Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/xKRgOuIoORL9cqDVMWwPCYe_Hxc.roa
File: xKRgOuIoORL9cqDVMWwPCYe_Hxc.roa (raw, json)
Hash identifier: NLCLJh7PNbeZJ4C3LSSyibFqgrat65ux1uRmOb5v4s4=
Subject key identifier: C4:A4:60:3A:E2:28:39:12:FD:72:A0:D5:31:6C:0F:09:87:BF:1F:17
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195F4B57D876B981A762E9F7CEFB3B7E6CE
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/xKRgOuIoORL9cqDVMWwPCYe_Hxc.roa
Signing time: Wed 02 Apr 2025 04:14:49 +0000
ROA not before: Wed 02 Apr 2025 04:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:b5:7d:87:6b:98:1a:76:2e:9f:7c:ef:b3:b7:e6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Apr 2 04:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4a4603ae2283912fd72a0d5316c0f0987bf1f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:1a:c7:a3:b3:0d:64:e1:bc:73:11:7a:ac:
74:65:0e:d8:2e:4e:80:db:d0:bd:db:b2:d6:dd:4b:
4e:1c:52:59:8e:2d:33:9c:0e:63:f0:90:4d:71:32:
11:09:e1:e4:79:86:dd:16:f6:b8:42:e6:a1:b6:1b:
0a:1f:cb:9d:eb:70:cf:ee:bc:73:37:43:a0:80:ea:
5c:84:92:0e:5e:ff:5e:26:cb:3e:82:36:5e:af:44:
f6:fb:7d:bb:98:e5:15:ac:41:59:33:e7:54:e7:ff:
cf:dd:65:c3:ad:8d:69:9a:57:0b:44:b8:56:31:70:
86:3d:a3:7e:96:24:37:93:87:d1:c5:50:8d:b3:77:
7b:de:af:c0:da:cf:dc:bf:db:ae:a4:1f:3f:87:9f:
da:c7:f4:1d:88:ca:86:7c:9d:85:f8:a9:cb:57:12:
cd:35:92:9d:aa:a0:92:3d:3a:4b:08:aa:a7:cc:74:
fe:7c:f0:e8:f5:2d:fb:c9:c0:a4:46:ef:b1:0c:e9:
5e:43:f9:25:bf:c5:bc:51:e2:82:94:7f:74:b4:91:
a9:55:c4:30:d2:e6:4d:43:80:9e:52:2a:f0:75:b0:
f7:43:53:2e:58:a7:55:27:a0:d8:99:06:08:48:13:
21:cc:d7:ef:99:7b:67:2c:34:bd:5c:97:2b:b5:03:
19:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A4:60:3A:E2:28:39:12:FD:72:A0:D5:31:6C:0F:09:87:BF:1F:17
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/xKRgOuIoORL9cqDVMWwPCYe_Hxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
22:80:6d:b5:72:0d:d2:1e:b3:4f:b4:29:58:44:b5:cb:db:3b:
62:94:0a:67:d6:38:46:5d:87:4c:07:f8:fa:c2:ea:d8:29:26:
17:81:82:b1:e8:41:32:4c:37:24:7a:4d:fe:e2:d4:3f:88:89:
6e:0a:67:7f:6a:d5:83:27:06:98:82:24:5f:3e:97:93:7d:40:
9c:b0:07:58:af:22:be:6e:fa:a5:d8:37:a2:58:6f:28:17:5b:
85:a7:3c:27:23:40:b1:a9:4a:27:fc:bc:55:1c:14:43:c3:00:
e0:92:3c:6a:3c:ec:a6:98:bc:38:c7:b1:ca:21:d7:df:9d:ec:
16:ce:53:b2:92:2b:0c:77:44:ad:d3:27:ae:96:f9:47:d6:6f:
e5:1f:05:9b:bd:6c:21:00:20:ff:9c:11:c4:b0:4b:40:7b:84:
be:8b:d0:08:58:cf:60:60:c0:24:28:ff:3e:ef:49:21:9c:e6:
33:5d:a2:92:db:81:31:26:04:9c:8a:a4:14:a4:91:69:9b:f6:
ef:75:5d:9c:1f:2a:aa:56:56:be:11:55:76:57:f0:b3:a0:7f:
95:c2:19:e3:6d:fb:4a:ce:25:03:d6:6e:8d:2b:a7:8b:c0:c6:
31:f0:a4:ce:da:93:4a:e3:24:32:f0:bf:fc:0c:cd:71:2a:b5:
fc:de:e8:00
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZX0tX2Ha5gadi6ffO+zt+bOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwNDAyMDQxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE0NjAzYWUyMjgzOTEyZmQ3MmEwZDUzMTZjMGYwOTg3YmYxZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh8ax6OzDWThvHMReqx0ZQ7YLk6A
29C927LW3UtOHFJZji0znA5j8JBNcTIRCeHkeYbdFva4QuahthsKH8ud63DP7rxz
N0OggOpchJIOXv9eJss+gjZer0T2+327mOUVrEFZM+dU5//P3WXDrY1pmlcLRLhW
MXCGPaN+liQ3k4fRxVCNs3d73q/A2s/cv9uupB8/h5/ax/QdiMqGfJ2F+KnLVxLN
NZKdqqCSPTpLCKqnzHT+fPDo9S37ycCkRu+xDOleQ/klv8W8UeKClH90tJGpVcQw
0uZNQ4CeUirwdbD3Q1MuWKdVJ6DYmQYISBMhzNfvmXtnLDS9XJcrtQMZrQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMSkYDriKDkS/XKg1TFsDwmHvx8XMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEveEtSZ091SW9PUkw5Y3FEVk1Xd1BDWWVfSHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAIoBttXIN0h6zT7QpWES1y9s7
YpQKZ9Y4Rl2HTAf4+sLq2CkmF4GCsehBMkw3JHpN/uLUP4iJbgpnf2rVgycGmIIk
Xz6Xk31AnLAHWK8ivm76pdg3olhvKBdbhac8JyNAsalKJ/y8VRwUQ8MA4JI8ajzs
ppi8OMexyiHX353sFs5TspIrDHdErdMnrpb5R9Zv5R8Fm71sIQAg/5wRxLBLQHuE
vovQCFjPYGDAJCj/Pu9JIZzmM12iktuBMSYEnIqkFKSRaZv273VdnB8qqlZWvhFV
dlfws6B/lcIZ4237Ss4lA9ZujSuni8DGMfCkztqTSuMkMvC//AzNcSq1/N7oAA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 06:18:49 2025 by rpki-client