Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Iyga58seiWdUqJUvSgKKxyqRvOQ.roa
File: Iyga58seiWdUqJUvSgKKxyqRvOQ.roa (raw, json)
Hash identifier: FzMo8x4GLabtjlQY/WT+fwoynYKxUtxpqT1tlaMvhyM=
Subject key identifier: 23:28:1A:E7:CB:1E:89:67:54:A8:95:2F:4A:02:8A:C7:2A:91:BC:E4
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DA7EACE049FA9D25F4051DE890814A45
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Iyga58seiWdUqJUvSgKKxyqRvOQ.roa
Signing time: Fri 28 Mar 2025 02:04:49 +0000
ROA not before: Fri 28 Mar 2025 02:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:da7d:e71b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:da:7e:ac:e0:49:fa:9d:25:f4:05:1d:e8:90:81:4a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 28 02:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23281ae7cb1e896754a8952f4a028ac72a91bce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f0:58:fb:30:14:a2:e9:b7:21:f3:75:55:23:
5d:13:a6:99:c6:5e:73:de:60:db:46:55:16:f7:3d:
b8:db:88:c2:45:4c:4b:66:68:32:7c:ac:33:2a:67:
7e:b0:33:94:06:af:69:ac:19:ca:b5:0b:8e:d7:13:
51:f1:68:a4:6d:e9:05:69:b4:ac:f6:49:27:a7:c9:
51:93:cf:8a:fc:44:4c:32:79:ad:a1:75:5a:fd:10:
d7:22:b9:1a:d8:27:28:8c:4b:7a:86:8e:3a:b6:18:
88:e8:3a:15:ab:15:ce:95:3b:6c:6a:28:dd:5f:4a:
81:ed:c4:6e:60:77:19:b8:3b:8a:8f:2c:70:af:02:
3c:5c:18:7e:9a:91:28:e8:f5:50:50:66:60:0a:db:
81:ee:a5:0e:be:ab:3f:4b:b6:37:5b:2b:43:ba:ed:
4e:25:5f:0d:69:6a:64:e5:3a:08:82:3d:7b:46:a4:
58:75:a0:ea:4c:f4:d4:b8:4b:30:01:19:26:cf:ab:
0c:24:6e:57:52:25:b6:4b:28:a1:7c:2d:df:e9:14:
d9:c3:d8:cb:ee:74:2d:aa:a5:dd:5f:60:f8:c6:19:
22:61:b0:a7:e7:49:a0:54:cd:70:58:69:57:09:a8:
cd:7a:a9:6d:b2:c1:78:5c:97:0a:fc:28:ec:8c:23:
6b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:28:1A:E7:CB:1E:89:67:54:A8:95:2F:4A:02:8A:C7:2A:91:BC:E4
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Iyga58seiWdUqJUvSgKKxyqRvOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:da7d:e71b/128
Signature Algorithm: sha256WithRSAEncryption
00:e8:73:80:b8:3c:a4:4d:75:61:40:d2:7e:2a:17:38:ee:4d:
8c:2d:79:9e:2c:f5:16:19:53:f7:15:49:d7:57:f2:41:6f:cc:
05:69:0e:ef:3b:90:24:3d:b8:d1:db:61:78:0a:1e:1f:c1:60:
4a:bc:b8:6e:37:48:57:53:85:66:32:b8:d2:f4:42:9e:bf:3c:
08:83:f5:84:bb:d5:db:4e:cb:08:8d:2a:ca:10:ad:95:3d:c3:
a3:28:5a:7a:ee:a4:87:89:64:d2:1f:82:1f:a6:fe:f8:69:b4:
25:6d:b7:fe:a2:5a:86:2a:dc:cb:23:91:82:92:79:3d:27:7b:
5e:e2:19:51:db:aa:98:24:11:f7:3f:28:96:dd:21:7b:ca:48:
28:48:92:74:7f:05:5c:49:f1:8d:4f:51:38:59:22:81:8f:34:
b6:d1:b9:1f:f1:4c:f8:12:1a:7a:19:79:b1:d2:33:cb:ae:02:
26:9f:f2:6d:7f:c7:de:b7:bf:fd:83:25:66:69:36:26:ff:f0:
f1:e6:de:e7:8d:66:44:16:06:b6:ef:06:da:e0:f3:1a:6a:16:
09:24:a4:fc:b8:8e:b2:87:05:ed:19:13:0b:fa:5d:af:80:44:
56:a9:82:ae:6b:9d:3d:54:f0:e1:09:f9:17:06:c1:e1:3b:00:
3c:83:8b:af
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXafqzgSfqdJfQFHeiQgUpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI4MDIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI4MWFlN2NiMWU4OTY3NTRhODk1MmY0YTAyOGFjNzJhOTFiY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/BY+zAUoum3IfN1VSNdE6aZxl5z
3mDbRlUW9z2424jCRUxLZmgyfKwzKmd+sDOUBq9prBnKtQuO1xNR8WikbekFabSs
9kknp8lRk8+K/ERMMnmtoXVa/RDXIrka2CcojEt6ho46thiI6DoVqxXOlTtsaijd
X0qB7cRuYHcZuDuKjyxwrwI8XBh+mpEo6PVQUGZgCtuB7qUOvqs/S7Y3WytDuu1O
JV8NaWpk5ToIgj17RqRYdaDqTPTUuEswARkmz6sMJG5XUiW2SyihfC3f6RTZw9jL
7nQtqqXdX2D4xhkiYbCn50mgVM1wWGlXCajNeqltssF4XJcK/CjsjCNrOQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFCMoGufLHolnVKiVL0oCiscqkbzkMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvSXlnYTU4c2VpV2RVcUpVdlNnS0t4eXFSdk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV2n3nGzANBgkqhkiG9w0BAQsFAAOCAQEAAOhzgLg8pE11YUDSfioXOO5N
jC15niz1FhlT9xVJ11fyQW/MBWkO7zuQJD240dtheAoeH8FgSry4bjdIV1OFZjK4
0vRCnr88CIP1hLvV207LCI0qyhCtlT3Doyhaeu6kh4lk0h+CH6b++Gm0JW23/qJa
hircyyORgpJ5PSd7XuIZUduqmCQR9z8olt0he8pIKEiSdH8FXEnxjU9ROFkigY80
ttG5H/FM+BIaehl5sdIzy64CJp/ybX/H3re//YMlZmk2Jv/w8ebe541mRBYGtu8G
2uDzGmoWCSSk/LiOsocF7RkTC/pdr4BEVqmCrmudPVTw4Qn5FwbB4TsAPIOLrw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:22:23 2025 by rpki-client