Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Pgpz2-r_5arEdYXe7ckBW2SEkOU.roa
File: Pgpz2-r_5arEdYXe7ckBW2SEkOU.roa (raw, json)
Hash identifier: rJrTRN1qBqcnUURSg/iXAqVBw+vtilh6wU5BuQSiEH4=
Subject key identifier: 3E:0A:73:DB:EA:FF:E5:AA:C4:75:85:DE:ED:C9:01:5B:64:84:90:E5
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E3892115E9783A4E46C3AC2BD9F61F35
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Pgpz2-r_5arEdYXe7ckBW2SEkOU.roa
Signing time: Sat 29 Mar 2025 20:12:49 +0000
ROA not before: Sat 29 Mar 2025 20:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e3:89:21:15:e9:78:3a:4e:46:c3:ac:2b:d9:f6:1f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 20:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e0a73dbeaffe5aac47585deedc9015b648490e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:08:29:a5:00:0d:37:41:1d:b0:04:fa:b5:20:
14:36:52:ab:fa:6f:de:a7:7a:57:c2:00:22:e5:27:
dc:51:20:e9:61:69:e6:c3:4b:fe:66:6d:c7:7c:16:
d0:39:2d:dd:dc:57:d3:f9:69:9f:01:bd:23:8c:44:
ea:f1:7d:9e:bb:dc:1f:7e:34:3d:d8:ab:f4:c4:42:
a0:27:4b:2c:7e:63:d8:65:31:4a:c1:5d:2e:0a:02:
cb:e2:f8:49:7c:b4:00:51:aa:43:52:5f:9a:ca:ac:
0c:47:c7:45:66:3b:33:aa:46:12:66:9d:f8:57:68:
b5:be:a3:3f:e0:2c:ea:71:c3:e7:c3:3d:60:86:ba:
2d:31:85:91:02:b0:75:be:2b:b8:09:2a:78:52:56:
fe:da:58:b3:16:8e:a7:dc:fe:bf:1a:ac:57:cc:b1:
6b:45:25:16:f0:ca:63:71:40:a1:8a:ae:d7:fb:ce:
74:1c:2d:70:4d:5c:67:22:90:20:26:ed:3e:d5:fc:
13:f7:79:be:26:66:5e:66:52:52:ae:1a:81:78:b5:
8f:d1:63:90:fa:94:e5:22:49:fc:fb:93:9d:a6:a3:
a1:9a:c4:c7:a3:84:f5:60:bb:9f:48:fc:b7:45:e4:
13:7c:3d:79:db:aa:cc:0a:76:86:54:a6:01:60:4b:
31:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0A:73:DB:EA:FF:E5:AA:C4:75:85:DE:ED:C9:01:5B:64:84:90:E5
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/Pgpz2-r_5arEdYXe7ckBW2SEkOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
12:28:3d:1f:5f:2f:07:99:d5:36:bb:07:57:03:09:0c:b0:06:
27:07:c3:aa:c8:1d:9f:62:ce:1d:f5:77:1e:81:7a:a9:46:97:
b5:f6:da:2a:36:08:ca:07:fa:b4:26:93:17:31:e7:8b:76:1a:
5b:4b:fd:f4:38:ac:52:88:6e:a7:bd:11:9c:a0:56:35:7b:78:
e1:15:3e:1a:e3:ed:45:d2:64:4a:2b:db:39:6f:a3:91:cf:9a:
1a:2d:78:d9:0a:a3:22:b6:12:c0:02:dc:c9:7c:5b:04:e9:56:
7c:54:15:d0:80:39:e9:fa:0f:cc:c2:70:31:3c:3e:ec:e3:87:
54:af:07:56:cb:77:33:94:3b:69:bb:23:da:c7:11:61:b2:46:
a1:7c:b3:d9:90:1f:30:ac:c0:2d:94:55:10:51:30:8b:70:ee:
71:49:b1:92:0d:71:16:d2:f5:95:85:5d:5f:a4:7e:d4:f7:9f:
66:da:12:b2:6f:b0:29:55:f7:d0:b1:10:c9:fc:32:0f:92:72:
29:e1:9f:7d:9f:32:81:eb:ab:e2:e3:63:61:b6:35:cd:27:bc:
a1:bb:88:8c:1d:ee:2f:ba:a5:1e:32:f1:be:6c:1a:0a:f9:d0:
75:af:1f:f2:73:af:f7:e8:9f:9e:1c:92:22:ee:b6:67:da:6b:
85:de:bf:33
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXjiSEV6Xg6TkbDrCvZ9h81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MjAxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBhNzNkYmVhZmZlNWFhYzQ3NTg1ZGVlZGM5MDE1YjY0ODQ5MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmggppQANN0EdsAT6tSAUNlKr+m/e
p3pXwgAi5SfcUSDpYWnmw0v+Zm3HfBbQOS3d3FfT+WmfAb0jjETq8X2eu9wffjQ9
2Kv0xEKgJ0ssfmPYZTFKwV0uCgLL4vhJfLQAUapDUl+ayqwMR8dFZjszqkYSZp34
V2i1vqM/4CzqccPnwz1ghrotMYWRArB1viu4CSp4Ulb+2lizFo6n3P6/GqxXzLFr
RSUW8MpjcUChiq7X+850HC1wTVxnIpAgJu0+1fwT93m+JmZeZlJSrhqBeLWP0WOQ
+pTlIkn8+5OdpqOhmsTHo4T1YLufSPy3ReQTfD1526rMCnaGVKYBYEsxdwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFD4Kc9vq/+WqxHWF3u3JAVtkhJDlMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvUGdwejItcl81YXJFZFlYZTdja0JXMlNFa09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAEig9H18vB5nVNrsHVwMJDLAG
JwfDqsgdn2LOHfV3HoF6qUaXtfbaKjYIygf6tCaTFzHni3YaW0v99DisUohup70R
nKBWNXt44RU+GuPtRdJkSivbOW+jkc+aGi142QqjIrYSwALcyXxbBOlWfFQV0IA5
6foPzMJwMTw+7OOHVK8HVst3M5Q7absj2scRYbJGoXyz2ZAfMKzALZRVEFEwi3Du
cUmxkg1xFtL1lYVdX6R+1PefZtoSsm+wKVX30LEQyfwyD5JyKeGffZ8ygeur4uNj
YbY1zSe8obuIjB3uL7qlHjLxvmwaCvnQda8f8nOv9+ifnhySIu62Z9prhd6/Mw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:41:00 2025 by rpki-client