Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-3l_6pcEuvK0laFyY7UMXODdh8.roa
File: 1-3l_6pcEuvK0laFyY7UMXODdh8.roa (raw, json)
Hash identifier: WstaPuOmNQYfFT36uEYO9Tf3t0P+vEDx+PkMrag/eD8=
Subject key identifier: D7:ED:E5:FF:AA:5C:12:EB:CA:D2:56:85:C9:8E:D4:31:73:83:76:1F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F9A3168007EDD7431AA7F97FD3FE8487
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-3l_6pcEuvK0laFyY7UMXODdh8.roa
Signing time: Thu 03 Apr 2025 03:12:49 +0000
ROA not before: Thu 03 Apr 2025 03:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f9:a3:16:80:07:ed:d7:43:1a:a7:f9:7f:d3:fe:84:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 03:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7ede5ffaa5c12ebcad25685c98ed4317383761f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3b:0d:13:e7:7f:1b:c9:ad:e8:f3:81:9f:74:
cb:5b:05:25:f6:48:91:9c:f7:e4:fd:40:8f:6d:e4:
22:8d:c2:bf:e7:ab:3e:9f:d2:d8:66:8b:35:0d:60:
b3:aa:14:e8:76:8b:ea:3f:a0:44:db:d0:04:a4:e4:
64:12:04:3d:96:b5:90:e1:60:d8:f6:ed:37:b7:af:
07:ea:b5:6d:34:b7:67:fa:23:fa:c2:21:02:c1:f7:
d6:65:16:d5:74:a0:3c:1f:da:44:33:cf:47:7c:7e:
e5:3b:89:35:e3:53:ce:66:d2:c2:8a:43:34:ff:bb:
3e:7b:52:89:8f:69:13:17:7a:ca:73:c4:6e:43:b8:
c1:b6:86:2e:c2:77:eb:e4:92:ba:e3:1a:f6:77:8a:
c0:ce:65:ca:12:47:a0:0f:2b:bc:2a:0e:62:66:44:
da:c4:67:4c:85:44:e6:9e:ad:a8:a9:7a:3a:b6:ef:
ac:ed:a8:25:e1:9f:cd:79:40:42:a6:a4:ad:e2:5d:
8d:99:00:b9:3b:42:95:d3:15:3a:32:65:5a:f0:21:
80:a1:91:8e:bb:00:5c:77:eb:08:a2:b4:11:66:4a:
4f:00:87:67:81:53:75:85:82:7c:3e:ce:aa:e4:d8:
c6:f9:01:dc:67:96:ac:a5:ce:1e:61:5c:91:27:6f:
07:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:ED:E5:FF:AA:5C:12:EB:CA:D2:56:85:C9:8E:D4:31:73:83:76:1F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/1-3l_6pcEuvK0laFyY7UMXODdh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
7e:d9:33:8b:bd:cf:20:de:7a:85:21:9c:58:25:2b:fe:51:5c:
09:72:7d:a3:ad:25:dc:d0:aa:bc:12:54:56:31:7c:bc:01:f7:
80:48:94:47:65:b8:f5:d9:d2:7c:40:6f:08:09:36:b0:11:51:
31:1e:d8:33:7d:96:b1:75:42:c4:69:54:9d:e3:d9:3a:07:5e:
80:6e:5b:1e:7d:7c:6b:4b:5d:c8:c5:eb:9d:20:7d:40:92:07:
dc:87:64:d5:57:84:5a:09:fb:c4:07:74:e2:58:c7:10:05:43:
b7:91:2f:8d:ac:9e:d2:20:91:70:4f:8a:23:ee:09:41:aa:b3:
ff:0e:85:27:e4:10:1f:87:67:9f:bf:e2:e1:9b:0e:ca:15:5e:
77:e3:52:47:01:2f:9b:c9:bd:78:1b:94:0f:6b:56:d6:1a:3d:
32:03:af:3a:6a:ab:af:5c:28:1c:09:42:f4:37:f1:87:c4:18:
6a:4a:69:9c:2b:ee:e5:bd:ab:2b:36:b6:3e:25:fd:9e:3b:ef:
62:9a:0f:99:29:b4:2c:cc:02:e2:af:71:27:28:c9:83:25:3f:
36:da:ab:b5:c9:ad:ae:16:b7:8a:f8:dc:c1:5e:75:7a:2c:d5:
ce:20:58:71:43:a5:57:5d:1e:92:8d:44:2e:b1:13:86:c2:0b:
8e:15:ba:83
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX5oxaAB+3XQxqn+X/T/oSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMDMxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VkZTVmZmFhNWMxMmViY2FkMjU2ODVjOThlZDQzMTczODM3NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjsNE+d/G8mt6POBn3TLWwUl9kiR
nPfk/UCPbeQijcK/56s+n9LYZos1DWCzqhTodovqP6BE29AEpORkEgQ9lrWQ4WDY
9u03t68H6rVtNLdn+iP6wiECwffWZRbVdKA8H9pEM89HfH7lO4k141POZtLCikM0
/7s+e1KJj2kTF3rKc8RuQ7jBtoYuwnfr5JK64xr2d4rAzmXKEkegDyu8Kg5iZkTa
xGdMhUTmnq2oqXo6tu+s7agl4Z/NeUBCpqSt4l2NmQC5O0KV0xU6MmVa8CGAoZGO
uwBcd+sIorQRZkpPAIdngVN1hYJ8Ps6q5NjG+QHcZ5aspc4eYVyRJ28HCwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFNft5f+qXBLrytJWhcmO1DFzg3YfMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvMS0zbF82cGNFdXZLMGxhRnlZN1VNWE9EZGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAftkzi73PIN56hSGcWCUr/lFc
CXJ9o60l3NCqvBJUVjF8vAH3gEiUR2W49dnSfEBvCAk2sBFRMR7YM32WsXVCxGlU
nePZOgdegG5bHn18a0tdyMXrnSB9QJIH3Idk1VeEWgn7xAd04ljHEAVDt5Evjaye
0iCRcE+KI+4JQaqz/w6FJ+QQH4dnn7/i4ZsOyhVed+NSRwEvm8m9eBuUD2tW1ho9
MgOvOmqrr1woHAlC9Dfxh8QYakppnCvu5b2rKza2PiX9njvvYpoPmSm0LMwC4q9x
JyjJgyU/Ntqrtcmtrha3ivjcwV51eizVziBYcUOlV10eko1ELrEThsILjhW6gw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:31:42 2025 by rpki-client