Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/nkm6TPruNA93b-_9a8R-fp77ZqA.roa
File: nkm6TPruNA93b-_9a8R-fp77ZqA.roa (raw, json)
Hash identifier: cmO1ppFgArn9hrPPhiiGgn8yySceHhyOwnFcx8gwbhk=
Subject key identifier: 9E:49:BA:4C:FA:EE:34:0F:77:6F:EF:FD:6B:C4:7E:7E:9E:FB:66:A0
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195C42DC8D5124CE920EDD6F5FEAD89A5FC
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/nkm6TPruNA93b-_9a8R-fp77ZqA.roa
Signing time: Sun 23 Mar 2025 18:04:49 +0000
ROA not before: Sun 23 Mar 2025 18:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:c42d:2b2d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:2d:c8:d5:12:4c:e9:20:ed:d6:f5:fe:ad:89:a5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 23 18:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e49ba4cfaee340f776feffd6bc47e7e9efb66a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:21:dd:a2:70:f9:2f:89:ca:dc:7d:75:0c:
34:ff:03:83:3f:1e:3e:3c:34:c6:0b:15:9a:9a:4a:
31:ca:d8:d1:33:0a:9a:c8:b2:b3:ec:94:47:06:c4:
9b:ce:8a:2d:57:9b:fb:5c:53:cf:59:6f:e3:7a:d5:
1e:ca:dd:ce:85:7b:c0:0d:61:c5:06:61:8d:1a:e7:
61:6a:43:a3:eb:f6:d4:28:b2:58:32:8c:7c:c8:b6:
a6:cf:d5:03:1a:ae:8d:71:e8:60:53:a7:7d:24:ec:
77:49:aa:42:c2:d0:47:98:9d:67:da:f2:33:a5:0e:
6b:f6:1c:9e:d4:94:e1:b0:80:2c:63:24:ae:d6:b2:
60:ed:82:38:48:28:ab:eb:78:24:91:2c:58:a7:b7:
d4:fb:70:bf:8a:bf:31:ad:cd:ec:dc:2b:8d:c7:2b:
79:52:11:25:c9:10:2c:51:ee:15:3c:ea:47:25:7d:
23:5c:f7:49:d6:b4:5e:7b:f1:3f:d9:12:f1:3e:0b:
ea:05:17:d0:25:09:f9:29:d9:6d:e1:30:15:ec:54:
a0:c4:12:d1:b7:6f:60:c6:10:10:d4:d9:6c:01:29:
11:f5:4b:15:70:fb:30:a1:17:15:37:8a:a8:1c:19:
4c:0d:e2:44:39:9e:ef:5c:bb:79:49:70:88:96:cc:
19:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:49:BA:4C:FA:EE:34:0F:77:6F:EF:FD:6B:C4:7E:7E:9E:FB:66:A0
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/nkm6TPruNA93b-_9a8R-fp77ZqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:c42d:2b2d/128
Signature Algorithm: sha256WithRSAEncryption
97:28:fc:56:35:2c:91:33:06:2e:07:99:ed:e2:6e:96:8e:1f:
17:1d:cf:fb:5c:0a:92:51:53:97:4d:5a:22:ee:bd:ad:4b:a1:
28:e5:f4:b3:a4:d4:0f:6b:82:aa:59:30:89:22:e8:98:c0:26:
0f:d3:15:34:d8:70:20:2d:ad:5b:09:bd:cd:c0:c2:dd:1d:2c:
d3:f7:ad:74:11:e2:f6:dd:af:19:e7:29:5b:f4:59:9f:e9:58:
96:1c:56:cf:34:7b:0e:60:dc:82:6c:b9:f3:18:f6:10:2b:85:
5f:cb:36:21:aa:74:87:6a:7c:a4:8f:16:a3:1d:74:e5:5c:72:
33:1d:01:9c:d8:3c:9f:d7:eb:e8:5b:9b:36:62:2f:60:5b:79:
99:86:ac:08:3a:5a:87:a9:1d:51:8c:14:4e:3b:61:e3:19:77:
14:6e:25:fa:fd:bc:5f:eb:86:47:41:5b:3a:36:e0:d3:d8:0c:
04:db:9a:6b:2b:17:4f:b5:5f:49:38:a1:de:25:d3:06:2a:a0:
08:e6:f9:00:4f:bd:53:f5:cb:4e:88:13:3b:ee:f6:d8:a0:b0:
6b:9f:98:e3:35:74:ad:80:5e:a8:a0:86:55:78:91:bd:8e:6b:
31:5d:07:94:23:9d:b9:f5:7e:53:72:fd:02:2c:ad:d4:da:ea:
b8:7d:9b:f3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXELcjVEkzpIO3W9f6tiaX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzIzMTgwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ5YmE0Y2ZhZWUzNDBmNzc2ZmVmZmQ2YmM0N2U3ZTllZmI2NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHkh3aJw+S+Jytx9dQw0/wODPx4+
PDTGCxWamkoxytjRMwqayLKz7JRHBsSbzootV5v7XFPPWW/jetUeyt3OhXvADWHF
BmGNGudhakOj6/bUKLJYMox8yLamz9UDGq6NcehgU6d9JOx3SapCwtBHmJ1n2vIz
pQ5r9hye1JThsIAsYySu1rJg7YI4SCir63gkkSxYp7fU+3C/ir8xrc3s3CuNxyt5
UhElyRAsUe4VPOpHJX0jXPdJ1rRee/E/2RLxPgvqBRfQJQn5Kdlt4TAV7FSgxBLR
t29gxhAQ1NlsASkR9UsVcPswoRcVN4qoHBlMDeJEOZ7vXLt5SXCIlswZKQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ5Jukz67jQPd2/v/WvEfn6e+2agMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvbmttNlRQcnVOQTkzYi1fOWE4Ui1mcDc3WnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVxC0rLTANBgkqhkiG9w0BAQsFAAOCAQEAlyj8VjUskTMGLgeZ7eJulo4f
Fx3P+1wKklFTl01aIu69rUuhKOX0s6TUD2uCqlkwiSLomMAmD9MVNNhwIC2tWwm9
zcDC3R0s0/etdBHi9t2vGecpW/RZn+lYlhxWzzR7DmDcgmy58xj2ECuFX8s2Iap0
h2p8pI8Wox105VxyMx0BnNg8n9fr6FubNmIvYFt5mYasCDpah6kdUYwUTjth4xl3
FG4l+v28X+uGR0FbOjbg09gMBNuaaysXT7VfSTih3iXTBiqgCOb5AE+9U/XLTogT
O+722KCwa5+Y4zV0rYBeqKCGVXiRvY5rMV0HlCOdufV+U3L9Aiyt1NrquH2b8w==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:42:21 2025 by rpki-client