Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/lxq8kAkQGnGTfba_6brEYV16J38.roa
File: lxq8kAkQGnGTfba_6brEYV16J38.roa (raw, json)
Hash identifier: w4fkeKyJKIBwNxbaAjXwhdLchbe4wNOrH8h1P43NF+E=
Subject key identifier: 97:1A:BC:90:09:10:1A:71:93:7D:B6:BF:E9:BA:C4:61:5D:7A:27:7F
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FF6E3EA8ACDC785B23D8EE80EE70BAC0
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/lxq8kAkQGnGTfba_6brEYV16J38.roa
Signing time: Fri 04 Apr 2025 06:12:49 +0000
ROA not before: Fri 04 Apr 2025 06:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:6e:3e:a8:ac:dc:78:5b:23:d8:ee:80:ee:70:ba:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 4 06:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=971abc9009101a71937db6bfe9bac4615d7a277f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:41:94:27:be:67:4e:f2:07:10:89:25:c7:
e5:e7:f1:49:39:eb:a5:3c:69:12:9f:19:ad:df:85:
dd:ab:81:6b:d6:86:40:9d:bb:31:ac:bc:88:16:a4:
5a:d9:e1:a3:c7:f0:4c:29:e8:8b:35:c1:3f:a3:58:
03:2b:d6:20:6c:1f:09:b7:e3:7e:77:98:35:86:7d:
6f:c1:26:de:20:27:bf:c9:80:b2:d5:7a:e1:a3:0a:
6d:7c:bd:b7:a0:1f:72:63:7f:36:53:06:67:1d:26:
37:a3:a6:80:b5:ed:d2:43:1f:53:b2:34:aa:d4:56:
a5:99:98:73:4d:c0:80:77:6f:49:a4:4e:e9:3c:c9:
5f:7f:c3:ad:01:57:c2:35:77:24:68:80:e9:1e:94:
b9:84:88:91:29:3a:c5:e3:58:f0:71:39:18:a7:0d:
eb:38:02:52:6a:d6:e0:5a:ca:b0:52:6e:70:41:2a:
da:f8:73:a8:16:b5:c6:5a:bb:d1:52:97:57:50:a3:
81:28:85:7c:7f:91:51:3e:bb:ff:db:9a:13:92:a0:
33:f5:e6:34:fc:c6:92:d2:c6:4b:dd:cf:70:a0:73:
c3:18:ab:4b:9a:54:4e:f1:a7:04:2e:2f:de:c8:38:
3a:a9:2a:97:80:41:aa:18:20:0c:b3:d6:0d:da:99:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1A:BC:90:09:10:1A:71:93:7D:B6:BF:E9:BA:C4:61:5D:7A:27:7F
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/lxq8kAkQGnGTfba_6brEYV16J38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
1c:4d:ef:f2:75:02:a2:6f:ba:6a:e5:85:2d:79:76:ab:cf:0b:
8e:db:39:27:cd:c9:69:b4:12:cd:f2:27:ff:14:b1:a1:64:0e:
dd:3c:bf:47:2b:43:10:fe:cd:e9:ae:0b:26:94:30:1e:b7:f6:
5b:44:81:4c:8a:d9:48:c0:fb:2a:45:fd:72:d0:93:2d:2c:b9:
e0:12:34:74:13:50:ad:e5:8b:20:6f:57:a3:09:cc:98:f0:a8:
f4:73:c4:03:e5:5f:f5:4d:3e:06:23:d1:1e:04:61:20:73:48:
1f:5c:23:1f:eb:1c:e2:93:33:46:52:cc:1d:fb:3d:75:af:4b:
8d:96:52:a5:ff:d3:78:b2:32:74:d4:26:7b:c1:3a:aa:23:c0:
39:d9:03:ef:52:0a:13:a2:b4:1d:93:71:67:c4:01:3d:88:26:
63:99:11:4f:a9:85:82:9d:bd:d7:5f:0d:dd:76:e4:00:17:3d:
bc:e6:39:19:6c:2d:68:49:e2:f9:01:7d:3e:81:af:49:8e:04:
c2:60:66:d2:ff:51:2c:4e:44:d1:0f:ae:bf:a6:cd:f2:33:5a:
59:15:eb:c4:c1:af:57:82:e0:4b:81:ea:2e:c5:89:84:51:6e:
e8:7b:a6:72:d6:64:69:4c:cf:6e:b9:57:98:fa:47:2f:0d:6b:
09:95:08:2b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX/bj6orNx4WyPY7oDucLrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDA0MDYxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFhYmM5MDA5MTAxYTcxOTM3ZGI2YmZlOWJhYzQ2MTVkN2EyNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopNBlCe+Z07yBxCJJcfl5/FJOeul
PGkSnxmt34Xdq4Fr1oZAnbsxrLyIFqRa2eGjx/BMKeiLNcE/o1gDK9YgbB8Jt+N+
d5g1hn1vwSbeICe/yYCy1XrhowptfL23oB9yY382UwZnHSY3o6aAte3SQx9TsjSq
1FalmZhzTcCAd29JpE7pPMlff8OtAVfCNXckaIDpHpS5hIiRKTrF41jwcTkYpw3r
OAJSatbgWsqwUm5wQSra+HOoFrXGWrvRUpdXUKOBKIV8f5FRPrv/25oTkqAz9eY0
/MaS0sZL3c9woHPDGKtLmlRO8acELi/eyDg6qSqXgEGqGCAMs9YN2pkOXQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJcavJAJEBpxk322v+m6xGFdeid/MB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvbHhxOGtBa1FHbkdUZmJhXzZickVZVjE2SjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAHE3v8nUCom+6auWFLXl2q88L
jts5J83JabQSzfIn/xSxoWQO3Ty/RytDEP7N6a4LJpQwHrf2W0SBTIrZSMD7KkX9
ctCTLSy54BI0dBNQreWLIG9XownMmPCo9HPEA+Vf9U0+BiPRHgRhIHNIH1wjH+sc
4pMzRlLMHfs9da9LjZZSpf/TeLIydNQme8E6qiPAOdkD71IKE6K0HZNxZ8QBPYgm
Y5kRT6mFgp29118N3XbkABc9vOY5GWwtaEni+QF9PoGvSY4EwmBm0v9RLE5E0Q+u
v6bN8jNaWRXrxMGvV4LgS4HqLsWJhFFu6HumctZkaUzPbrlXmPpHLw1rCZUIKw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:46:05 2025 by rpki-client