Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/MUoenW13PIJeDX_KMAay36-A6PU.roa
File: MUoenW13PIJeDX_KMAay36-A6PU.roa (raw, json)
Hash identifier: qp7CKpj1R3ahf5L0ETMYzqeVsGbF2qyJt1tPz7YFcrs=
Subject key identifier: 31:4A:1E:9D:6D:77:3C:82:5E:0D:7F:CA:30:06:B2:DF:AF:80:E8:F5
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F5FE2A6498CA0634C074C5D010809D87
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/MUoenW13PIJeDX_KMAay36-A6PU.roa
Signing time: Wed 02 Apr 2025 10:13:49 +0000
ROA not before: Wed 02 Apr 2025 10:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:fe:2a:64:98:ca:06:34:c0:74:c5:d0:10:80:9d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 2 10:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=314a1e9d6d773c825e0d7fca3006b2dfaf80e8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:5c:28:0e:a2:69:b7:47:ca:e3:29:33:56:
58:de:9e:a6:11:48:b7:ed:6b:bc:af:7d:d0:51:ab:
be:f9:b3:19:6f:f6:b4:21:e5:d3:49:22:00:9d:d4:
78:b7:b7:00:f2:eb:87:5c:ac:18:fd:47:d0:a7:9c:
0b:f1:f8:15:c6:6e:a3:7a:dc:c8:1d:67:cc:12:3b:
ff:d2:db:0d:3d:f0:a5:42:36:33:13:4b:0f:c9:7a:
64:09:d8:b0:a7:25:64:63:68:cc:73:66:f6:b9:63:
2b:f3:d3:30:7a:a8:0d:a3:b1:ea:8d:df:7c:1c:e6:
52:60:0c:cb:6c:68:93:da:6b:2a:ee:38:58:99:28:
e5:01:ee:89:10:72:72:bc:9c:6d:8a:90:66:03:f6:
ab:5e:d0:23:7e:d2:a7:1f:00:d4:2e:1e:c4:c1:1f:
6f:d5:be:b8:81:7e:c8:13:fa:be:98:31:5d:e9:40:
0f:38:4f:31:67:1b:52:60:21:44:33:ad:62:e5:ae:
07:37:3e:0b:3b:7b:1a:d0:b9:30:79:d7:f8:72:2e:
c1:5f:d0:ab:75:0f:f8:ca:94:12:a4:ab:7d:76:22:
0a:71:df:a9:ce:1f:65:66:14:1d:cd:00:8e:5b:a8:
e6:98:bc:1a:b5:1d:36:cf:63:45:a6:74:13:33:56:
96:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4A:1E:9D:6D:77:3C:82:5E:0D:7F:CA:30:06:B2:DF:AF:80:E8:F5
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/MUoenW13PIJeDX_KMAay36-A6PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
7b:60:ff:f3:f9:da:6e:70:e4:30:ad:ae:16:0e:80:dc:a2:89:
59:02:1c:93:d7:1b:7c:ec:74:c4:3f:0e:90:4d:b1:57:f2:ad:
ca:95:62:bc:54:78:20:77:11:a7:73:12:f3:62:ae:80:2a:3c:
30:ab:0c:8c:91:bf:c3:41:8d:78:0f:d0:b8:15:5c:09:99:fd:
82:6e:86:e1:db:3d:e1:3e:10:8d:fb:13:d1:e1:56:9a:67:b0:
ea:29:6e:ba:72:7a:dd:0d:03:db:04:ec:e2:cf:15:7f:2b:e5:
4f:fd:44:51:10:c0:be:ae:49:55:a6:c9:bc:ff:b1:c5:12:9f:
ec:4f:12:3a:29:65:90:ec:13:8b:a5:e0:b2:9e:2e:6d:df:e0:
4b:00:5b:a0:44:37:7d:4e:28:55:3e:d6:e5:f5:c3:00:05:5b:
25:af:15:84:e2:5f:04:cf:dd:5f:8d:fc:3b:f9:07:57:c9:54:
81:c1:ff:38:7f:dc:13:a1:79:df:b3:30:bc:32:f4:2b:5a:f3:
66:ae:e0:f1:2d:57:38:36:6c:81:a6:5b:b1:97:8a:37:b6:25:
d1:8c:cc:cd:3a:2e:4a:99:02:4c:b6:66:06:19:77:77:5c:a2:
f1:2f:dc:be:8b:42:47:70:9f:08:af:0b:c1:7a:27:5a:a3:13:
8e:cd:d5:9b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX1/ipkmMoGNMB0xdAQgJ2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAyMTAxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTRhMWU5ZDZkNzczYzgyNWUwZDdmY2EzMDA2YjJkZmFmODBlOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic9cKA6iabdHyuMpM1ZY3p6mEUi3
7Wu8r33QUau++bMZb/a0IeXTSSIAndR4t7cA8uuHXKwY/UfQp5wL8fgVxm6jetzI
HWfMEjv/0tsNPfClQjYzE0sPyXpkCdiwpyVkY2jMc2b2uWMr89MweqgNo7Hqjd98
HOZSYAzLbGiT2msq7jhYmSjlAe6JEHJyvJxtipBmA/arXtAjftKnHwDULh7EwR9v
1b64gX7IE/q+mDFd6UAPOE8xZxtSYCFEM61i5a4HNz4LO3sa0Lkwedf4ci7BX9Cr
dQ/4ypQSpKt9diIKcd+pzh9lZhQdzQCOW6jmmLwatR02z2NFpnQTM1aWGQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDFKHp1tdzyCXg1/yjAGst+vgOj1MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvTVVvZW5XMTNQSUplRFhfS01BYXkzNi1BNlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAe2D/8/nabnDkMK2uFg6A3KKJ
WQIck9cbfOx0xD8OkE2xV/KtypVivFR4IHcRp3MS82KugCo8MKsMjJG/w0GNeA/Q
uBVcCZn9gm6G4ds94T4QjfsT0eFWmmew6iluunJ63Q0D2wTs4s8VfyvlT/1EURDA
vq5JVabJvP+xxRKf7E8SOillkOwTi6Xgsp4ubd/gSwBboEQ3fU4oVT7W5fXDAAVb
Ja8VhOJfBM/dX438O/kHV8lUgcH/OH/cE6F537MwvDL0K1rzZq7g8S1XODZsgaZb
sZeKN7Yl0YzMzTouSpkCTLZmBhl3d1yi8S/cvotCR3CfCK8LwXonWqMTjs3Vmw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:16:14 2025 by rpki-client