Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wKIm1FSypBwunM0mCt1FgOay5Ck.roa
File: wKIm1FSypBwunM0mCt1FgOay5Ck.roa (raw, json)
Hash identifier: JL76KVjKl7zQHzu310+J/BV8X3gg1JKfif5m4XMZ6Xc=
Subject key identifier: C0:A2:26:D4:54:B2:A4:1C:2E:9C:CD:26:0A:DD:45:80:E6:B2:E4:29
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F9344F9C029CB2AF326327CA3F1820DF
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wKIm1FSypBwunM0mCt1FgOay5Ck.roa
Signing time: Thu 03 Apr 2025 01:11:49 +0000
ROA not before: Thu 03 Apr 2025 01:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f9:34:4f:9c:02:9c:b2:af:32:63:27:ca:3f:18:20:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 3 01:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0a226d454b2a41c2e9ccd260add4580e6b2e429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:47:0b:70:64:41:f1:a5:0b:0f:2d:29:ae:19:
e4:48:5d:06:64:ec:22:73:f3:c4:4a:6d:ed:96:16:
46:f7:15:17:5c:48:bd:a3:6d:73:74:e3:34:67:6e:
26:fa:df:f1:89:53:08:2c:65:5f:a3:42:86:38:a7:
00:9d:5e:19:02:64:2c:32:61:70:97:da:b2:a1:f8:
af:50:18:60:84:b3:de:24:00:d1:a4:dd:27:5c:98:
ca:da:e4:5b:54:2a:cf:8d:6e:e3:5a:ad:8f:f3:ef:
fb:60:ae:2d:ee:98:36:b1:d2:15:15:28:23:4b:a6:
6f:ed:c7:25:91:58:f9:56:0a:8e:16:0f:a9:78:f3:
72:08:ce:0c:5e:85:22:ee:83:be:5c:2b:8d:6b:27:
38:28:14:df:e7:24:1f:76:b0:42:61:38:b8:b7:ea:
5b:56:ff:2c:b5:d6:5a:ff:8a:94:59:11:c5:d0:87:
85:32:87:c7:bc:6d:37:30:53:55:8a:af:ba:9a:44:
9b:61:1b:23:bc:fb:61:00:d6:3e:f5:b7:83:32:2f:
3e:21:79:d0:90:55:b5:11:cb:12:a9:08:18:d9:88:
5a:51:11:75:82:df:f2:43:5c:85:57:c5:39:c3:9a:
4a:4a:70:ea:b9:73:e7:a4:ce:5f:02:c7:f9:7d:c3:
ea:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A2:26:D4:54:B2:A4:1C:2E:9C:CD:26:0A:DD:45:80:E6:B2:E4:29
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/wKIm1FSypBwunM0mCt1FgOay5Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
47:b5:5c:69:b9:a5:a0:c4:58:b1:56:fc:80:a2:0b:60:71:8c:
4c:1b:3c:0c:2c:00:ef:3a:15:b9:d4:dc:74:00:46:91:41:95:
b8:0d:a7:80:c9:c7:63:38:2e:42:84:c4:af:63:5c:a5:8d:8b:
3d:66:51:54:7b:28:b4:4e:e5:f0:d3:56:af:aa:6e:5f:e6:6a:
93:78:1a:3c:c0:48:0d:23:63:15:e2:af:71:d0:c7:ec:de:8f:
1a:bc:1a:d5:1b:9c:fe:df:2c:e2:70:93:07:8b:18:ee:04:35:
fa:01:f4:ae:39:09:40:4c:f6:44:2a:95:99:fe:fe:64:a0:44:
95:48:e8:d5:61:00:a0:43:19:95:ff:54:aa:d2:20:3f:75:dc:
0f:cd:b9:b9:91:01:f0:b6:a4:47:43:fc:ef:19:db:f5:ba:ce:
26:d2:f0:25:e4:13:61:87:6a:f0:d9:59:1a:aa:79:fb:ff:39:
79:e5:1a:84:11:62:93:17:11:4c:ff:aa:36:17:10:2d:ac:5e:
38:c1:a1:b0:94:19:3e:35:e8:f3:b9:e9:7b:d6:45:75:7b:d2:
61:e2:9c:e9:d1:37:ed:ad:56:e2:41:1b:c3:a7:b9:81:dd:83:
eb:4b:a5:80:0e:f9:32:cf:16:c0:e2:3e:4d:75:82:bf:67:d8:
4b:55:94:c1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX5NE+cApyyrzJjJ8o/GCDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAzMDExMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEyMjZkNDU0YjJhNDFjMmU5Y2NkMjYwYWRkNDU4MGU2YjJlNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0cLcGRB8aULDy0prhnkSF0GZOwi
c/PESm3tlhZG9xUXXEi9o21zdOM0Z24m+t/xiVMILGVfo0KGOKcAnV4ZAmQsMmFw
l9qyofivUBhghLPeJADRpN0nXJjK2uRbVCrPjW7jWq2P8+/7YK4t7pg2sdIVFSgj
S6Zv7cclkVj5VgqOFg+pePNyCM4MXoUi7oO+XCuNayc4KBTf5yQfdrBCYTi4t+pb
Vv8stdZa/4qUWRHF0IeFMofHvG03MFNViq+6mkSbYRsjvPthANY+9beDMi8+IXnQ
kFW1EcsSqQgY2YhaURF1gt/yQ1yFV8U5w5pKSnDquXPnpM5fAsf5fcPqXwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMCiJtRUsqQcLpzNJgrdRYDmsuQpMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvd0tJbTFGU3lwQnd1bk0wbUN0MUZnT2F5NUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAR7VcabmloMRYsVb8gKILYHGM
TBs8DCwA7zoVudTcdABGkUGVuA2ngMnHYzguQoTEr2NcpY2LPWZRVHsotE7l8NNW
r6puX+Zqk3gaPMBIDSNjFeKvcdDH7N6PGrwa1Ruc/t8s4nCTB4sY7gQ1+gH0rjkJ
QEz2RCqVmf7+ZKBElUjo1WEAoEMZlf9UqtIgP3XcD825uZEB8LakR0P87xnb9brO
JtLwJeQTYYdq8NlZGqp5+/85eeUahBFikxcRTP+qNhcQLaxeOMGhsJQZPjXo87np
e9ZFdXvSYeKc6dE37a1W4kEbw6e5gd2D60ulgA75Ms8WwOI+TXWCv2fYS1WUwQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:53:55 2025 by rpki-client