Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/X0yAvEMXYmP79Izu27VdTXXoMDU.roa
File: X0yAvEMXYmP79Izu27VdTXXoMDU.roa (raw, json)
Hash identifier: fxU0UyANDYzg5m0pfrMe08WMD+4AH2Ita2BGzoQVtCE=
Subject key identifier: 5F:4C:80:BC:43:17:62:63:FB:F4:8C:EE:DB:B5:5D:4D:75:E8:30:35
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EEEA5857001C7065C32829E15FAE3FD9
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/X0yAvEMXYmP79Izu27VdTXXoMDU.roa
Signing time: Tue 01 Apr 2025 01:14:50 +0000
ROA not before: Tue 01 Apr 2025 01:14:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ee:ea:58:57:00:1c:70:65:c3:28:29:e1:5f:ae:3f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 1 01:14:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f4c80bc43176263fbf48ceedbb55d4d75e83035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:68:9e:bc:1a:da:c3:9f:25:db:1e:94:83:
73:b4:99:58:fa:32:09:bc:7b:7a:97:13:da:0a:32:
f6:6e:05:cd:99:f2:69:b8:2b:c9:81:68:31:2d:40:
62:2b:47:36:4d:ee:a0:28:44:c1:d2:c4:1c:6d:f2:
0d:28:c5:39:12:c6:ba:11:d2:f0:db:67:70:23:a3:
38:65:cd:b5:4d:44:29:f9:86:c1:63:dc:fd:81:d8:
0d:2b:13:ed:72:57:98:8a:72:fb:33:a3:24:87:e8:
d6:51:f0:79:96:36:9c:83:3a:30:84:e5:fe:9d:cd:
aa:11:b6:92:45:b8:77:c0:d4:fc:3b:e5:9e:ad:f4:
5b:9f:58:24:20:18:cc:ac:ab:a6:20:a9:0b:c2:08:
fa:4d:b7:2b:13:6e:44:d3:8b:11:62:68:71:75:1c:
20:b4:41:91:9b:80:82:11:7e:81:93:9f:52:fa:94:
7d:f5:fd:81:b4:30:a8:27:08:d4:9f:88:8d:cb:52:
5b:99:1c:8e:5c:72:b0:e9:ae:29:3c:4f:47:7d:96:
1a:aa:14:e2:90:e5:8e:f3:b1:9c:08:96:48:a7:f4:
6b:f7:f7:10:99:8b:d8:10:c8:63:fb:59:2c:8a:09:
33:f4:94:90:3c:ac:09:8d:19:39:a9:89:3d:c1:0e:
a9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4C:80:BC:43:17:62:63:FB:F4:8C:EE:DB:B5:5D:4D:75:E8:30:35
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/X0yAvEMXYmP79Izu27VdTXXoMDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
88:ed:2f:44:93:a9:1f:c7:7d:49:82:c9:bc:8d:3c:f4:9f:a8:
4a:b3:f7:49:ee:f5:e4:50:5d:4a:fe:5c:6b:92:8e:a7:55:d5:
49:95:2d:8e:49:58:bf:84:ed:49:aa:9f:3a:04:32:2c:97:73:
a7:8a:98:79:0f:fe:56:52:3c:a1:ab:23:b0:f3:f6:cf:23:c0:
dc:0f:6f:f4:0f:e3:48:6c:4c:c7:bd:81:e9:0a:f8:c4:1d:04:
b0:55:08:e1:db:67:26:7c:41:dc:c9:cf:6e:92:ef:b2:10:e2:
25:a5:aa:7c:77:bf:bc:b9:9f:71:9b:7b:b7:b7:14:91:c3:3c:
c1:c9:5a:2f:f5:8b:c3:ea:66:ac:04:7f:36:b5:0d:d9:89:b3:
ff:9f:87:f5:58:0c:30:29:12:43:79:7f:ee:b5:7c:07:f8:31:
4f:35:d7:64:9f:57:fc:23:69:7d:37:d2:10:23:2b:a3:93:82:
46:83:fe:7c:24:ff:c8:fe:dc:52:d3:85:1c:79:44:af:bd:7e:
1e:05:e0:fa:93:5f:80:f5:8c:9c:38:64:9b:e5:53:94:5c:af:
f8:32:99:4b:61:ec:72:5f:b3:79:d7:3f:c3:23:69:75:03:50:
0a:dd:a1:fa:2d:59:d8:cc:45:19:fc:de:82:b9:e1:4a:fc:31:
60:ff:a6:18
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXu6lhXABxwZcMoKeFfrj/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAxMDExNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjRjODBiYzQzMTc2MjYzZmJmNDhjZWVkYmI1NWQ0ZDc1ZTgzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw01onrwa2sOfJdselINztJlY+jIJ
vHt6lxPaCjL2bgXNmfJpuCvJgWgxLUBiK0c2Te6gKETB0sQcbfINKMU5Esa6EdLw
22dwI6M4Zc21TUQp+YbBY9z9gdgNKxPtcleYinL7M6Mkh+jWUfB5ljacgzowhOX+
nc2qEbaSRbh3wNT8O+WerfRbn1gkIBjMrKumIKkLwgj6TbcrE25E04sRYmhxdRwg
tEGRm4CCEX6Bk59S+pR99f2BtDCoJwjUn4iNy1JbmRyOXHKw6a4pPE9HfZYaqhTi
kOWO87GcCJZIp/Rr9/cQmYvYEMhj+1ksigkz9JSQPKwJjRk5qYk9wQ6p5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFF9MgLxDF2Jj+/SM7tu1XU116DA1MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvWDB5QXZFTVhZbVA3OUl6dTI3VmRUWFhvTURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAiO0vRJOpH8d9SYLJvI089J+o
SrP3Se715FBdSv5ca5KOp1XVSZUtjklYv4TtSaqfOgQyLJdzp4qYeQ/+VlI8oasj
sPP2zyPA3A9v9A/jSGxMx72B6Qr4xB0EsFUI4dtnJnxB3MnPbpLvshDiJaWqfHe/
vLmfcZt7t7cUkcM8wclaL/WLw+pmrAR/NrUN2Ymz/5+H9VgMMCkSQ3l/7rV8B/gx
TzXXZJ9X/CNpfTfSECMro5OCRoP+fCT/yP7cUtOFHHlEr71+HgXg+pNfgPWMnDhk
m+VTlFyv+DKZS2Hscl+zedc/wyNpdQNQCt2h+i1Z2MxFGfzegrnhSvwxYP+mGA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:37:46 2025 by rpki-client