Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/3gO5ePncqgC6lDHgm-2pGmrBcGU.roa
File: 3gO5ePncqgC6lDHgm-2pGmrBcGU.roa (raw, json)
Hash identifier: hT7rCg2jJZ9blzPclOqYs52o9j8cc2ETUeno8mG1WX0=
Subject key identifier: DE:03:B9:78:F9:DC:AA:00:BA:94:31:E0:9B:ED:A9:1A:6A:C1:70:65
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F8C8472DB7FB4EE3BC1CEB84B1474E95
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/3gO5ePncqgC6lDHgm-2pGmrBcGU.roa
Signing time: Wed 02 Apr 2025 23:13:49 +0000
ROA not before: Wed 02 Apr 2025 23:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f8:c8:47:2d:b7:fb:4e:e3:bc:1c:eb:84:b1:47:4e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 2 23:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de03b978f9dcaa00ba9431e09beda91a6ac17065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:f7:2a:62:d7:51:ca:4b:f8:90:bf:3b:e4:
e5:69:66:7c:bb:76:57:93:f1:5e:81:a3:24:3f:ae:
19:91:69:e0:01:c0:53:a7:50:b8:2f:fd:cd:ee:33:
05:53:64:19:8e:5c:2a:42:53:5a:7f:86:c4:8f:0b:
74:8a:d0:b6:97:fe:26:1c:f5:c8:c0:d5:3b:86:a6:
41:8e:48:84:97:e4:41:56:a9:a7:eb:2e:48:b7:2b:
0c:f4:f6:ae:0c:6b:ef:cf:73:13:22:5d:ed:8e:b0:
ad:5a:1f:29:cf:ab:b2:f0:2f:79:58:2a:87:f0:49:
6e:73:08:5a:97:3e:3a:04:9c:bc:74:1c:d0:5a:b6:
2d:83:fb:05:1c:09:41:7b:18:b5:7a:7c:03:69:b3:
1d:37:97:6f:2c:e1:e6:75:04:cf:22:c0:67:9e:dd:
1d:8a:3a:e3:b9:57:a6:dd:1e:f4:c0:c4:46:59:b4:
db:a0:29:1c:d5:8d:4f:4e:bd:fa:25:fe:6d:9e:1a:
56:5d:09:c9:76:d6:21:a9:18:7a:08:fa:39:b8:d5:
05:73:24:4c:22:9c:f5:b1:73:c1:ba:cd:11:65:53:
3f:1a:69:7b:f2:32:db:ed:3f:88:aa:aa:68:ea:87:
e5:7d:4a:c0:73:6d:77:1c:63:c9:06:01:5c:f8:f7:
3f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:03:B9:78:F9:DC:AA:00:BA:94:31:E0:9B:ED:A9:1A:6A:C1:70:65
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/3gO5ePncqgC6lDHgm-2pGmrBcGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
06:93:9b:ac:f9:86:c3:e7:6d:db:1e:b0:19:79:f6:a4:71:e5:
47:30:ef:88:a8:78:4b:e0:9f:66:69:af:3e:d1:2e:cb:26:c3:
12:b7:bc:d6:d2:05:70:58:d1:f2:e2:86:f5:38:0b:80:27:a0:
f4:dc:db:e0:7c:67:96:53:9f:bb:09:bf:ca:e2:ae:c1:8e:c0:
2e:21:6e:46:f7:b5:b1:b9:f3:54:de:56:19:ab:b2:2b:cf:86:
bb:f9:ca:55:4e:19:06:9b:18:0d:8e:1c:f5:37:87:d7:00:d9:
40:e0:46:4e:55:b9:c8:71:b0:07:e2:9b:ef:db:45:48:3f:f4:
0e:df:7d:9f:55:a7:9a:88:20:7c:ea:76:f0:78:c9:92:88:64:
20:0a:49:92:49:00:84:70:cf:29:00:10:ef:18:73:64:5a:7b:
91:c4:57:b7:c7:c8:81:58:01:09:6b:76:c8:44:fe:46:16:8c:
35:44:f9:8d:79:78:49:89:ac:fd:03:43:fa:bc:c0:48:e6:d3:
0d:09:9d:26:d4:85:4c:a5:96:73:7d:d8:9d:ac:1d:44:98:b2:
f5:5b:97:d8:a8:c5:93:c2:bc:af:78:71:44:e3:1b:2d:29:cc:
d5:f5:a2:43:19:59:24:76:7d:b4:23:3f:1e:3f:86:d6:a2:f2:
26:3c:60:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX4yEctt/tO47wc64SxR06VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAyMjMxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAzYjk3OGY5ZGNhYTAwYmE5NDMxZTA5YmVkYTkxYTZhYzE3MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj33KmLXUcpL+JC/O+TlaWZ8u3ZX
k/FegaMkP64ZkWngAcBTp1C4L/3N7jMFU2QZjlwqQlNaf4bEjwt0itC2l/4mHPXI
wNU7hqZBjkiEl+RBVqmn6y5ItysM9PauDGvvz3MTIl3tjrCtWh8pz6uy8C95WCqH
8Elucwhalz46BJy8dBzQWrYtg/sFHAlBexi1enwDabMdN5dvLOHmdQTPIsBnnt0d
ijrjuVem3R70wMRGWbTboCkc1Y1PTr36Jf5tnhpWXQnJdtYhqRh6CPo5uNUFcyRM
Ipz1sXPBus0RZVM/Gml78jLb7T+Iqqpo6oflfUrAc213HGPJBgFc+Pc/cwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFN4DuXj53KoAupQx4JvtqRpqwXBlMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvM2dPNWVQbmNxZ0M2bERIZ20tMnBHbXJCY0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEABpObrPmGw+dt2x6wGXn2pHHl
RzDviKh4S+CfZmmvPtEuyybDEre81tIFcFjR8uKG9TgLgCeg9Nzb4HxnllOfuwm/
yuKuwY7ALiFuRve1sbnzVN5WGauyK8+Gu/nKVU4ZBpsYDY4c9TeH1wDZQOBGTlW5
yHGwB+Kb79tFSD/0Dt99n1WnmoggfOp28HjJkohkIApJkkkAhHDPKQAQ7xhzZFp7
kcRXt8fIgVgBCWt2yET+RhaMNUT5jXl4SYms/QND+rzASObTDQmdJtSFTKWWc33Y
nawdRJiy9VuX2KjFk8K8r3hxROMbLSnM1fWiQxlZJHZ9tCM/Hj+G1qLyJjxgfw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:37:07 2025 by rpki-client