Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mnawlkYdPifl0_E9lW3e7DC1ygs.roa
File: mnawlkYdPifl0_E9lW3e7DC1ygs.roa (raw, json)
Hash identifier: tENugL4zc7HvBbTn0Pb6N2onESJ9X56dRG4zmNQBT5Y=
Subject key identifier: 9A:76:B0:96:46:1D:3E:27:E5:D3:F1:3D:95:6D:DE:EC:30:B5:CA:0B
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FA11DE039CAEE096DD4CC193E3DC87CE
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mnawlkYdPifl0_E9lW3e7DC1ygs.roa
Signing time: Thu 03 Apr 2025 05:13:49 +0000
ROA not before: Thu 03 Apr 2025 05:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:11:de:03:9c:ae:e0:96:dd:4c:c1:93:e3:dc:87:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 05:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a76b096461d3e27e5d3f13d956ddeec30b5ca0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:78:95:ee:e0:9c:53:fe:be:01:03:33:3f:3d:
52:90:8e:5c:58:fc:4d:0c:b1:87:39:48:d5:19:99:
f6:99:b1:7a:63:39:ac:45:19:f7:43:48:98:36:4f:
71:3d:36:08:69:af:97:62:e1:e4:a0:71:db:b2:2e:
04:9f:3f:ae:ac:10:a0:c2:33:ed:af:b8:f5:c7:c6:
09:e4:ff:cb:46:84:a0:ba:b4:b4:06:89:76:53:1d:
b9:01:72:58:5e:50:e5:c3:3a:d9:10:94:70:5c:1d:
e8:ec:d5:96:cf:e7:d9:12:12:64:bb:3b:45:77:03:
fb:4c:42:80:fd:67:52:24:a5:dd:85:bd:81:5a:64:
93:04:38:37:ff:f3:7f:9b:26:5c:9f:e6:ef:66:b5:
a8:32:10:ab:c5:7f:5f:b5:ed:de:0a:f9:ad:03:35:
11:41:9c:4a:78:e1:13:b8:91:8c:11:71:f0:b8:c2:
f7:95:8e:f0:67:2e:52:14:2e:76:73:4b:75:26:99:
d9:80:7f:7e:bb:cd:1b:b2:b2:a0:e5:93:bd:8f:ba:
bc:ab:67:94:93:0a:99:f3:c9:91:53:86:8c:5c:00:
79:49:80:0f:f2:7c:98:74:cc:84:51:0b:8f:91:cc:
62:b3:f5:27:ce:4b:4f:13:8a:5f:4d:ad:e1:72:9c:
93:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:76:B0:96:46:1D:3E:27:E5:D3:F1:3D:95:6D:DE:EC:30:B5:CA:0B
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/mnawlkYdPifl0_E9lW3e7DC1ygs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
01:71:b4:9d:6f:28:81:e3:0c:26:5f:30:34:fb:d6:d6:98:65:
76:fc:ac:50:5c:b4:cc:13:f6:36:79:03:f1:45:3a:c0:61:e2:
7d:e1:a9:7f:f8:8b:6e:31:62:50:ea:1b:e2:95:45:06:fe:95:
05:92:58:e3:03:90:8d:d4:21:af:bd:b0:df:bd:1a:09:ee:c8:
84:d3:37:71:56:11:11:26:12:15:d1:6d:4a:28:9b:30:d5:57:
c7:aa:de:5e:e5:b8:d8:ad:37:e4:09:7a:32:b1:9a:42:7b:aa:
ef:78:75:fa:6b:04:a6:34:5d:9c:5d:93:f5:2a:a3:63:bc:69:
8d:7e:35:e7:dd:c3:e1:89:0a:8b:62:50:65:43:e8:29:5b:2e:
5f:da:ef:ed:3f:4b:b1:b7:e6:4e:f2:ef:8e:23:00:9e:4a:ee:
71:66:60:32:7e:56:91:b6:b3:e9:49:05:08:75:40:d8:8c:dd:
a5:c9:4c:97:02:78:55:36:b8:f4:3c:73:f2:63:a5:d0:1e:e2:
ad:e6:23:64:4e:fc:aa:8b:f8:83:a3:ab:22:29:eb:50:a5:04:
3f:59:f8:a1:95:3b:d5:5b:f1:b1:04:80:e5:6b:ac:0f:a8:cd:
a6:13:98:57:3f:fa:c2:e6:e6:1a:1c:2a:4f:cd:bb:1d:7c:17:
b7:13:9b:25
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX6Ed4DnK7glt1MwZPj3IfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMDUxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTc2YjA5NjQ2MWQzZTI3ZTVkM2YxM2Q5NTZkZGVlYzMwYjVjYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XiV7uCcU/6+AQMzPz1SkI5cWPxN
DLGHOUjVGZn2mbF6YzmsRRn3Q0iYNk9xPTYIaa+XYuHkoHHbsi4Enz+urBCgwjPt
r7j1x8YJ5P/LRoSgurS0Bol2Ux25AXJYXlDlwzrZEJRwXB3o7NWWz+fZEhJkuztF
dwP7TEKA/WdSJKXdhb2BWmSTBDg3//N/myZcn+bvZrWoMhCrxX9fte3eCvmtAzUR
QZxKeOETuJGMEXHwuML3lY7wZy5SFC52c0t1JpnZgH9+u80bsrKg5ZO9j7q8q2eU
kwqZ88mRU4aMXAB5SYAP8nyYdMyEUQuPkcxis/UnzktPE4pfTa3hcpyTUQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJp2sJZGHT4n5dPxPZVt3uwwtcoLMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvbW5hd2xrWWRQaWZsMF9FOWxXM2U3REMxeWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAAXG0nW8ogeMMJl8wNPvW1phl
dvysUFy0zBP2NnkD8UU6wGHifeGpf/iLbjFiUOob4pVFBv6VBZJY4wOQjdQhr72w
370aCe7IhNM3cVYRESYSFdFtSiibMNVXx6reXuW42K035Al6MrGaQnuq73h1+msE
pjRdnF2T9SqjY7xpjX41593D4YkKi2JQZUPoKVsuX9rv7T9LsbfmTvLvjiMAnkru
cWZgMn5Wkbaz6UkFCHVA2IzdpclMlwJ4VTa49Dxz8mOl0B7ireYjZE78qov4g6Or
IinrUKUEP1n4oZU71VvxsQSA5WusD6jNphOYVz/6wubmGhwqT827HXwXtxObJQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:13:56 2025 by rpki-client