Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/qU5maBzDaMvWpKppahjul7x2djA.roa
File: qU5maBzDaMvWpKppahjul7x2djA.roa (raw, json)
Hash identifier: 3RW69wgOe3hyJGL923dinz1Fnkcn1qfiNNZPV8t+ekM=
Subject key identifier: A9:4E:66:68:1C:C3:68:CB:D6:A4:AA:69:6A:18:EE:97:BC:76:76:30
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195FB265B681C7C9CB4022E0B2AED212508
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/qU5maBzDaMvWpKppahjul7x2djA.roa
Signing time: Thu 03 Apr 2025 10:15:49 +0000
ROA not before: Thu 03 Apr 2025 10:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:26:5b:68:1c:7c:9c:b4:02:2e:0b:2a:ed:21:25:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 10:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a94e66681cc368cbd6a4aa696a18ee97bc767630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d1:69:8d:9f:b3:c5:df:7b:ff:19:9d:0b:11:
eb:5b:ce:59:dc:59:3a:ff:fe:0d:3c:ed:05:af:63:
b1:33:25:e8:e1:a8:7a:a7:d2:7e:dd:6c:d6:f1:e5:
90:6e:35:74:bb:3a:8d:d9:02:b4:af:6f:57:4b:9f:
d7:cb:f0:18:97:95:b8:bf:fb:68:c0:1f:88:ce:8e:
ca:9e:7b:95:5f:2a:c4:3b:07:2a:97:18:41:cf:fd:
82:f4:2c:84:d7:46:d9:c7:a0:f4:32:27:18:9e:a0:
ca:69:ce:90:ec:6d:95:fe:ef:01:5c:7e:f3:42:05:
3c:6d:e4:07:4f:05:7a:fd:a8:48:9c:c7:8f:b8:58:
97:fd:8f:da:6d:72:1d:b1:54:b8:c9:04:b4:16:68:
6a:d5:37:ce:83:60:8c:0f:fe:46:15:ee:fe:1d:6d:
d2:e9:ca:8b:79:13:ea:1b:c3:41:60:17:8e:cc:63:
21:51:70:7b:6f:28:c7:5d:c8:c2:d7:c9:76:48:84:
3e:a3:e6:ea:2a:6e:34:6e:c5:70:06:24:66:3b:29:
5f:9d:54:d7:ff:52:f5:34:ef:3d:21:bf:67:59:99:
54:92:8a:6d:55:86:df:2b:81:ee:1d:1c:68:86:e0:
be:f7:04:06:98:8c:21:03:a1:9c:16:6c:0c:a4:05:
63:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4E:66:68:1C:C3:68:CB:D6:A4:AA:69:6A:18:EE:97:BC:76:76:30
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/qU5maBzDaMvWpKppahjul7x2djA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
63:10:17:be:e2:09:f2:71:f6:16:73:de:df:e1:08:e6:a3:19:
21:0d:be:65:31:0d:d3:e0:88:b7:c3:9f:2b:1e:23:98:56:5c:
74:c8:95:fd:db:f3:ba:4c:85:42:a2:5b:9f:52:6e:07:83:78:
74:ee:e5:a8:ac:42:d8:83:32:24:db:0d:15:d2:14:ee:bf:66:
c0:27:49:9d:bc:16:41:a0:e4:e6:21:ab:a9:32:b6:35:e8:54:
9d:94:73:2d:7e:5f:8c:15:ff:bc:cf:17:2a:85:b0:08:51:7d:
39:39:77:69:4a:71:0e:9a:42:40:32:14:31:f5:2a:3f:fa:8d:
08:3a:5c:e3:db:ea:ff:a1:7d:7a:16:6d:e3:4b:50:55:62:0c:
11:2d:a7:50:ef:88:a5:49:ff:13:55:8a:44:09:dd:c7:77:90:
be:9c:83:9f:42:fe:e9:ad:b6:9b:d9:66:ec:cc:55:98:a9:b4:
8a:a9:55:4b:eb:e9:c4:f3:46:4c:33:80:07:13:2d:fd:3a:a6:
f8:32:ac:90:a1:c2:6d:24:bf:d7:6c:e9:c0:98:d4:c4:fa:e8:
c1:b7:a4:fb:8b:c0:5a:71:63:b9:e5:a9:51:70:a5:c1:36:9d:
f9:9f:3c:f4:22:bf:75:a1:20:ec:1c:fa:ca:0c:aa:e9:7b:c3:
f1:5b:4e:f7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX7JltoHHyctAIuCyrtISUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMTAxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRlNjY2ODFjYzM2OGNiZDZhNGFhNjk2YTE4ZWU5N2JjNzY3NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9FpjZ+zxd97/xmdCxHrW85Z3Fk6
//4NPO0Fr2OxMyXo4ah6p9J+3WzW8eWQbjV0uzqN2QK0r29XS5/Xy/AYl5W4v/to
wB+Izo7KnnuVXyrEOwcqlxhBz/2C9CyE10bZx6D0MicYnqDKac6Q7G2V/u8BXH7z
QgU8beQHTwV6/ahInMePuFiX/Y/abXIdsVS4yQS0Fmhq1TfOg2CMD/5GFe7+HW3S
6cqLeRPqG8NBYBeOzGMhUXB7byjHXcjC18l2SIQ+o+bqKm40bsVwBiRmOylfnVTX
/1L1NO89Ib9nWZlUkoptVYbfK4HuHRxohuC+9wQGmIwhA6GcFmwMpAVj1wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKlOZmgcw2jL1qSqaWoY7pe8dnYwMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvcVU1bWFCekRhTXZXcEtwcGFoanVsN3gyZGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAYxAXvuIJ8nH2FnPe3+EI5qMZ
IQ2+ZTEN0+CIt8OfKx4jmFZcdMiV/dvzukyFQqJbn1JuB4N4dO7lqKxC2IMyJNsN
FdIU7r9mwCdJnbwWQaDk5iGrqTK2NehUnZRzLX5fjBX/vM8XKoWwCFF9OTl3aUpx
DppCQDIUMfUqP/qNCDpc49vq/6F9ehZt40tQVWIMES2nUO+IpUn/E1WKRAndx3eQ
vpyDn0L+6a22m9lm7MxVmKm0iqlVS+vpxPNGTDOABxMt/Tqm+DKskKHCbSS/12zp
wJjUxProwbek+4vAWnFjueWpUXClwTad+Z889CK/daEg7Bz6ygyq6XvD8VtO9w==
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:43:49 2025 by rpki-client