Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zHCU3XRm4mscWh4sjOznFhhu12k.roa
File: zHCU3XRm4mscWh4sjOznFhhu12k.roa (raw, json)
Hash identifier: x5ZkTUSqZaCqxsqViUiVulk54+haMXSEzuPSGhSKWLY=
Subject key identifier: CC:70:94:DD:74:66:E2:6B:1C:5A:1E:2C:8C:EC:E7:16:18:6E:D7:69
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195AEB89EEFBA05851D907595B650DC5D1E
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zHCU3XRm4mscWh4sjOznFhhu12k.roa
Signing time: Wed 19 Mar 2025 14:04:49 +0000
ROA not before: Wed 19 Mar 2025 14:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:aeb7:e688/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:b8:9e:ef:ba:05:85:1d:90:75:95:b6:50:dc:5d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 19 14:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc7094dd7466e26b1c5a1e2c8cece716186ed769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5c:15:89:57:9c:2e:b1:3c:17:da:ca:59:23:
5f:4d:11:7e:4a:c2:5b:d1:1c:c0:0d:4a:86:fd:92:
bb:68:aa:57:24:17:5e:2e:43:df:9f:2f:97:e2:08:
26:e4:e9:bc:99:6a:af:c5:cb:5f:a5:c1:1f:4f:0a:
d4:5a:40:a4:f3:31:15:4a:0b:7f:cc:8e:f9:1d:de:
60:26:de:9e:38:ca:93:f9:3b:95:a7:d7:23:90:68:
85:e6:05:7f:89:3d:64:58:67:1e:90:00:4a:9b:50:
7f:ce:f6:7f:d3:ab:fd:fb:2b:7b:e1:4b:e3:e1:de:
e9:51:fa:78:b3:1d:05:39:7a:a4:f5:73:dd:81:c6:
65:53:d0:e3:fa:53:d8:52:14:6b:69:62:2b:47:2a:
f2:ff:82:f6:30:43:ad:6f:92:7f:37:19:ff:be:e0:
52:85:24:19:cc:0b:8d:fe:2c:0c:f4:4b:f6:dc:c0:
41:bb:49:8d:e8:21:af:de:f6:c8:b9:57:3f:e9:62:
77:85:94:3b:e5:eb:db:9f:66:62:c0:d3:30:92:46:
49:47:0f:07:e8:b3:fb:dc:6b:7e:ca:62:6d:b5:74:
b0:1c:3a:6a:46:5c:ac:17:a2:2c:a9:d2:fe:4b:28:
fd:3f:ff:55:e0:be:2a:a1:38:aa:0e:63:e6:ef:2b:
48:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:70:94:DD:74:66:E2:6B:1C:5A:1E:2C:8C:EC:E7:16:18:6E:D7:69
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zHCU3XRm4mscWh4sjOznFhhu12k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:aeb7:e688/128
Signature Algorithm: sha256WithRSAEncryption
97:26:66:41:7d:e8:46:de:12:62:fc:df:4c:2f:27:c7:35:16:
c8:03:61:f1:dc:f3:49:a0:0a:61:ec:d9:a4:51:13:6c:d0:90:
19:fc:57:6a:30:3a:0c:e7:fb:2a:e6:b3:d0:d4:3d:07:6d:2d:
95:61:73:e3:29:8e:c6:f1:62:ff:9d:e9:25:97:51:e2:81:7e:
a8:e7:31:1e:31:a2:a8:ad:7b:c0:e2:e3:84:7a:e4:22:7e:9f:
3b:8f:14:99:d3:5e:7e:d7:c1:f3:10:26:bc:d2:fc:64:3c:a9:
46:b2:14:a9:5d:f5:b9:b3:84:cb:bc:9d:bb:df:c0:36:13:17:
a1:09:e4:e1:a6:65:94:23:95:36:f9:01:79:82:cc:c2:ac:de:
b8:31:fa:42:e8:c5:29:fc:e3:69:af:55:f6:99:a9:d5:cc:ca:
ab:b2:aa:c5:90:d6:71:06:23:dc:e5:85:81:7f:4e:b8:60:fe:
39:81:6c:4a:d7:b9:15:30:ea:fb:e9:45:41:d6:03:c8:ed:6d:
ab:7c:42:fe:98:4a:b2:0c:28:86:cf:68:7f:5e:14:7f:40:72:
95:fd:d2:46:36:3a:83:b8:42:ac:a5:e8:3f:71:9c:9d:ba:90:
56:63:f3:0a:92:46:59:95:87:a6:d2:8b:ce:79:27:c4:36:d0:
b8:6c:9f:fb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWuuJ7vugWFHZB1lbZQ3F0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzE5MTQwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcwOTRkZDc0NjZlMjZiMWM1YTFlMmM4Y2VjZTcxNjE4NmVkNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlwViVecLrE8F9rKWSNfTRF+SsJb
0RzADUqG/ZK7aKpXJBdeLkPfny+X4ggm5Om8mWqvxctfpcEfTwrUWkCk8zEVSgt/
zI75Hd5gJt6eOMqT+TuVp9cjkGiF5gV/iT1kWGcekABKm1B/zvZ/06v9+yt74Uvj
4d7pUfp4sx0FOXqk9XPdgcZlU9Dj+lPYUhRraWIrRyry/4L2MEOtb5J/Nxn/vuBS
hSQZzAuN/iwM9Ev23MBBu0mN6CGv3vbIuVc/6WJ3hZQ75evbn2ZiwNMwkkZJRw8H
6LP73Gt+ymJttXSwHDpqRlysF6IsqdL+Syj9P/9V4L4qoTiqDmPm7ytIMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMxwlN10ZuJrHFoeLIzs5xYYbtdpMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvekhDVTNYUm00bXNjV2g0c2pPem5GaGh1MTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVrrfmiDANBgkqhkiG9w0BAQsFAAOCAQEAlyZmQX3oRt4SYvzfTC8nxzUW
yANh8dzzSaAKYezZpFETbNCQGfxXajA6DOf7Kuaz0NQ9B20tlWFz4ymOxvFi/53p
JZdR4oF+qOcxHjGiqK17wOLjhHrkIn6fO48UmdNeftfB8xAmvNL8ZDypRrIUqV31
ubOEy7ydu9/ANhMXoQnk4aZllCOVNvkBeYLMwqzeuDH6QujFKfzjaa9V9pmp1czK
q7KqxZDWcQYj3OWFgX9OuGD+OYFsSte5FTDq++lFQdYDyO1tq3xC/phKsgwohs9o
f14Uf0Bylf3SRjY6g7hCrKXoP3GcnbqQVmPzCpJGWZWHptKLznknxDbQuGyf+w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:32:06 2025 by rpki-client