Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/HyodH4sD-xBGnIrcBDtbNWpkD2Q.roa
File: HyodH4sD-xBGnIrcBDtbNWpkD2Q.roa (raw, json)
Hash identifier: RLRlQ2wGUN1uVAepTQU31krW77RPXj84ArP2Oleic6g=
Subject key identifier: 1F:2A:1D:1F:8B:03:FB:10:46:9C:8A:DC:04:3B:5B:35:6A:64:0F:64
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FD48ED2632166A6B11A74092786BD8F0
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/HyodH4sD-xBGnIrcBDtbNWpkD2Q.roa
Signing time: Thu 03 Apr 2025 20:12:49 +0000
ROA not before: Thu 03 Apr 2025 20:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fd:48:ed:26:32:16:6a:6b:11:a7:40:92:78:6b:d8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 20:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f2a1d1f8b03fb10469c8adc043b5b356a640f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f5:01:f4:07:3e:12:73:01:62:5d:65:8f:23:
ff:5e:bd:69:d9:65:17:e4:1b:55:79:c8:02:97:38:
57:13:32:da:f5:26:16:80:cf:65:2b:e3:51:ea:77:
e7:8e:dc:a1:a7:c8:4c:ed:8b:76:67:60:89:04:5c:
ff:ed:65:bd:33:7c:c5:d7:39:3c:f3:5c:da:2d:96:
c3:90:0e:6c:30:21:fb:3a:e2:40:73:4a:97:e1:90:
b1:df:34:bf:08:59:a4:b7:c8:3a:3c:b3:7e:cf:52:
a1:2b:1b:fd:bf:31:e8:d2:85:b4:11:f5:74:8a:14:
d1:e4:69:f8:e6:2e:9b:57:4c:6f:fc:78:34:c1:44:
da:5a:51:a1:d3:25:bb:5d:30:eb:ef:be:26:6a:d5:
f0:b9:97:74:bb:3d:f3:14:13:17:02:b1:05:45:b5:
54:20:50:2d:f9:f8:a0:a5:21:11:e1:d5:84:1f:2b:
65:61:9c:ee:c2:da:05:a8:7c:4f:4f:d9:ce:18:99:
86:a1:19:1b:00:71:a9:7d:92:e9:34:dd:79:45:ce:
3c:66:04:80:17:91:fa:59:67:dd:86:10:16:22:5c:
7e:f0:bc:ac:ac:4c:f4:9f:8e:0e:ea:ed:27:52:e4:
e7:2a:84:e4:d1:5b:fc:ef:e0:de:d9:cf:94:ce:43:
ff:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:2A:1D:1F:8B:03:FB:10:46:9C:8A:DC:04:3B:5B:35:6A:64:0F:64
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/HyodH4sD-xBGnIrcBDtbNWpkD2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
95:91:2e:f9:71:4c:6c:36:b1:4a:aa:d8:80:bf:9c:51:c6:30:
75:bc:e1:eb:f5:be:be:b1:f8:40:36:fc:2a:45:62:b4:c0:46:
17:66:ff:58:02:3b:00:10:c1:24:2f:fd:45:59:98:85:bf:02:
72:93:3c:00:2b:f3:e7:92:59:f9:87:e9:12:60:b1:2e:61:2a:
81:92:c3:1b:85:e4:d9:6b:e5:08:7f:e6:d8:40:c4:0d:01:e5:
8b:47:81:ca:1f:d3:e6:5d:2d:8f:08:cb:47:31:58:2f:76:84:
da:e8:c4:38:c7:cd:11:2a:c3:5d:0f:93:03:7a:ed:8a:47:97:
3a:a3:2a:ba:2b:6c:ef:7b:7b:18:1c:6c:78:a6:5e:48:62:49:
00:48:bc:74:63:dc:eb:ed:88:9c:06:16:37:23:43:3d:8d:cc:
ae:ff:21:61:c9:88:ad:94:0c:ef:05:d0:2c:09:c8:a5:f6:c7:
a6:cf:ed:b2:d6:cd:80:b7:7c:c5:cc:a5:ab:0d:d7:17:3a:77:
94:38:b6:fd:e9:84:0b:80:1a:3d:2a:7a:f1:58:11:6e:f6:64:
a5:29:41:82:a1:ee:a4:37:35:46:bd:9b:8f:65:e4:92:99:a2:
39:6b:57:d7:be:91:92:55:6c:d2:d4:8c:29:1a:fc:fd:ec:36:
e3:60:6f:1e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX9SO0mMhZqaxGnQJJ4a9jwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMjAxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjJhMWQxZjhiMDNmYjEwNDY5YzhhZGMwNDNiNWIzNTZhNjQwZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/UB9Ac+EnMBYl1ljyP/Xr1p2WUX
5BtVecgClzhXEzLa9SYWgM9lK+NR6nfnjtyhp8hM7Yt2Z2CJBFz/7WW9M3zF1zk8
81zaLZbDkA5sMCH7OuJAc0qX4ZCx3zS/CFmkt8g6PLN+z1KhKxv9vzHo0oW0EfV0
ihTR5Gn45i6bV0xv/Hg0wUTaWlGh0yW7XTDr774matXwuZd0uz3zFBMXArEFRbVU
IFAt+figpSER4dWEHytlYZzuwtoFqHxPT9nOGJmGoRkbAHGpfZLpNN15Rc48ZgSA
F5H6WWfdhhAWIlx+8LysrEz0n44O6u0nUuTnKoTk0Vv87+De2c+UzkP/swIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB8qHR+LA/sQRpyK3AQ7WzVqZA9kMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvSHlvZEg0c0QteEJHbklyY0JEdGJOV3BrRDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAlZEu+XFMbDaxSqrYgL+cUcYw
dbzh6/W+vrH4QDb8KkVitMBGF2b/WAI7ABDBJC/9RVmYhb8CcpM8ACvz55JZ+Yfp
EmCxLmEqgZLDG4Xk2WvlCH/m2EDEDQHli0eByh/T5l0tjwjLRzFYL3aE2ujEOMfN
ESrDXQ+TA3rtikeXOqMquits73t7GBxseKZeSGJJAEi8dGPc6+2InAYWNyNDPY3M
rv8hYcmIrZQM7wXQLAnIpfbHps/tstbNgLd8xcylqw3XFzp3lDi2/emEC4AaPSp6
8VgRbvZkpSlBgqHupDc1Rr2bj2XkkpmiOWtX176RklVs0tSMKRr8/ew242BvHg==
-----END CERTIFICATE-----
Generated at Tue Jun 17 16:20:20 2025 by rpki-client