Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/e2sLSbYb334VxH6U86Kcik-JDM8.roa
File: e2sLSbYb334VxH6U86Kcik-JDM8.roa (raw, json)
Hash identifier: HvK5EMMWrMwQZsEwShdfw9Eazs7UQ5v7LB1R/4D4Lpg=
Subject key identifier: 7B:6B:0B:49:B6:1B:DF:7E:15:C4:7E:94:F3:A2:9C:8A:4F:89:0C:CF
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195EB799A0C5330C5DE8A7A0D0465CDD354
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/e2sLSbYb334VxH6U86Kcik-JDM8.roa
Signing time: Mon 31 Mar 2025 09:12:49 +0000
ROA not before: Mon 31 Mar 2025 09:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:79:9a:0c:53:30:c5:de:8a:7a:0d:04:65:cd:d3:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 31 09:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b6b0b49b61bdf7e15c47e94f3a29c8a4f890ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:92:d7:c8:ae:14:ac:56:0a:72:99:7a:ee:44:
9f:9b:ad:34:87:21:9c:a6:a4:82:dd:6d:df:21:d4:
7c:e5:0d:eb:03:ed:10:0a:9e:3b:b0:8e:9f:07:aa:
d0:61:0b:d2:1d:b4:f9:53:57:41:98:f0:ec:16:bc:
e3:a3:3c:8b:d7:90:79:3c:7a:5a:27:e6:4d:8f:20:
4e:8c:27:88:2c:1d:04:41:9b:1a:19:70:13:1b:b8:
33:99:97:57:d7:10:d1:26:97:de:a5:a6:a8:59:7b:
a7:f9:ca:18:8e:2c:1e:7f:8f:5f:ab:c9:fc:93:52:
07:44:3d:2f:83:52:40:22:ed:f1:a4:19:ed:df:2b:
a9:db:b3:39:dd:eb:71:65:ac:ef:69:1a:c2:0d:28:
96:65:ba:a4:6d:c5:5f:65:82:6c:79:3c:16:30:7e:
f2:c4:8b:2b:52:3e:35:9b:2d:b0:0d:e2:d3:33:4e:
46:d1:d2:6b:de:f6:3b:08:7c:91:9d:72:34:91:3f:
19:a8:4d:27:91:a1:5c:57:49:45:a9:4d:db:be:47:
18:01:b7:fd:55:fb:00:82:ea:a3:7c:43:c9:71:75:
85:7e:a6:92:1c:19:51:ea:90:50:d4:e7:07:7c:6b:
4d:4f:d8:e1:f7:1e:28:70:5d:62:f2:73:80:2e:9b:
63:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6B:0B:49:B6:1B:DF:7E:15:C4:7E:94:F3:A2:9C:8A:4F:89:0C:CF
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/e2sLSbYb334VxH6U86Kcik-JDM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
66:9c:a8:42:d5:82:66:3e:83:04:07:ac:4f:88:12:19:5a:59:
0e:f1:02:b8:5c:69:dc:47:87:7b:c6:70:09:44:18:c4:b5:4f:
5c:d3:ac:19:ef:6c:27:b6:f4:7d:df:aa:fd:7d:3e:51:6f:fb:
ba:0c:3d:b9:5a:de:6f:23:e0:6d:07:42:a8:28:52:a7:58:00:
b2:c2:55:c0:9e:b2:7f:09:5c:a9:db:f4:2c:8f:8c:42:92:a5:
ef:5c:0f:73:f7:09:2f:df:b1:5c:59:f3:cb:3f:ac:13:84:af:
a7:c4:d7:c6:1a:11:3b:9d:c1:71:a2:18:af:f5:92:ef:f2:40:
f5:93:fc:5a:c8:50:04:c3:ae:ac:c3:bc:ba:6c:83:a7:10:d3:
a6:cc:2f:cd:87:7c:a9:24:cd:66:7b:59:0e:ac:28:bc:47:33:
00:59:50:a0:ac:2c:87:5d:fc:46:54:4e:52:bc:35:3b:a9:df:
2a:3a:d9:91:63:19:9b:46:60:9f:c8:84:b8:43:db:ac:cf:67:
eb:51:30:df:80:7f:1e:34:59:51:81:89:53:cb:2f:0b:00:0e:
07:9b:a7:05:ca:97:d6:ac:6d:36:88:02:e8:46:33:64:1c:31:
dd:e0:3b:1c:fa:b0:bc:d4:7f:a7:40:2e:49:36:e3:a8:cc:71:
42:46:5a:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXreZoMUzDF3op6DQRlzdNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzMxMDkxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZiMGI0OWI2MWJkZjdlMTVjNDdlOTRmM2EyOWM4YTRmODkwY2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJLXyK4UrFYKcpl67kSfm600hyGc
pqSC3W3fIdR85Q3rA+0QCp47sI6fB6rQYQvSHbT5U1dBmPDsFrzjozyL15B5PHpa
J+ZNjyBOjCeILB0EQZsaGXATG7gzmZdX1xDRJpfepaaoWXun+coYjiwef49fq8n8
k1IHRD0vg1JAIu3xpBnt3yup27M53etxZazvaRrCDSiWZbqkbcVfZYJseTwWMH7y
xIsrUj41my2wDeLTM05G0dJr3vY7CHyRnXI0kT8ZqE0nkaFcV0lFqU3bvkcYAbf9
VfsAguqjfEPJcXWFfqaSHBlR6pBQ1OcHfGtNT9jh9x4ocF1i8nOALptjYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHtrC0m2G99+FcR+lPOinIpPiQzPMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvZTJzTFNiWWIzMzRWeEg2VTg2S2Npay1KRE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAZpyoQtWCZj6DBAesT4gSGVpZ
DvECuFxp3EeHe8ZwCUQYxLVPXNOsGe9sJ7b0fd+q/X0+UW/7ugw9uVrebyPgbQdC
qChSp1gAssJVwJ6yfwlcqdv0LI+MQpKl71wPc/cJL9+xXFnzyz+sE4Svp8TXxhoR
O53BcaIYr/WS7/JA9ZP8WshQBMOurMO8umyDpxDTpswvzYd8qSTNZntZDqwovEcz
AFlQoKwsh138RlROUrw1O6nfKjrZkWMZm0Zgn8iEuEPbrM9n61Ew34B/HjRZUYGJ
U8svCwAOB5unBcqX1qxtNogC6EYzZBwx3eA7HPqwvNR/p0AuSTbjqMxxQkZabg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:40:21 2025 by rpki-client