Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0YssW0A1F3YjVtnKX_wOM--33jw.roa
File: 0YssW0A1F3YjVtnKX_wOM--33jw.roa (raw, json)
Hash identifier: ec+6op84+irYEyvt2pPiF1VEOMwVwbIV+pzwpDhmngA=
Subject key identifier: D1:8B:2C:5B:40:35:17:76:23:56:D9:CA:5F:FC:0E:33:EF:B7:DE:3C
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195AD012B0B0B59B9B4A62007C80A4ED612
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0YssW0A1F3YjVtnKX_wOM--33jw.roa
Signing time: Wed 19 Mar 2025 06:04:49 +0000
ROA not before: Wed 19 Mar 2025 06:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:ad00:8109/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:01:2b:0b:0b:59:b9:b4:a6:20:07:c8:0a:4e:d6:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 19 06:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d18b2c5b403517762356d9ca5ffc0e33efb7de3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ab:59:b7:09:f8:c9:a8:9c:c9:b1:dd:30:4a:
08:07:41:87:3a:be:47:4b:4a:46:3f:7c:8a:7e:43:
a4:19:e2:df:01:f0:18:a3:28:c2:bc:e8:6a:d9:a9:
71:08:fe:2d:24:b4:5b:06:65:08:92:96:d1:8b:ba:
3c:7d:73:b4:a2:05:a2:98:46:86:ad:ec:30:83:f3:
94:dc:d5:e8:a5:7f:67:f0:bd:7f:3e:08:29:46:84:
78:40:fb:72:eb:07:0b:df:9d:02:79:31:ed:93:b6:
61:06:83:11:e1:c7:51:c0:a2:ed:03:58:fa:b3:97:
64:1b:57:3f:1b:21:d5:d2:27:74:9f:65:a2:13:f0:
4b:3e:12:4e:2a:2a:94:88:4d:d2:de:36:1a:54:90:
fa:60:55:26:be:34:35:f6:43:9b:71:a8:27:31:45:
8b:da:f6:51:13:ea:82:a1:bc:e4:3f:3d:e0:f5:09:
1c:b8:5a:18:d3:4b:a1:86:a6:69:c8:50:e3:de:8b:
96:bf:b7:6a:21:d4:c3:7f:13:58:1d:94:4c:da:02:
8c:1b:ff:4c:55:93:c2:72:76:23:f3:16:aa:a1:15:
d1:da:7c:e3:38:87:5a:e5:43:2e:25:2e:2e:d4:bd:
85:de:3c:ef:16:36:ab:39:63:87:32:17:d7:a9:cb:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8B:2C:5B:40:35:17:76:23:56:D9:CA:5F:FC:0E:33:EF:B7:DE:3C
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/0YssW0A1F3YjVtnKX_wOM--33jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:ad00:8109/128
Signature Algorithm: sha256WithRSAEncryption
15:f0:bf:f7:e4:c6:f2:ac:1f:fc:1a:d4:fe:cf:09:86:d3:53:
ec:00:64:67:80:e6:e8:6b:e2:5f:c4:73:8b:08:f7:e5:a3:90:
fc:a8:78:85:10:07:aa:74:88:89:30:52:0a:c4:0d:a8:db:a1:
1f:74:e2:e1:4d:63:54:49:b7:f5:bb:d6:d2:12:03:d2:00:8a:
dc:23:5b:23:bc:c8:95:3a:cd:0d:6e:4a:b0:26:81:36:87:c8:
ed:c4:94:57:4b:2b:25:32:65:5b:34:56:62:22:66:2d:3a:65:
d9:bc:28:f0:08:1f:a6:b0:a9:9c:36:a7:9a:fd:22:a3:a0:72:
da:50:e2:f6:97:40:c6:14:43:d7:61:9a:4e:ec:09:46:25:4e:
a1:9e:06:39:55:da:1a:ad:3f:f8:bb:f5:e7:a3:08:23:8b:bf:
fc:e3:2c:ad:a2:2b:0a:96:94:1a:91:92:1e:a8:38:90:3c:b4:
1f:fd:e4:2c:c2:6e:67:79:26:bf:46:38:a3:2b:7b:02:04:7b:
fd:8c:d1:7d:c0:f6:20:8f:59:5f:68:65:00:a6:cd:22:ab:c4:
1f:96:dc:cf:f1:f5:50:9a:df:5f:bf:17:b3:69:3d:28:2a:f5:
14:e8:c7:e2:2a:c4:08:d2:cd:0e:66:34:74:82:19:8a:bc:e6:
83:84:82:fd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWtASsLC1m5tKYgB8gKTtYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzE5MDYwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThiMmM1YjQwMzUxNzc2MjM1NmQ5Y2E1ZmZjMGUzM2VmYjdkZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6tZtwn4yaicybHdMEoIB0GHOr5H
S0pGP3yKfkOkGeLfAfAYoyjCvOhq2alxCP4tJLRbBmUIkpbRi7o8fXO0ogWimEaG
rewwg/OU3NXopX9n8L1/PggpRoR4QPty6wcL350CeTHtk7ZhBoMR4cdRwKLtA1j6
s5dkG1c/GyHV0id0n2WiE/BLPhJOKiqUiE3S3jYaVJD6YFUmvjQ19kObcagnMUWL
2vZRE+qCobzkPz3g9QkcuFoY00uhhqZpyFDj3ouWv7dqIdTDfxNYHZRM2gKMG/9M
VZPCcnYj8xaqoRXR2nzjOIda5UMuJS4u1L2F3jzvFjarOWOHMhfXqcu8GQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNGLLFtANRd2I1bZyl/8DjPvt948MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvMFlzc1cwQTFGM1lqVnRuS1hfd09NLS0zM2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVrQCBCTANBgkqhkiG9w0BAQsFAAOCAQEAFfC/9+TG8qwf/BrU/s8JhtNT
7ABkZ4Dm6GviX8Rziwj35aOQ/Kh4hRAHqnSIiTBSCsQNqNuhH3Ti4U1jVEm39bvW
0hID0gCK3CNbI7zIlTrNDW5KsCaBNofI7cSUV0srJTJlWzRWYiJmLTpl2bwo8Agf
prCpnDanmv0io6By2lDi9pdAxhRD12GaTuwJRiVOoZ4GOVXaGq0/+Lv156MII4u/
/OMsraIrCpaUGpGSHqg4kDy0H/3kLMJuZ3kmv0Y4oyt7AgR7/YzRfcD2II9ZX2hl
AKbNIqvEH5bcz/H1UJrfX78Xs2k9KCr1FOjH4irECNLNDmY0dIIZirzmg4SC/Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:18:13 2025 by rpki-client