Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SFFRjmXr6z062zOYo8MelV3zHN4.roa
File: SFFRjmXr6z062zOYo8MelV3zHN4.roa (raw, json)
Hash identifier: ULqkVTzh4IqThCeJUqNb9XoUQ/Q7vmCM5DWDOyuQmbA=
Subject key identifier: 48:51:51:8E:65:EB:EB:3D:3A:DB:33:98:A3:C3:1E:95:5D:F3:1C:DE
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EC1F8A11E7220623523411D0E8060290
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SFFRjmXr6z062zOYo8MelV3zHN4.roa
Signing time: Mon 31 Mar 2025 12:14:04 +0000
ROA not before: Mon 31 Mar 2025 12:14:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:1f:8a:11:e7:22:06:23:52:34:11:d0:e8:06:02:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 12:14:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4851518e65ebeb3d3adb3398a3c31e955df31cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dc:8a:7c:1a:06:66:41:81:c4:fe:65:77:e9:
14:f0:5e:7d:38:ab:d7:a2:05:9f:67:ab:ea:54:7a:
6e:1f:6d:c8:9d:59:e6:f5:a7:5f:25:a1:9a:62:7b:
31:26:b3:76:08:90:f9:e6:51:0d:1c:77:a8:34:67:
28:fb:80:db:f6:5d:2c:39:d9:81:c8:85:22:66:ec:
0f:6e:ce:ed:cf:8d:59:13:55:aa:a7:73:0d:4b:b5:
d9:0f:57:f1:53:c3:2b:3a:b7:41:fe:4e:82:a8:16:
d5:de:8f:f6:2b:30:c7:cb:b4:ac:8a:43:a7:e0:d8:
47:8a:e6:55:d0:a9:13:34:c9:87:ad:6e:53:66:22:
05:66:22:36:0d:2c:f8:0b:35:d2:9f:f9:a7:13:a6:
bf:eb:2c:c2:47:51:02:c2:c1:15:81:be:b5:f4:8f:
c5:3a:b7:50:a9:35:72:af:7c:ff:11:f2:c0:42:4f:
90:da:b5:01:cd:40:a1:9f:72:98:5a:54:0d:d7:d2:
30:1c:27:fb:ca:7a:db:85:fd:3d:35:f3:81:ff:29:
65:14:d7:8d:6a:bc:07:5c:37:52:14:e1:16:dc:07:
a1:3d:6f:a3:7f:22:6c:a1:fa:04:c7:bf:3d:8a:8a:
44:50:47:5b:00:71:03:20:37:fb:6e:b2:b3:5b:e1:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:51:51:8E:65:EB:EB:3D:3A:DB:33:98:A3:C3:1E:95:5D:F3:1C:DE
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/SFFRjmXr6z062zOYo8MelV3zHN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
75:54:9f:d2:28:55:69:e1:98:45:c8:a6:70:29:08:43:62:f9:
18:01:ba:1a:7f:cf:83:f6:a6:24:58:8d:0a:62:0c:c0:5f:5b:
64:ed:01:4c:ae:93:d2:d1:38:a1:90:6b:7a:e9:e2:b8:09:11:
05:1f:e2:6d:98:65:c0:76:cb:10:80:71:91:f0:f4:ea:60:5c:
65:11:f2:4c:f6:7a:92:c4:3b:35:57:36:9b:59:20:f3:26:f6:
f5:2f:16:a7:6b:e8:56:92:c7:5e:89:a1:dc:4a:c2:f6:6f:49:
5f:bc:df:58:e1:a9:73:bf:43:41:5e:f1:ec:a6:b4:b3:45:50:
94:90:fa:41:08:39:5e:1a:54:0b:eb:d8:d4:96:46:76:38:88:
13:f0:50:2d:91:d8:8d:14:88:f5:64:4d:aa:c1:50:72:3b:d2:
50:af:8f:92:76:76:9c:5a:ac:90:db:1a:a3:f9:71:1c:5f:78:
ff:c6:dc:78:d3:f1:2a:d9:dd:1d:4a:cb:c2:03:c4:54:94:2c:
50:94:80:56:de:5b:73:c7:51:a2:b0:be:e0:e8:fd:99:ea:a2:
1d:a3:97:a0:5a:e7:54:b3:e7:20:ed:66:25:3a:fd:14:f2:7a:
7f:ae:34:59:c7:7a:e9:37:f1:96:0c:bf:a2:33:9f:35:76:4f:
e2:e2:3c:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXsH4oR5yIGI1I0EdDoBgKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMTIxNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODUxNTE4ZTY1ZWJlYjNkM2FkYjMzOThhM2MzMWU5NTVkZjMxY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtyKfBoGZkGBxP5ld+kU8F59OKvX
ogWfZ6vqVHpuH23InVnm9adfJaGaYnsxJrN2CJD55lENHHeoNGco+4Db9l0sOdmB
yIUiZuwPbs7tz41ZE1Wqp3MNS7XZD1fxU8MrOrdB/k6CqBbV3o/2KzDHy7SsikOn
4NhHiuZV0KkTNMmHrW5TZiIFZiI2DSz4CzXSn/mnE6a/6yzCR1ECwsEVgb619I/F
OrdQqTVyr3z/EfLAQk+Q2rUBzUChn3KYWlQN19IwHCf7ynrbhf09NfOB/yllFNeN
arwHXDdSFOEW3AehPW+jfyJsofoEx789iopEUEdbAHEDIDf7brKzW+HAiwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEhRUY5l6+s9OtszmKPDHpVd8xzeMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvU0ZGUmptWHI2ejA2MnpPWW84TWVsVjN6SE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAdVSf0ihVaeGYRcimcCkIQ2L5
GAG6Gn/Pg/amJFiNCmIMwF9bZO0BTK6T0tE4oZBreuniuAkRBR/ibZhlwHbLEIBx
kfD06mBcZRHyTPZ6ksQ7NVc2m1kg8yb29S8Wp2voVpLHXomh3ErC9m9JX7zfWOGp
c79DQV7x7Ka0s0VQlJD6QQg5XhpUC+vY1JZGdjiIE/BQLZHYjRSI9WRNqsFQcjvS
UK+PknZ2nFqskNsao/lxHF94/8bceNPxKtndHUrLwgPEVJQsUJSAVt5bc8dRorC+
4Oj9meqiHaOXoFrnVLPnIO1mJTr9FPJ6f640Wcd66Tfxlgy/ojOfNXZP4uI8TA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:26:10 2025 by rpki-client