Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/VHxizvAnohsNHFN9kMMoh1LfWJw.roa
File: VHxizvAnohsNHFN9kMMoh1LfWJw.roa (raw, json)
Hash identifier: hBTmYYYyiCeSm/i2YUJhBtABpJXS0JCZsUp8pL3hRms=
Subject key identifier: 54:7C:62:CE:F0:27:A2:1B:0D:1C:53:7D:90:C3:28:87:52:DF:58:9C
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F2207C12362224F210B9E48515D5C7BE
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/VHxizvAnohsNHFN9kMMoh1LfWJw.roa
Signing time: Tue 01 Apr 2025 16:12:50 +0000
ROA not before: Tue 01 Apr 2025 16:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f2:20:7c:12:36:22:24:f2:10:b9:e4:85:15:d5:c7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 16:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=547c62cef027a21b0d1c537d90c3288752df589c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e8:f0:06:ff:78:a2:1c:63:6c:8b:89:1e:fe:
83:1f:8f:01:9b:70:39:ab:e3:33:08:89:9a:8f:0e:
e7:88:a8:c0:a1:23:24:67:21:a2:62:01:7f:d0:35:
b9:b8:d8:21:47:81:83:51:6c:57:ac:79:4f:eb:b9:
71:79:25:db:69:19:ea:81:c4:5f:87:ef:c4:db:05:
28:4c:bc:2a:a4:65:e3:3a:9a:a6:40:f5:6d:bc:fb:
de:6c:d2:64:48:d4:d2:0e:bf:af:85:09:33:21:70:
db:d5:cf:2d:59:1a:40:3c:43:92:69:ba:58:cf:a2:
83:e4:68:7e:6f:7f:99:dc:3e:be:1e:5c:7c:07:d3:
11:25:f8:f1:8d:0c:9a:22:87:93:5c:13:0f:10:57:
c1:86:1b:79:d3:87:f6:21:b5:5c:9a:cd:cc:34:c1:
48:61:27:a1:02:c1:30:52:1e:de:7a:ba:91:34:e5:
f0:c5:59:42:1a:7a:2c:f7:94:d6:93:ff:27:7c:45:
70:3b:dd:2c:3f:0d:9e:22:76:66:2e:2e:8d:d0:57:
68:21:8b:a4:76:c6:75:f3:d6:11:34:76:47:3a:37:
8c:ef:5e:76:3f:b5:23:fc:fc:40:3e:28:26:ca:3d:
42:1f:f0:05:ca:6e:a9:c3:14:06:82:29:23:61:1d:
8e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7C:62:CE:F0:27:A2:1B:0D:1C:53:7D:90:C3:28:87:52:DF:58:9C
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/VHxizvAnohsNHFN9kMMoh1LfWJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
25:16:2f:e3:72:c1:dc:a5:a6:d1:db:ed:81:34:49:e0:ce:4b:
97:2c:ec:96:8a:44:54:be:14:5c:1d:ac:f3:3b:37:0a:1e:7b:
d5:98:a2:80:66:14:f1:03:17:b6:81:36:48:cf:56:34:d1:bf:
2d:ff:4b:67:fb:68:3a:a5:3f:6b:0a:34:84:6f:42:48:8e:d4:
97:40:60:c8:94:39:38:4d:bb:16:98:86:3e:4b:8f:50:ac:01:
54:9c:88:30:a3:cd:44:e1:71:f3:18:25:e8:ff:16:cb:98:6b:
20:45:c6:b0:c1:d6:e0:73:16:98:04:c3:fa:89:01:04:18:c8:
d2:5a:79:98:d3:21:6d:01:ce:72:fa:6c:8e:fd:de:56:06:24:
3a:f9:d2:68:c9:15:28:06:dd:ed:43:2b:67:d4:f1:7b:9a:83:
03:31:69:56:d2:e8:ec:e5:be:36:4e:75:d1:89:91:ce:8a:44:
a1:fa:f1:7f:03:9e:4d:f6:2e:c3:74:1e:39:3e:ee:16:02:ab:
ca:a4:35:4b:a7:ac:0b:ae:5d:96:c1:38:20:0c:e3:19:d8:46:
3c:79:ce:99:ae:82:50:a9:b0:4b:07:52:d7:9d:52:3f:3b:90:
80:84:cf:c9:a5:a9:b1:06:e8:9c:fb:1a:07:06:97:33:bf:59:
8c:f9:36:04
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXyIHwSNiIk8hC55IUV1ce+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMTYxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDdjNjJjZWYwMjdhMjFiMGQxYzUzN2Q5MGMzMjg4NzUyZGY1ODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOjwBv94ohxjbIuJHv6DH48Bm3A5
q+MzCImajw7niKjAoSMkZyGiYgF/0DW5uNghR4GDUWxXrHlP67lxeSXbaRnqgcRf
h+/E2wUoTLwqpGXjOpqmQPVtvPvebNJkSNTSDr+vhQkzIXDb1c8tWRpAPEOSabpY
z6KD5Gh+b3+Z3D6+Hlx8B9MRJfjxjQyaIoeTXBMPEFfBhht504f2IbVcms3MNMFI
YSehAsEwUh7eerqRNOXwxVlCGnos95TWk/8nfEVwO90sPw2eInZmLi6N0FdoIYuk
dsZ189YRNHZHOjeM7152P7Uj/PxAPigmyj1CH/AFym6pwxQGgikjYR2OiQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFR8Ys7wJ6IbDRxTfZDDKIdS31icMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvVkh4aXp2QW5vaHNOSEZOOWtNTW9oMUxmV0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAJRYv43LB3KWm0dvtgTRJ4M5L
lyzslopEVL4UXB2s8zs3Ch571ZiigGYU8QMXtoE2SM9WNNG/Lf9LZ/toOqU/awo0
hG9CSI7Ul0BgyJQ5OE27FpiGPkuPUKwBVJyIMKPNROFx8xgl6P8Wy5hrIEXGsMHW
4HMWmATD+okBBBjI0lp5mNMhbQHOcvpsjv3eVgYkOvnSaMkVKAbd7UMrZ9Txe5qD
AzFpVtLo7OW+Nk510YmRzopEofrxfwOeTfYuw3QeOT7uFgKryqQ1S6esC65dlsE4
IAzjGdhGPHnOma6CUKmwSwdS151SPzuQgITPyaWpsQbonPsaBwaXM79ZjPk2BA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 11:16:51 2025 by rpki-client