Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/dDIYjuv2mevmHnxZLrsen_XZ2mg.roa
File: dDIYjuv2mevmHnxZLrsen_XZ2mg.roa (raw, json)
Hash identifier: SOgC11qqhGMTqBEmCSuNEnWjp+RBqsCm2e/e8Tcs5ao=
Subject key identifier: 74:32:18:8E:EB:F6:99:EB:E6:1E:7C:59:2E:BB:1E:9F:F5:D9:DA:68
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EBB1720A5C585FEDA0C2986C975C7E42
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/dDIYjuv2mevmHnxZLrsen_XZ2mg.roa
Signing time: Mon 31 Mar 2025 10:13:49 +0000
ROA not before: Mon 31 Mar 2025 10:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:b1:72:0a:5c:58:5f:ed:a0:c2:98:6c:97:5c:7e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 10:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7432188eebf699ebe61e7c592ebb1e9ff5d9da68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:80:63:37:de:da:2a:db:c9:f3:c1:3d:5d:59:
79:0b:ea:c9:56:b3:c3:1b:25:7f:25:b4:61:a1:5e:
02:d5:a0:ab:d8:f2:49:12:7e:96:38:92:9e:b6:2d:
1e:11:d0:0d:22:c6:8e:ae:3f:1a:6b:ce:61:78:2e:
6e:e3:af:3b:53:a9:0d:5c:f9:c9:d2:c1:51:fd:4f:
5b:cd:53:46:42:e9:a6:6a:ad:e8:1e:1a:0a:75:04:
20:c0:ab:8a:13:86:6e:52:b3:e7:6e:09:27:b0:ca:
e7:42:b2:0a:54:08:91:1c:91:f1:34:b4:b2:a6:96:
5a:02:df:74:db:6e:89:2d:63:a2:b8:41:9d:3a:17:
0e:e6:2e:bc:c3:3c:d8:de:77:4d:46:13:f0:95:8d:
06:5a:2d:7d:22:cc:ca:07:45:e9:68:18:22:b7:be:
9a:09:78:20:1c:f6:50:8c:6b:20:52:8c:19:15:4d:
cc:b5:41:33:46:0c:3d:1c:e9:a1:cf:45:e7:da:d1:
01:8a:35:8c:71:2d:6d:e4:dd:11:4a:e6:ca:53:18:
e4:c0:98:8d:0c:40:4e:95:ae:b8:fb:92:4b:3a:8f:
82:3d:1f:04:40:ce:ef:91:f8:07:84:c3:f3:ff:ff:
6c:c1:d4:06:6e:3d:03:9a:4b:d3:5f:bc:9e:4f:1c:
17:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:32:18:8E:EB:F6:99:EB:E6:1E:7C:59:2E:BB:1E:9F:F5:D9:DA:68
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/dDIYjuv2mevmHnxZLrsen_XZ2mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
45:0d:9b:9e:ac:e5:e6:ef:8d:c9:20:13:b1:bc:57:d8:4a:38:
00:0b:74:f9:5a:65:61:c8:03:ec:ad:69:4c:58:c8:31:d4:72:
5f:5c:8f:cc:ef:59:bc:20:77:7f:04:7f:88:b6:bd:61:2f:b8:
6f:0d:41:dd:5b:3a:d0:e8:96:5f:b6:b2:cc:57:cb:53:4d:74:
1a:ac:b1:db:d7:c3:bb:95:58:df:6a:1c:9f:78:c1:70:57:b1:
da:61:9a:55:c7:bf:02:70:7e:64:51:1d:65:69:54:d9:3c:89:
19:33:94:e4:9d:86:ea:0e:4d:02:b1:17:ce:8d:fd:1e:95:6b:
12:68:8b:03:da:de:63:cb:f1:3c:31:07:a9:0b:93:89:02:c7:
c1:5c:43:f3:29:21:5a:ca:a9:79:2b:96:64:94:0b:46:60:c6:
04:9a:63:d6:41:58:0d:82:04:16:fe:a2:3e:42:7e:3d:16:3c:
83:7f:e9:16:d2:0c:4d:52:0c:90:b2:ea:86:4e:56:29:63:69:
40:e6:f4:b2:ad:a5:22:7b:31:46:5d:15:e3:15:9f:01:6b:84:
8a:1b:2e:52:ff:ea:0d:f9:9a:03:11:f2:b2:30:a6:0b:c1:8f:
a5:44:0f:06:5e:fe:ed:c4:e6:3a:0b:ba:68:de:7d:47:b2:81:
fc:1e:ee:fe
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXrsXIKXFhf7aDCmGyXXH5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMTAxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMyMTg4ZWViZjY5OWViZTYxZTdjNTkyZWJiMWU5ZmY1ZDlkYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoBjN97aKtvJ88E9XVl5C+rJVrPD
GyV/JbRhoV4C1aCr2PJJEn6WOJKeti0eEdANIsaOrj8aa85heC5u4687U6kNXPnJ
0sFR/U9bzVNGQummaq3oHhoKdQQgwKuKE4ZuUrPnbgknsMrnQrIKVAiRHJHxNLSy
ppZaAt90226JLWOiuEGdOhcO5i68wzzY3ndNRhPwlY0GWi19IszKB0XpaBgit76a
CXggHPZQjGsgUowZFU3MtUEzRgw9HOmhz0Xn2tEBijWMcS1t5N0RSubKUxjkwJiN
DEBOla64+5JLOo+CPR8EQM7vkfgHhMPz//9swdQGbj0DmkvTX7yeTxwXpwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHQyGI7r9pnr5h58WS67Hp/12dpoMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvZERJWWp1djJtZXZtSG54Wkxyc2VuX1haMm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEARQ2bnqzl5u+NySATsbxX2Eo4
AAt0+VplYcgD7K1pTFjIMdRyX1yPzO9ZvCB3fwR/iLa9YS+4bw1B3Vs60OiWX7ay
zFfLU010Gqyx29fDu5VY32ocn3jBcFex2mGaVce/AnB+ZFEdZWlU2TyJGTOU5J2G
6g5NArEXzo39HpVrEmiLA9reY8vxPDEHqQuTiQLHwVxD8ykhWsqpeSuWZJQLRmDG
BJpj1kFYDYIEFv6iPkJ+PRY8g3/pFtIMTVIMkLLqhk5WKWNpQOb0sq2lInsxRl0V
4xWfAWuEihsuUv/qDfmaAxHysjCmC8GPpUQPBl7+7cTmOgu6aN59R7KB/B7u/g==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:41:03 2025 by rpki-client