Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zAK2HdEF7cNPgdYXxe4ViuZstYw.roa
File: zAK2HdEF7cNPgdYXxe4ViuZstYw.roa (raw, json)
Hash identifier: Vsp7fsfs+bRuXjXje494iUj0QMqGMd9b1d1JQxH1jp4=
Subject key identifier: CC:02:B6:1D:D1:05:ED:C3:4F:81:D6:17:C5:EE:15:8A:E6:6C:B5:8C
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195AC2571FFC90214C857F7D38D6D1CCFC1
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zAK2HdEF7cNPgdYXxe4ViuZstYw.roa
Signing time: Wed 19 Mar 2025 02:04:49 +0000
ROA not before: Wed 19 Mar 2025 02:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:ac24:feb1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ac:25:71:ff:c9:02:14:c8:57:f7:d3:8d:6d:1c:cf:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 19 02:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc02b61dd105edc34f81d617c5ee158ae66cb58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5d:e3:c9:9f:c6:5b:26:49:b8:03:15:bd:c2:
24:cd:a1:48:43:05:64:47:ab:46:d9:51:17:bd:98:
6c:91:08:4b:9b:87:59:d8:c2:75:9f:fa:5c:96:b7:
82:f2:ce:24:23:17:06:20:04:92:b4:63:71:f3:08:
45:54:a3:0a:53:ce:33:ef:54:09:7e:09:18:a9:a6:
5a:c5:63:2b:c6:92:79:4d:ba:dd:60:c5:bd:bc:15:
85:8e:ab:6a:1e:bf:e4:b6:db:e7:ff:ff:e5:d2:20:
57:98:d1:9a:cf:ee:4e:68:b6:98:3f:f6:8b:44:74:
31:fa:f0:e6:4f:38:50:b9:68:a9:a4:2b:08:fc:1f:
a3:ee:70:1e:2f:d4:ee:98:6f:53:e7:c7:45:7a:23:
57:67:25:34:ff:7a:ec:19:74:c9:7b:b6:55:63:dd:
5d:5a:8f:a1:bb:fc:0d:c0:4b:71:fe:45:2b:27:9b:
3a:65:ae:ee:24:94:cb:48:ac:7e:33:04:69:0c:1f:
b4:d5:f4:ef:73:0a:9a:68:18:7b:33:c4:87:2a:65:
27:b6:8d:ff:e3:b6:b0:31:f8:81:e8:83:0a:1b:b6:
4d:6a:62:0e:bc:15:db:28:28:d4:04:b7:58:25:7b:
7f:27:3a:60:39:4f:6d:7d:ef:46:99:12:4a:66:8d:
7d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:02:B6:1D:D1:05:ED:C3:4F:81:D6:17:C5:EE:15:8A:E6:6C:B5:8C
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/zAK2HdEF7cNPgdYXxe4ViuZstYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:ac24:feb1/128
Signature Algorithm: sha256WithRSAEncryption
31:31:4f:49:d6:6e:fe:35:42:bc:89:63:4d:9b:46:86:a7:db:
94:f8:b9:7a:d8:69:70:dd:35:87:9d:97:28:e8:6f:1c:f8:57:
a1:83:23:22:4c:0b:54:2b:cc:40:ae:48:ae:b2:fd:8e:81:18:
35:60:a5:c3:d6:9a:2b:15:e2:8e:4c:19:22:76:98:6b:86:06:
7c:cf:4f:b4:21:27:ed:79:33:bc:67:5d:ec:2b:2c:7d:12:48:
50:d3:e7:37:b3:cd:9c:7e:54:d3:7c:2d:be:e6:42:fe:f1:76:
10:34:e2:be:32:28:f2:49:ca:15:a0:33:4e:01:75:8a:8b:18:
5e:3a:08:13:a1:10:0d:ba:32:e7:09:10:31:e6:50:97:e8:da:
d6:fa:48:af:61:b4:26:3e:94:92:11:68:f8:fd:78:f4:69:9e:
22:3b:84:ef:7f:c7:0b:f6:85:b1:7b:35:bf:6c:4f:07:75:ce:
4e:06:69:30:6b:97:b5:b5:f8:d5:14:ea:cc:fc:d5:ac:29:d4:
8e:b9:dd:f8:8a:5d:7c:75:c3:1e:4e:bc:6b:80:45:4e:0a:f4:
50:2d:ba:2c:05:ca:fb:d0:2b:5b:86:29:20:80:94:31:6a:dd:
8d:61:8c:d6:27:2b:bd:58:c2:4a:5b:2b:f1:01:fc:3c:9f:b5:
35:ad:fe:41
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWsJXH/yQIUyFf3041tHM/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzE5MDIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAyYjYxZGQxMDVlZGMzNGY4MWQ2MTdjNWVlMTU4YWU2NmNiNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml3jyZ/GWyZJuAMVvcIkzaFIQwVk
R6tG2VEXvZhskQhLm4dZ2MJ1n/pclreC8s4kIxcGIASStGNx8whFVKMKU84z71QJ
fgkYqaZaxWMrxpJ5TbrdYMW9vBWFjqtqHr/kttvn///l0iBXmNGaz+5OaLaYP/aL
RHQx+vDmTzhQuWippCsI/B+j7nAeL9TumG9T58dFeiNXZyU0/3rsGXTJe7ZVY91d
Wo+hu/wNwEtx/kUrJ5s6Za7uJJTLSKx+MwRpDB+01fTvcwqaaBh7M8SHKmUnto3/
47awMfiB6IMKG7ZNamIOvBXbKCjUBLdYJXt/JzpgOU9tfe9GmRJKZo19twIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMwCth3RBe3DT4HWF8XuFYrmbLWMMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvekFLMkhkRUY3Y05QZ2RZWHhlNFZpdVpzdFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVrCT+sTANBgkqhkiG9w0BAQsFAAOCAQEAMTFPSdZu/jVCvIljTZtGhqfb
lPi5ethpcN01h52XKOhvHPhXoYMjIkwLVCvMQK5IrrL9joEYNWClw9aaKxXijkwZ
InaYa4YGfM9PtCEn7XkzvGdd7CssfRJIUNPnN7PNnH5U03wtvuZC/vF2EDTivjIo
8knKFaAzTgF1iosYXjoIE6EQDboy5wkQMeZQl+ja1vpIr2G0Jj6UkhFo+P149Gme
IjuE73/HC/aFsXs1v2xPB3XOTgZpMGuXtbX41RTqzPzVrCnUjrnd+IpdfHXDHk68
a4BFTgr0UC26LAXK+9ArW4YpIICUMWrdjWGM1icrvVjCSlsr8QH8PJ+1Na3+QQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:23:34 2025 by rpki-client