Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hsHeiQNohoPrShMCTjUh-oKJWx4.roa
File: hsHeiQNohoPrShMCTjUh-oKJWx4.roa (raw, json)
Hash identifier: +loBFSVlxyPyTI82cfdkEmYkInkJR0k6Dj26K2BK+ko=
Subject key identifier: 86:C1:DE:89:03:68:86:83:EB:4A:13:02:4E:35:21:FA:82:89:5B:1E
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195DFE4357F18F0440CD28B2EA5EEA3029D
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hsHeiQNohoPrShMCTjUh-oKJWx4.roa
Signing time: Sat 29 Mar 2025 03:13:49 +0000
ROA not before: Sat 29 Mar 2025 03:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:e4:35:7f:18:f0:44:0c:d2:8b:2e:a5:ee:a3:02:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 03:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86c1de8903688683eb4a13024e3521fa82895b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3c:4a:d8:79:11:1d:2d:80:51:4b:df:e1:ba:
d9:d3:fd:05:18:08:4f:49:e0:c3:c0:9f:f4:8b:28:
b4:b8:cb:3d:64:e7:ab:44:7f:d0:a6:e3:c1:d0:66:
b5:4e:fa:86:92:0a:33:ec:de:a3:79:19:f8:34:96:
df:b5:ce:20:3b:7f:37:1c:1f:8a:f0:df:58:1f:ba:
a4:b5:5f:b4:2a:4e:47:af:4b:f7:a4:65:71:eb:2f:
c5:6d:79:0d:08:72:6d:e1:e8:32:24:36:69:c2:9b:
3a:7a:ff:9c:66:97:95:4a:d9:d8:09:07:39:b0:8f:
8d:0a:56:49:6b:1c:dd:7c:c1:a4:3d:c5:9a:c6:46:
7b:ec:38:85:aa:f0:28:9f:62:01:7f:ce:a8:e9:61:
bc:c9:b4:03:e8:db:c3:6c:bb:a1:d0:33:1a:bd:d5:
b4:9e:a0:da:ba:07:22:07:93:7a:6e:ef:72:cc:2f:
98:b4:82:67:ba:ba:fb:1d:7b:e4:7a:fb:03:02:c2:
ac:a4:25:ab:d7:be:fb:f7:ff:f8:a7:10:de:7c:13:
fc:8a:e6:ca:a7:62:93:96:09:17:b3:2f:35:40:6d:
0c:39:de:59:72:01:82:15:6f:27:3a:02:0a:ec:b6:
84:a5:7b:08:4c:68:82:20:a1:eb:a0:83:65:7d:dd:
b3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C1:DE:89:03:68:86:83:EB:4A:13:02:4E:35:21:FA:82:89:5B:1E
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hsHeiQNohoPrShMCTjUh-oKJWx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
93:31:4a:47:e1:39:39:88:48:95:ed:91:da:ef:fa:49:0d:e9:
ac:51:ee:92:18:37:54:62:e1:ac:57:2f:13:e8:9e:56:8d:28:
a3:9e:bb:e3:78:06:b0:24:e0:ff:58:65:d7:c0:05:33:2b:73:
74:89:aa:91:b3:f9:12:cd:d3:98:a3:46:7c:f0:96:ea:eb:57:
7a:34:1c:f4:d0:0b:81:af:01:f0:61:b0:60:0e:72:7b:fc:86:
5d:c9:d9:21:9e:e1:f8:e2:89:10:17:7c:b3:9c:79:6b:41:d0:
a0:96:30:c4:d8:2f:5e:50:bf:a6:c2:68:ec:50:db:f6:63:4a:
59:9a:09:65:be:bf:f3:23:75:8f:1f:74:04:77:74:cb:d0:08:
16:88:4a:45:b7:be:99:d0:51:5f:aa:dd:04:5a:12:85:0c:fa:
a7:b9:4f:b0:af:38:28:cd:ff:fe:ab:34:c2:d4:ee:04:06:1f:
f5:4c:ee:42:6c:59:37:55:6b:64:43:03:0a:1c:80:47:2f:f6:
93:40:df:85:22:34:d0:7d:83:6b:56:3d:8e:e4:93:ee:de:42:
bb:ce:5b:2e:63:b4:40:09:41:d7:b8:fa:bf:7f:03:c1:72:51:
a3:79:d1:54:83:23:74:88:d1:ee:b8:fe:34:bf:3f:89:cc:3b:
f7:18:ba:80
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXf5DV/GPBEDNKLLqXuowKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MDMxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmMxZGU4OTAzNjg4NjgzZWI0YTEzMDI0ZTM1MjFmYTgyODk1YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDxK2HkRHS2AUUvf4brZ0/0FGAhP
SeDDwJ/0iyi0uMs9ZOerRH/QpuPB0Ga1TvqGkgoz7N6jeRn4NJbftc4gO383HB+K
8N9YH7qktV+0Kk5Hr0v3pGVx6y/FbXkNCHJt4egyJDZpwps6ev+cZpeVStnYCQc5
sI+NClZJaxzdfMGkPcWaxkZ77DiFqvAon2IBf86o6WG8ybQD6NvDbLuh0DMavdW0
nqDaugciB5N6bu9yzC+YtIJnurr7HXvkevsDAsKspCWr17779//4pxDefBP8iubK
p2KTlgkXsy81QG0MOd5ZcgGCFW8nOgIK7LaEpXsITGiCIKHroINlfd2zzQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIbB3okDaIaD60oTAk41IfqCiVseMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvaHNIZWlRTm9ob1ByU2hNQ1RqVWgtb0tKV3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAkzFKR+E5OYhIle2R2u/6SQ3p
rFHukhg3VGLhrFcvE+ieVo0oo56743gGsCTg/1hl18AFMytzdImqkbP5Es3TmKNG
fPCW6utXejQc9NALga8B8GGwYA5ye/yGXcnZIZ7h+OKJEBd8s5x5a0HQoJYwxNgv
XlC/psJo7FDb9mNKWZoJZb6/8yN1jx90BHd0y9AIFohKRbe+mdBRX6rdBFoShQz6
p7lPsK84KM3//qs0wtTuBAYf9UzuQmxZN1VrZEMDChyARy/2k0DfhSI00H2Da1Y9
juST7t5Cu85bLmO0QAlB17j6v38DwXJRo3nRVIMjdIjR7rj+NL8/icw79xi6gA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:43:24 2025 by rpki-client