Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CqPtIRqqZP2_ujkEri3uLq21n9s.roa
File: CqPtIRqqZP2_ujkEri3uLq21n9s.roa (raw, json)
Hash identifier: IsVLc3GYekE1/8cW06OGMqiHUnZpldWqMLqwssHATOY=
Subject key identifier: 0A:A3:ED:21:1A:AA:64:FD:BF:BA:39:04:AE:2D:EE:2E:AD:B5:9F:DB
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FC6F07D01C92BF6779D0341110E3520D
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CqPtIRqqZP2_ujkEri3uLq21n9s.roa
Signing time: Thu 03 Apr 2025 16:14:49 +0000
ROA not before: Thu 03 Apr 2025 16:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fc:6f:07:d0:1c:92:bf:67:79:d0:34:11:10:e3:52:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 16:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aa3ed211aaa64fdbfba3904ae2dee2eadb59fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:bd:9c:d4:10:65:01:a5:2c:01:52:7b:69:
1d:4b:22:d1:f1:eb:7c:17:c6:5c:e3:34:20:87:85:
2d:ed:7b:12:ae:00:16:0a:19:36:14:c8:70:f3:8e:
ba:8f:8c:36:ef:76:e7:83:23:5d:b5:70:0f:41:d2:
97:ed:72:f5:46:14:62:6d:21:e4:db:1f:13:d3:af:
09:33:b3:bf:6b:f3:84:a0:69:e0:8a:e5:72:a0:1d:
d8:de:e0:00:d9:0a:a1:0f:7f:dc:af:49:07:2e:59:
ac:f7:56:7e:01:2b:4a:bb:c4:9c:98:4f:83:b6:29:
e6:cb:a8:0d:f6:74:30:a2:20:f0:12:ae:1a:86:2a:
23:36:be:de:48:c5:aa:bf:1a:fa:6d:73:48:a6:b5:
ec:7c:de:de:e5:1b:c9:2d:1d:df:36:87:44:28:1c:
e7:25:7f:dd:d5:57:5a:5c:83:83:07:a5:b0:d4:57:
3c:2b:d6:d4:80:60:fa:74:bd:94:8e:4a:32:55:22:
5d:0a:27:12:95:e0:8a:4b:7a:84:dc:b2:29:d4:07:
57:91:de:27:b4:f2:9e:fc:0c:39:c5:d6:ea:d2:41:
3d:98:45:92:89:3d:31:5e:82:e2:41:cf:b8:bc:49:
fb:77:8b:99:b2:1e:6f:83:ee:76:2d:68:e7:a2:a1:
82:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A3:ED:21:1A:AA:64:FD:BF:BA:39:04:AE:2D:EE:2E:AD:B5:9F:DB
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/CqPtIRqqZP2_ujkEri3uLq21n9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
61:f3:cf:a8:4d:4d:b3:aa:2c:10:5c:4d:ac:7c:9c:97:51:e3:
69:0c:f2:f0:25:76:53:76:f7:fb:3b:fb:a9:c5:af:b3:9d:8b:
94:32:9a:a8:c3:5d:b9:f4:ee:80:90:8d:b7:4e:86:bd:6c:e4:
0d:5c:37:82:89:71:85:e2:45:9f:12:31:8e:a3:d2:17:5d:c2:
22:0b:88:e9:82:81:80:f4:18:4c:aa:1f:d2:26:9f:57:f8:10:
3a:89:ba:c7:38:a3:6b:dc:c7:38:53:43:b7:e0:72:79:54:97:
92:bb:6e:4f:d4:c4:17:a8:96:2e:81:fb:35:17:33:9e:eb:4f:
77:a1:50:c3:85:25:b3:e9:fa:de:a4:bc:ab:4a:98:93:b6:23:
ca:15:06:c8:cf:1b:18:8c:12:64:83:11:08:75:71:37:87:69:
e4:a3:0a:d1:0b:5f:3a:d0:bc:1e:5b:df:75:a8:4f:b5:d5:2c:
3d:4f:75:72:e1:d8:ef:2c:8a:bd:f9:22:c9:3c:92:dc:05:c6:
2a:fa:28:c3:42:dd:d3:86:66:cc:90:5f:84:b3:b2:d4:b7:46:
27:a0:cf:56:98:6d:c1:7b:e3:ca:b3:5d:12:ec:de:bd:9f:31:
c0:c9:d3:37:1b:27:64:3b:76:b8:15:5d:f8:4c:cd:77:38:af:
52:7b:26:6a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX8bwfQHJK/Z3nQNBEQ41INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMTYxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEzZWQyMTFhYWE2NGZkYmZiYTM5MDRhZTJkZWUyZWFkYjU5ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis69nNQQZQGlLAFSe2kdSyLR8et8
F8Zc4zQgh4Ut7XsSrgAWChk2FMhw8466j4w273bngyNdtXAPQdKX7XL1RhRibSHk
2x8T068JM7O/a/OEoGngiuVyoB3Y3uAA2QqhD3/cr0kHLlms91Z+AStKu8ScmE+D
tinmy6gN9nQwoiDwEq4ahiojNr7eSMWqvxr6bXNIprXsfN7e5RvJLR3fNodEKBzn
JX/d1VdaXIODB6Ww1Fc8K9bUgGD6dL2UjkoyVSJdCicSleCKS3qE3LIp1AdXkd4n
tPKe/Aw5xdbq0kE9mEWSiT0xXoLiQc+4vEn7d4uZsh5vg+52LWjnoqGCYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAqj7SEaqmT9v7o5BK4t7i6ttZ/bMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvQ3FQdElScXFaUDJfdWprRXJpM3VMcTIxbjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAYfPPqE1Ns6osEFxNrHycl1Hj
aQzy8CV2U3b3+zv7qcWvs52LlDKaqMNdufTugJCNt06GvWzkDVw3golxheJFnxIx
jqPSF13CIguI6YKBgPQYTKof0iafV/gQOom6xzija9zHOFNDt+ByeVSXkrtuT9TE
F6iWLoH7NRcznutPd6FQw4Uls+n63qS8q0qYk7YjyhUGyM8bGIwSZIMRCHVxN4dp
5KMK0QtfOtC8HlvfdahPtdUsPU91cuHY7yyKvfkiyTyS3AXGKvoow0Ld04ZmzJBf
hLOy1LdGJ6DPVphtwXvjyrNdEuzevZ8xwMnTNxsnZDt2uBVd+EzNdzivUnsmag==
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:59:15 2025 by rpki-client