Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/DFdNs7YvltS4MuA0UuhDy8Sr7K8.roa
File: DFdNs7YvltS4MuA0UuhDy8Sr7K8.roa (raw, json)
Hash identifier: EiAUZ7DoiM17Uv+hNgc1iQm3eXC0/m9e/S+APUICDHE=
Subject key identifier: 0C:57:4D:B3:B6:2F:96:D4:B8:32:E0:34:52:E8:43:CB:C4:AB:EC:AF
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195ECC41B45C1ADCB97D22B30166EB30667
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/DFdNs7YvltS4MuA0UuhDy8Sr7K8.roa
Signing time: Mon 31 Mar 2025 15:13:49 +0000
ROA not before: Mon 31 Mar 2025 15:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:c4:1b:45:c1:ad:cb:97:d2:2b:30:16:6e:b3:06:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 15:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c574db3b62f96d4b832e03452e843cbc4abecaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:75:15:17:0d:fa:d3:a7:9c:e6:03:3f:c4:
15:c3:7f:12:14:26:16:b6:49:7e:b4:cc:e3:e0:a3:
2d:64:ff:e8:54:c3:ad:15:67:96:3c:2a:58:aa:67:
fe:56:6a:48:94:90:6f:50:4a:9a:d9:41:93:5e:7d:
1f:9b:e6:18:df:a5:2a:c0:cc:35:58:e6:45:ed:58:
ff:b2:f8:81:c4:db:16:c9:51:a0:02:3a:17:2f:64:
b7:72:95:16:86:2b:eb:d5:c2:ab:b7:65:79:67:68:
75:c1:f8:5b:7e:86:75:60:f8:1a:80:c7:f4:ad:82:
0a:c2:70:d4:00:74:5b:f9:68:7a:19:8d:be:da:64:
59:00:a1:c7:dd:a0:cb:9e:e5:ea:a2:cc:42:4e:f8:
fb:0f:13:de:0a:8c:1f:62:00:d7:78:cd:5e:a0:be:
c0:20:79:c6:93:7e:15:c4:d1:7c:93:fa:17:84:34:
3d:ea:b5:36:92:42:87:bc:2b:93:03:33:4c:9a:9d:
56:13:29:e6:8a:83:ab:60:9b:b3:c3:b2:a2:e5:0d:
89:7d:da:01:9d:e3:a4:dd:b7:1a:5f:3f:e9:97:63:
88:19:9e:6e:3e:9c:89:20:d1:d2:75:81:51:c8:74:
da:f5:30:79:01:48:47:d9:b7:f8:5f:65:51:67:95:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:57:4D:B3:B6:2F:96:D4:B8:32:E0:34:52:E8:43:CB:C4:AB:EC:AF
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/DFdNs7YvltS4MuA0UuhDy8Sr7K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
6f:66:d6:df:d8:98:4a:57:76:eb:c7:47:64:17:29:95:6d:23:
ca:dd:98:82:cd:4e:7a:72:80:cb:40:7c:47:f1:1c:66:2c:cf:
81:ce:57:f3:18:c7:03:f8:29:08:7e:56:e3:62:16:69:2f:d0:
79:ef:66:cc:74:cf:bf:b8:98:e4:5b:7f:d7:f8:24:ca:2e:a1:
79:e8:32:6b:87:0c:25:b6:57:de:17:dd:30:15:52:c9:78:9d:
ea:32:dc:c0:c9:23:c9:ec:31:8e:34:82:4f:a8:be:48:fa:2f:
8e:c4:35:bc:85:43:01:ff:bd:f1:75:8b:ed:86:fd:31:3e:29:
16:27:90:d7:92:cf:61:32:42:b2:5f:03:ab:07:d4:e9:06:ac:
83:30:11:8b:4d:2d:c5:89:43:4f:66:12:0d:1f:7f:50:41:f4:
aa:3a:bc:2b:e7:d0:38:8f:2e:6f:d7:6f:7f:80:2d:a8:e4:56:
4a:1a:0d:14:eb:aa:84:fa:aa:f9:af:54:a2:14:e8:67:a6:cb:
a0:0a:16:ae:9d:76:7a:94:78:b6:26:0c:6b:22:cc:34:0c:56:
40:a9:84:27:17:aa:b4:8c:5e:c6:c1:c9:80:0c:06:6d:a4:26:
e2:67:bf:2f:ec:be:dc:08:e4:59:28:21:c3:fb:03:31:42:e1:
f6:51:5e:55
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXsxBtFwa3Ll9IrMBZuswZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMTUxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU3NGRiM2I2MmY5NmQ0YjgzMmUwMzQ1MmU4NDNjYmM0YWJlY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDt1FRcN+tOnnOYDP8QVw38SFCYW
tkl+tMzj4KMtZP/oVMOtFWeWPCpYqmf+VmpIlJBvUEqa2UGTXn0fm+YY36UqwMw1
WOZF7Vj/sviBxNsWyVGgAjoXL2S3cpUWhivr1cKrt2V5Z2h1wfhbfoZ1YPgagMf0
rYIKwnDUAHRb+Wh6GY2+2mRZAKHH3aDLnuXqosxCTvj7DxPeCowfYgDXeM1eoL7A
IHnGk34VxNF8k/oXhDQ96rU2kkKHvCuTAzNMmp1WEynmioOrYJuzw7Ki5Q2JfdoB
neOk3bcaXz/pl2OIGZ5uPpyJINHSdYFRyHTa9TB5AUhH2bf4X2VRZ5WVHQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAxXTbO2L5bUuDLgNFLoQ8vEq+yvMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvREZkTnM3WXZsdFM0TXVBMFV1aER5OFNyN0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAb2bW39iYSld268dHZBcplW0j
yt2Ygs1OenKAy0B8R/EcZizPgc5X8xjHA/gpCH5W42IWaS/Qee9mzHTPv7iY5Ft/
1/gkyi6heegya4cMJbZX3hfdMBVSyXid6jLcwMkjyewxjjSCT6i+SPovjsQ1vIVD
Af+98XWL7Yb9MT4pFieQ15LPYTJCsl8DqwfU6QasgzARi00txYlDT2YSDR9/UEH0
qjq8K+fQOI8ub9dvf4AtqORWShoNFOuqhPqq+a9UohToZ6bLoAoWrp12epR4tiYM
ayLMNAxWQKmEJxeqtIxexsHJgAwGbaQm4me/L+y+3AjkWSghw/sDMULh9lFeVQ==
-----END CERTIFICATE-----
Generated at Tue Jun 17 05:06:44 2025 by rpki-client