Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/3ofOiJUjMS-0CLmV8Lq_cDV-3d0.roa
File: 3ofOiJUjMS-0CLmV8Lq_cDV-3d0.roa (raw, json)
Hash identifier: EKS7hO8eNjMWFr8237PQ61Iot7UBUA17/GWB6od0jUw=
Subject key identifier: DE:87:CE:88:95:23:31:2F:B4:08:B9:95:F0:BA:BF:70:35:7E:DD:DD
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0197F533A983716B96027C9456D183884BC7
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/3ofOiJUjMS-0CLmV8Lq_cDV-3d0.roa
Signing time: Thu 10 Jul 2025 16:38:13 +0000
ROA not before: Thu 10 Jul 2025 16:38:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0d:b9c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:33:a9:83:71:6b:96:02:7c:94:56:d1:83:88:4b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jul 10 16:38:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de87ce889523312fb408b995f0babf70357edddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:ac:a3:2e:65:d3:04:a4:d4:3c:8d:ab:4c:
8d:5c:33:4e:5e:10:7b:76:26:77:39:3b:bc:f7:cc:
00:1d:31:9f:a7:e8:3d:e1:2f:b4:64:01:cf:fa:de:
dc:cc:23:05:16:c4:4a:1c:7f:13:20:5f:00:20:81:
d8:77:10:dd:f2:cc:85:bd:53:2d:91:c1:d8:2d:08:
5e:86:40:a9:dc:23:1c:74:e8:36:0c:aa:0a:1a:c2:
45:72:98:ee:f4:f5:69:8c:40:9a:5b:1b:41:a3:24:
1a:70:eb:71:e1:af:88:4c:2c:94:78:88:94:a4:b3:
aa:70:17:5e:e2:a6:6e:64:f0:38:f7:24:98:76:a5:
c4:fb:13:5c:e4:b4:e4:5c:67:50:cf:df:f4:ea:25:
4e:85:03:00:f0:68:e2:06:9e:2a:7e:6b:45:f8:b5:
c6:6e:e3:73:f2:09:9b:19:d1:06:29:0d:3b:51:ff:
d2:7f:fc:12:0c:0c:99:94:57:9e:06:56:0a:c9:20:
03:4e:56:e5:5b:1b:14:26:a0:7f:e3:d6:27:fd:92:
f8:06:c8:c4:46:03:af:6a:f9:10:5c:34:b2:ab:ae:
c0:34:44:f0:76:54:79:f7:30:1e:24:38:20:57:24:
e7:b0:7b:4c:59:cb:cd:17:d3:5f:fa:ad:80:23:3b:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:87:CE:88:95:23:31:2F:B4:08:B9:95:F0:BA:BF:70:35:7E:DD:DD
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/3ofOiJUjMS-0CLmV8Lq_cDV-3d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:a8:e8:e6:ef:1d:8e:94:0f:f1:04:5a:2c:42:40:ce:b8:cd:
6c:2a:33:7a:8b:12:d8:2d:a9:4b:d4:2d:dd:fe:7a:d6:4c:66:
b5:f2:74:be:51:99:4e:8d:0c:62:d9:a5:3f:11:2a:97:34:5c:
aa:b3:b6:57:40:f3:eb:0a:ed:99:e2:36:4a:9b:a4:03:36:7a:
3f:bb:4f:41:b1:2a:38:92:82:60:91:50:06:5a:a5:ab:28:e1:
31:ed:33:e0:e3:cb:f6:4b:e0:9d:b5:a6:0e:5c:0a:fb:26:a3:
94:3a:34:49:e6:b8:0c:d4:65:bc:8e:1b:19:f7:ef:0b:a2:3b:
35:90:d1:6f:fc:ba:f3:fc:e8:a4:33:f1:dc:33:0c:b8:2c:37:
d8:f5:c3:ae:68:fa:7c:a2:6b:99:96:c2:c2:f2:0e:36:70:b3:
79:90:d2:da:4a:ee:a7:6e:dd:ee:8d:d6:9e:b0:58:56:9b:04:
b3:33:fb:52:6b:81:86:88:2a:19:0b:9c:f4:e3:5e:ab:f0:51:
18:a5:27:e5:dd:a7:07:3c:9e:cf:61:32:27:a2:90:f5:f4:f0:
81:14:41:4f:9e:d4:7d:1c:dd:ed:85:48:7a:11:9a:d7:7b:5a:
e7:3c:8b:6a:ab:9b:9a:69:7f:04:a6:5c:ce:41:d8:0f:bc:03:
65:09:99:10
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf1M6mDcWuWAnyUVtGDiEvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNzEwMTYzODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg3Y2U4ODk1MjMzMTJmYjQwOGI5OTVmMGJhYmY3MDM1N2VkZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHCsoy5l0wSk1DyNq0yNXDNOXhB7
diZ3OTu898wAHTGfp+g94S+0ZAHP+t7czCMFFsRKHH8TIF8AIIHYdxDd8syFvVMt
kcHYLQhehkCp3CMcdOg2DKoKGsJFcpju9PVpjECaWxtBoyQacOtx4a+ITCyUeIiU
pLOqcBde4qZuZPA49ySYdqXE+xNc5LTkXGdQz9/06iVOhQMA8GjiBp4qfmtF+LXG
buNz8gmbGdEGKQ07Uf/Sf/wSDAyZlFeeBlYKySADTlblWxsUJqB/49Yn/ZL4BsjE
RgOvavkQXDSyq67ANETwdlR59zAeJDggVyTnsHtMWcvNF9Nf+q2AIztLdQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN6HzoiVIzEvtAi5lfC6v3A1ft3dMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvM29mT2lKVWpNUy0wQ0xtVjhMcV9jRFYtM2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg25wDAN
BgkqhkiG9w0BAQsFAAOCAQEAnKjo5u8djpQP8QRaLEJAzrjNbCozeosS2C2pS9Qt
3f561kxmtfJ0vlGZTo0MYtmlPxEqlzRcqrO2V0Dz6wrtmeI2SpukAzZ6P7tPQbEq
OJKCYJFQBlqlqyjhMe0z4OPL9kvgnbWmDlwK+yajlDo0Sea4DNRlvI4bGffvC6I7
NZDRb/y68/zopDPx3DMMuCw32PXDrmj6fKJrmZbCwvIONnCzeZDS2krup27d7o3W
nrBYVpsEszP7UmuBhogqGQuc9ONeq/BRGKUn5d2nBzyez2EyJ6KQ9fTwgRRBT57U
fRzd7YVIehGa13ta5zyLaqubmml/BKZczkHYD7wDZQmZEA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:46:18 2025 by rpki-client