Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/M4o1HNrUVWWo-QMPnYjGxUorM08.roa
File: M4o1HNrUVWWo-QMPnYjGxUorM08.roa (raw, json)
Hash identifier: F6kZf32u7lwg2UuITEgsfnfW7MTN5dAk2/A4w4gn4hU=
Subject key identifier: 33:8A:35:1C:DA:D4:55:65:A8:F9:03:0F:9D:88:C6:C5:4A:2B:33:4F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F36928A710D09F7695F8E470BE6FC211
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/M4o1HNrUVWWo-QMPnYjGxUorM08.roa
Signing time: Tue 01 Apr 2025 22:11:49 +0000
ROA not before: Tue 01 Apr 2025 22:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:69:28:a7:10:d0:9f:76:95:f8:e4:70:be:6f:c2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 22:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=338a351cdad45565a8f9030f9d88c6c54a2b334f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:65:88:13:96:e4:cc:b3:82:f4:23:24:b0:
04:f4:1d:ac:45:d0:9e:38:45:f8:68:3c:b3:c4:b6:
c2:15:b2:57:bc:d0:4e:ea:e1:33:47:db:b0:e6:7d:
56:0d:2c:10:31:08:57:5e:15:69:00:59:8b:ff:15:
b0:49:e7:49:44:b8:cb:06:40:13:91:f7:af:72:f4:
a5:15:f6:15:07:89:3c:5e:73:0f:93:8d:44:fb:3b:
c8:25:d2:14:98:5b:59:df:48:37:de:d2:b5:2b:08:
fe:76:af:d6:65:0e:5a:6c:20:ce:f2:72:a5:2f:41:
12:9b:f3:9a:c4:3e:e3:89:f8:b8:b0:1c:26:91:94:
04:d3:9e:c2:ca:5a:63:0a:65:b1:12:6a:39:13:3c:
93:3f:f0:c1:1b:84:ef:50:32:6b:ad:3d:be:75:e9:
12:ab:7e:7e:10:05:06:25:c7:32:32:dd:c0:ef:cb:
31:88:4a:62:06:ff:0a:c4:fd:34:cd:6e:51:08:89:
b4:6a:8e:88:87:4b:19:34:f6:d6:3f:7b:49:12:65:
bf:dd:32:cb:9f:5d:a5:a6:51:ac:64:f2:9a:cb:ad:
ae:97:f7:e3:70:7e:f4:c3:e5:d9:02:9f:59:18:f8:
97:6a:92:f4:ad:b6:3c:17:f5:e9:4a:8e:0b:0a:85:
0d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8A:35:1C:DA:D4:55:65:A8:F9:03:0F:9D:88:C6:C5:4A:2B:33:4F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/M4o1HNrUVWWo-QMPnYjGxUorM08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
06:af:9a:47:f6:5b:03:83:8c:a6:11:99:2c:a1:48:1e:1a:50:
3a:2b:b4:e3:3a:e2:9b:b7:60:00:18:a6:63:04:f1:a9:bd:4b:
8f:25:b5:dd:a9:ce:dc:52:43:93:9e:f0:1f:a8:24:bf:f0:c0:
42:c5:99:66:e1:44:52:bf:d7:26:63:42:3f:4b:1c:9f:b6:dc:
2b:1b:a7:60:2b:07:aa:f8:ce:1f:51:1e:fe:99:46:90:82:72:
c6:c0:e8:c0:32:3f:df:3f:7b:56:ed:d1:e3:7c:5f:d5:a6:40:
d0:de:a4:29:41:f8:76:76:93:da:c1:f2:86:92:6d:31:f6:0a:
d1:97:ff:e3:d4:d0:83:24:db:75:a9:9f:e7:90:bd:b1:d5:74:
7b:16:60:b0:74:12:e9:53:b4:88:45:0e:ba:47:2e:a8:e4:e7:
3c:aa:4b:51:a9:44:72:3b:f8:89:a5:4a:09:f9:9d:b7:7d:d4:
0b:64:1c:53:e9:57:a5:c3:c8:85:ec:3a:49:bd:0d:24:78:d5:
65:92:41:36:3d:a9:40:b2:6e:3a:37:a7:7d:23:79:25:ad:1c:
8b:bd:2a:ea:30:43:d9:32:f5:a0:86:fe:d1:d5:8c:83:7d:71:
df:c9:c3:ff:f2:12:c5:b8:c4:91:5f:a9:48:55:27:33:4d:21:
ca:19:fe:d7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXzaSinENCfdpX45HC+b8IRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMjIxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhhMzUxY2RhZDQ1NTY1YThmOTAzMGY5ZDg4YzZjNTRhMmIzMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss1liBOW5MyzgvQjJLAE9B2sRdCe
OEX4aDyzxLbCFbJXvNBO6uEzR9uw5n1WDSwQMQhXXhVpAFmL/xWwSedJRLjLBkAT
kfevcvSlFfYVB4k8XnMPk41E+zvIJdIUmFtZ30g33tK1Kwj+dq/WZQ5abCDO8nKl
L0ESm/OaxD7jifi4sBwmkZQE057CylpjCmWxEmo5EzyTP/DBG4TvUDJrrT2+dekS
q35+EAUGJccyMt3A78sxiEpiBv8KxP00zW5RCIm0ao6Ih0sZNPbWP3tJEmW/3TLL
n12lplGsZPKay62ul/fjcH70w+XZAp9ZGPiXapL0rbY8F/XpSo4LCoUNZQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDOKNRza1FVlqPkDD52IxsVKKzNPMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvTTRvMUhOclVWV1dvLVFNUG5Zakd4VW9yTTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEABq+aR/ZbA4OMphGZLKFIHhpQ
Oiu04zrim7dgABimYwTxqb1LjyW13anO3FJDk57wH6gkv/DAQsWZZuFEUr/XJmNC
P0scn7bcKxunYCsHqvjOH1Ee/plGkIJyxsDowDI/3z97Vu3R43xf1aZA0N6kKUH4
dnaT2sHyhpJtMfYK0Zf/49TQgyTbdamf55C9sdV0exZgsHQS6VO0iEUOukcuqOTn
PKpLUalEcjv4iaVKCfmdt33UC2QcU+lXpcPIhew6Sb0NJHjVZZJBNj2pQLJuOjen
fSN5Ja0ci70q6jBD2TL1oIb+0dWMg31x38nD//ISxbjEkV+pSFUnM00hyhn+1w==
-----END CERTIFICATE-----
Generated at Mon Jun 16 11:39:34 2025 by rpki-client