Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CVfZyv6pHzgLL-39SaGV8NLrWlg.roa
File: CVfZyv6pHzgLL-39SaGV8NLrWlg.roa (raw, json)
Hash identifier: AvRqWfNAsFaP257UjQY7exEI33g/bTQpI/eMNfNvJjs=
Subject key identifier: 09:57:D9:CA:FE:A9:1F:38:0B:2F:ED:FD:49:A1:95:F0:D2:EB:5A:58
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F5904DB890350499F1E9079B8ED9F9F7
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CVfZyv6pHzgLL-39SaGV8NLrWlg.roa
Signing time: Wed 02 Apr 2025 08:13:49 +0000
ROA not before: Wed 02 Apr 2025 08:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:90:4d:b8:90:35:04:99:f1:e9:07:9b:8e:d9:f9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 2 08:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0957d9cafea91f380b2fedfd49a195f0d2eb5a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:33:f6:8c:86:b2:75:04:72:46:aa:be:4d:
1e:7a:a2:10:c6:5a:a0:43:35:ab:51:45:f3:96:4e:
af:23:3a:3b:99:80:bc:88:3e:88:64:55:c5:b5:a2:
21:2b:0f:f7:b9:c3:12:be:36:dd:20:90:5f:0a:fb:
dc:8c:26:ea:c3:34:50:73:a0:57:75:5b:9b:93:88:
ee:53:4f:40:de:f0:da:30:88:48:4e:f4:20:f1:cd:
30:4a:61:5b:dd:25:6b:d6:34:75:cc:97:41:43:e1:
37:55:8b:c5:06:70:a2:81:74:2b:f9:d8:9d:ae:1b:
9b:67:87:e7:35:62:d8:65:59:d2:79:51:63:e6:3d:
ee:8c:9c:8a:cb:cc:6d:ba:a9:19:9e:b6:8f:8b:16:
2c:3c:f5:b4:fd:15:83:13:43:b5:74:c7:a0:94:01:
57:9f:43:de:8d:4e:7a:58:1f:16:93:f3:53:31:d8:
73:c9:cc:58:da:99:28:b4:d3:79:42:0d:e2:e7:26:
a2:30:4e:b1:0b:43:2d:92:c2:fa:4b:9f:ed:e1:51:
a7:2f:c5:a4:d5:d1:d5:1f:34:4d:35:ca:ec:43:5d:
05:fe:9e:e1:0f:a9:ce:95:74:36:5a:dd:ad:95:0f:
4b:af:86:08:ad:a6:7d:89:5d:d9:cd:df:07:26:30:
af:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:57:D9:CA:FE:A9:1F:38:0B:2F:ED:FD:49:A1:95:F0:D2:EB:5A:58
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CVfZyv6pHzgLL-39SaGV8NLrWlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
88:08:23:41:7d:9e:39:c6:5a:d5:c9:35:74:73:3a:93:17:ef:
4f:0a:41:a9:3c:f8:2c:72:6b:6e:cd:e4:c2:a9:b1:69:6d:2b:
ca:41:d7:20:4c:15:1a:04:1e:14:c3:0a:b1:27:97:0f:24:7a:
3e:88:49:70:16:2b:dd:01:54:3b:b3:b0:d1:97:71:d2:8d:35:
de:62:79:2c:48:cd:ee:3c:05:e3:d6:3c:f4:83:cc:0e:b1:56:
9e:92:81:04:59:ec:4b:cf:6e:41:67:ad:8b:95:f8:60:42:39:
33:33:c9:a4:fb:f9:63:63:d6:95:17:36:f1:35:c2:e4:d8:b9:
4d:9a:06:c8:99:77:3c:bb:ca:3a:b2:a7:c7:5f:66:42:4f:2a:
61:70:3a:1c:a4:9d:96:87:68:6e:ea:f5:81:b2:73:d0:a1:5c:
dd:f8:19:a5:e5:5d:6f:a7:15:ae:c6:9d:5a:ad:dc:78:3d:55:
8b:fa:65:61:a9:92:b0:9e:2b:26:1e:5c:3f:f3:8e:ee:cc:8b:
c6:1e:76:3a:03:ec:6a:b7:38:ee:8d:aa:84:af:69:a4:0f:51:
6a:cc:9d:ea:6b:8f:b2:61:d6:61:d6:f1:91:ad:aa:5f:a1:59:
9e:b1:1b:f4:0c:33:06:f6:98:93:c2:9e:28:cf:b8:39:1c:f0:
df:be:29:2e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX1kE24kDUEmfHpB5uO2fn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAyMDgxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU3ZDljYWZlYTkxZjM4MGIyZmVkZmQ0OWExOTVmMGQyZWI1YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrYz9oyGsnUEckaqvk0eeqIQxlqg
QzWrUUXzlk6vIzo7mYC8iD6IZFXFtaIhKw/3ucMSvjbdIJBfCvvcjCbqwzRQc6BX
dVubk4juU09A3vDaMIhITvQg8c0wSmFb3SVr1jR1zJdBQ+E3VYvFBnCigXQr+did
rhubZ4fnNWLYZVnSeVFj5j3ujJyKy8xtuqkZnraPixYsPPW0/RWDE0O1dMeglAFX
n0PejU56WB8Wk/NTMdhzycxY2pkotNN5Qg3i5yaiME6xC0MtksL6S5/t4VGnL8Wk
1dHVHzRNNcrsQ10F/p7hD6nOlXQ2Wt2tlQ9Lr4YIraZ9iV3Zzd8HJjCvWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAlX2cr+qR84Cy/t/UmhlfDS61pYMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvQ1ZmWnl2NnBIemdMTC0zOVNhR1Y4TkxyV2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAiAgjQX2eOcZa1ck1dHM6kxfv
TwpBqTz4LHJrbs3kwqmxaW0rykHXIEwVGgQeFMMKsSeXDyR6PohJcBYr3QFUO7Ow
0Zdx0o013mJ5LEjN7jwF49Y89IPMDrFWnpKBBFnsS89uQWeti5X4YEI5MzPJpPv5
Y2PWlRc28TXC5Ni5TZoGyJl3PLvKOrKnx19mQk8qYXA6HKSdlodobur1gbJz0KFc
3fgZpeVdb6cVrsadWq3ceD1Vi/plYamSsJ4rJh5cP/OO7syLxh52OgPsarc47o2q
hK9ppA9Rasyd6muPsmHWYdbxka2qX6FZnrEb9AwzBvaYk8KeKM+4ORzw374pLg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:15:37 2025 by rpki-client