79:4f:f3:62:
58:ba:c5:d6:71:a5:2c:27:14:75:cb:3c:db:0e:7e:
44:7d:8e:f0:2b:77:0c:62:74:37:27:4d:b6:d3:fa:
aa:3d:71:f2:0f:f7:95:a2:36:82:ed:53:4a:6f:63:
03:f4:e2:5d:13:13:96:0c:21:22:00:4b:a7:cc:14:
b5:19:2e:d1:89:86:73:a5:bc:cc:49:80:2e:de:68:
fc:89:9f:b1:98:65:3b:bb:50:d0:80:83:41:4a:68:
ca:de:52:d1:42:14:96:48:0b:3f:54:2f:0f:3f:a3:
4f:55:c3:90:7a:82:61:33:db:4f:30:ff:f5:b1:5f:
a0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:99:10:38:DA:E8:CB:14:C4:EA:32:85:A8:D8:3D:1E:BF:53:2E:0F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/yZkQONroyxTE6jKFqNg9Hr9TLg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
2d:10:7a:df:89:b1:63:ab:df:0d:5e:f4:68:8c:72:17:b2:ae:
b7:3e:21:9f:74:74:38:85:89:7a:5c:6a:78:4d:73:4c:62:90:
c2:bb:ee:b1:4e:9c:81:5e:31:0f:de:f8:dd:78:80:b6:d1:52:
34:46:75:fc:7c:9d:06:70:73:ed:2c:0e:84:91:72:86:b8:b2:
ae:f2:05:d0:cc:09:96:67:b6:ab:d6:06:39:94:04:7f:68:0c:
66:03:ac:cf:d2:da:72:2c:3d:b1:3d:27:10:75:9e:bb:12:32:
ea:ee:b2:e8:62:35:98:e7:b4:51:13:b6:13:6c:2c:1d:49:b5:
47:bd:7a:76:62:1e:66:b7:a8:21:3d:51:d6:b6:98:26:44:10:
7d:6f:c5:8a:ef:de:4c:1e:d1:f5:cd:9e:b3:ba:0b:e7:25:0f:
f0:5d:54:68:c0:5f:41:8b:89:ac:01:18:a5:79:90:62:c6:46:
05:ed:a7:e2:b0:49:4b:d0:02:e9:12:42:44:5e:72:9d:99:56:
5f:8e:4d:e1:ea:05:b0:80:11:74:34:77:29:74:14:a1:ca:b0:
1d:5c:34:46:41:73:fe:84:9d:d9:40:de:d5:16:7d:97:05:88:
fb:56:48:a2:d5:3b:4b:18:61:5c:55:c9:e4:2c:03:7a:c3:ab:
0d:55:67:40
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXxfJnqWHsWQi/N96Ot5i+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMTMxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk5MTAzOGRhZThjYjE0YzRlYTMyODVhOGQ4M2QxZWJmNTMyZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+chS3OD1fl0oFO2D6jt33Gw6Tfl
VqXkCaoRNjLBNV/GNCeMwgfNKuYl9MYCEVynoaZnYvYRJyTuh3FGRnDdh4J07voR
zLv0cZFKIrFEPVxLdDidXSIxBmsMk87JriYD1nH9khlqiuqqJVSMJtAoIAjCtJGW
UyHMR+NSKfFBxoYEg3lP82JYusXWcaUsJxR1yzzbDn5EfY7wK3cMYnQ3J0220/qq
PXHyD/eVojaC7VNKb2MD9OJdExOWDCEiAEunzBS1GS7RiYZzpbzMSYAu3mj8iZ+x
mGU7u1DQgINBSmjK3lLRQhSWSAs/VC8PP6NPVcOQeoJhM9tPMP/1sV+geQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMmZEDja6MsUxOoyhajYPR6/Uy4PMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEveVprUU9Ocm95eFRFNmpLRnFOZzlIcjlUTGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEALRB634mxY6vfDV70aIxyF7Ku
tz4hn3R0OIWJelxqeE1zTGKQwrvusU6cgV4xD9743XiAttFSNEZ1/HydBnBz7SwO
hJFyhriyrvIF0MwJlme2q9YGOZQEf2gMZgOsz9Laciw9sT0nEHWeuxIy6u6y6GI1
mOe0URO2E2wsHUm1R716dmIeZreoIT1R1raYJkQQfW/Fiu/eTB7R9c2es7oL5yUP
8F1UaMBfQYuJrAEYpXmQYsZGBe2n4rBJS9AC6RJCRF5ynZlWX45N4eoFsIARdDR3
KXQUocqwHVw0RkFz/oSd2UDe1RZ9lwWI+1ZIotU7SxhhXFXJ5CwDesOrDVVnQA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:15 2025 by rpki-client