Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vOGvrRYAcTNWksMYVCHVkUA-n9s.roa
File: vOGvrRYAcTNWksMYVCHVkUA-n9s.roa (raw, json)
Hash identifier: jumg+zJHUbfXNwIww2/95yYpq2PyRKmHesIrgGATGjE=
Subject key identifier: BC:E1:AF:AD:16:00:71:33:56:92:C3:18:54:21:D5:91:40:3E:9F:DB
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0197F5574CC0629F3E3C8D546273FB85FAD4
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vOGvrRYAcTNWksMYVCHVkUA-n9s.roa
Signing time: Thu 10 Jul 2025 17:17:08 +0000
ROA not before: Thu 10 Jul 2025 17:17:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a09:6900::/32 maxlen: 32
2a09:6901::/32 maxlen: 32
2a0a:bbc0::/32 maxlen: 32
2a0a:bbc1::/32 maxlen: 32
2a0a:bbc2::/32 maxlen: 32
2a0a:bbc3::/32 maxlen: 32
2a0a:bbc6::/32 maxlen: 32
2a0d:b9c1::/32 maxlen: 32
2a0d:b9c2::/32 maxlen: 32
2a0d:f641::/32 maxlen: 32
2a0d:f643::/32 maxlen: 32
2a0d:f644::/32 maxlen: 32
2a0d:f647::/32 maxlen: 32
2a0e:8840::/32 maxlen: 32
2a0e:8841::/32 maxlen: 32
2a0e:8842::/32 maxlen: 32
2a0e:9180::/32 maxlen: 32
2a0e:9184::/32 maxlen: 32
2a0e:9187::/32 maxlen: 32
2a0f:c00::/32 maxlen: 32
2a0f:c01::/32 maxlen: 32
2a0f:c02::/32 maxlen: 32
2a0f:4300::/32 maxlen: 32
2a0f:4301::/32 maxlen: 32
2a0f:72c0::/32 maxlen: 32
2a0f:72c1::/32 maxlen: 32
2a0f:72c2::/32 maxlen: 32
2a0f:da80::/32 maxlen: 32
2a0f:da81::/32 maxlen: 32
2a0f:da82::/32 maxlen: 32
2a0f:da83::/32 maxlen: 32
2a11:1840::/32 maxlen: 32
2a11:1843::/32 maxlen: 32
2a11:1844::/32 maxlen: 32
2a11:2d80::/32 maxlen: 32
2a11:2d81::/32 maxlen: 32
2a11:2d82::/32 maxlen: 32
2a11:31c0::/32 maxlen: 32
2a11:31c2::/32 maxlen: 32
2a11:31c4::/32 maxlen: 32
2a11:3f00::/32 maxlen: 32
2a11:3f01::/32 maxlen: 32
2a11:3f02::/32 maxlen: 32
2a11:41c0::/32 maxlen: 32
2a11:41c1::/32 maxlen: 32
2a11:41c2::/32 maxlen: 32
2a11:66c7::/32 maxlen: 32
2a12:1241::/32 maxlen: 32
2a12:1245::/32 maxlen: 32
2a12:3143::/32 maxlen: 32
2a12:3144::/32 maxlen: 32
2a12:3147::/32 maxlen: 32
2a12:cc00::/32 maxlen: 32
2a12:cc01::/32 maxlen: 32
2a12:cc03::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:57:4c:c0:62:9f:3e:3c:8d:54:62:73:fb:85:fa:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jul 10 17:17:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bce1afad160071335692c3185421d591403e9fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9c:24:eb:08:06:80:d0:ba:10:ff:3c:94:da:
06:b3:7d:53:d6:cd:7f:65:9d:eb:1c:a5:c9:cd:3e:
e6:00:04:b8:64:29:b1:3d:ff:7f:4a:d8:1a:19:2e:
79:10:2b:52:06:5c:a3:2c:a9:74:c3:f7:68:db:a3:
84:77:49:90:39:61:19:ef:1c:15:26:4d:83:17:0a:
72:08:d2:3a:67:e0:26:58:39:9e:cc:03:c4:3e:bb:
4c:b1:6e:53:7a:12:09:16:97:47:8f:f2:2e:10:1c:
f7:c7:7d:0f:8f:12:eb:cc:dc:f4:47:94:75:0f:fd:
7d:84:41:2f:2a:eb:a9:5e:94:ca:70:a8:0b:63:dc:
3d:ad:b2:0d:be:6d:27:13:0d:bd:08:ab:3c:df:86:
3c:db:c2:ff:f8:cb:db:3c:26:fa:cb:b9:8c:2f:d8:
3b:17:05:0e:a4:1d:e1:b3:0a:83:cb:19:ee:2b:54:
3a:6c:6d:61:51:a5:c7:da:5b:82:90:7c:31:f7:16:
17:62:1c:dd:2a:62:bd:6d:23:e3:97:b9:22:26:86:
70:b9:f4:27:5a:2c:e7:a0:0a:20:d2:be:6a:4b:45:
84:4a:f4:0e:b4:9a:69:41:ef:41:ed:72:60:5d:69:
c4:df:af:ee:ec:90:27:65:dc:fd:fa:f7:07:a2:f9:
72:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E1:AF:AD:16:00:71:33:56:92:C3:18:54:21:D5:91:40:3E:9F:DB
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/vOGvrRYAcTNWksMYVCHVkUA-n9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6900::/31
2a0a:bbc0::/30
2a0a:bbc6::/32
2a0d:b9c1::-2a0d:b9c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:f641::/32
2a0d:f643::-2a0d:f644:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:f647::/32
2a0e:8840::-2a0e:8842:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:9180::/32
2a0e:9184::/32
2a0e:9187::/32
2a0f:c00::-2a0f:c02:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:4300::/31
2a0f:72c0::-2a0f:72c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:da80::/30
2a11:1840::/32
2a11:1843::-2a11:1844:ffff:ffff:ffff:ffff:ffff:ffff
2a11:2d80::-2a11:2d82:ffff:ffff:ffff:ffff:ffff:ffff
2a11:31c0::/32
2a11:31c2::/32
2a11:31c4::/32
2a11:3f00::-2a11:3f02:ffff:ffff:ffff:ffff:ffff:ffff
2a11:41c0::-2a11:41c2:ffff:ffff:ffff:ffff:ffff:ffff
2a11:66c7::/32
2a12:1241::/32
2a12:1245::/32
2a12:3143::-2a12:3144:ffff:ffff:ffff:ffff:ffff:ffff
2a12:3147::/32
2a12:cc00::/31
2a12:cc03::/32
Signature Algorithm: sha256WithRSAEncryption
15:53:6a:49:7e:14:4a:88:83:42:c8:78:23:ad:8a:df:0c:d7:
65:ef:a3:c3:46:dd:ae:6b:8f:21:6c:6c:86:7b:b5:ca:96:24:
47:88:9d:d0:11:75:19:ec:85:12:b0:d9:be:27:60:f2:c5:fd:
67:bb:92:72:85:56:4c:26:89:a1:70:01:3b:2c:3f:77:8e:57:
e8:1d:e2:ec:51:5d:eb:15:27:cb:c3:6f:6c:ba:07:d5:aa:2d:
78:0d:08:e0:2f:1d:3e:65:6a:a6:71:15:51:8a:2c:02:a6:c3:
64:85:ba:ae:f1:5d:26:95:1c:f0:e9:fa:86:b3:00:69:11:fa:
ac:a5:60:a9:87:10:af:74:a8:8f:4b:c3:6f:2c:f6:46:98:28:
a9:95:89:c7:06:63:bf:f0:d3:0c:f4:b0:8a:33:e1:b7:13:40:
c1:4a:11:ff:eb:67:e8:32:15:12:65:f1:a3:ee:63:76:28:4f:
b1:6b:9b:ec:65:23:00:29:68:46:5b:98:cb:47:00:2a:fd:ad:
ae:dd:df:ea:c7:76:87:95:e1:bf:4f:75:f1:19:5e:e6:ee:0b:
30:00:70:45:91:47:81:97:10:1c:5b:b9:1f:54:3b:50:dd:db:
20:0e:78:1d:b0:95:23:c5:57:05:83:f2:f8:3a:da:57:ae:cd:
52:c8:9e:ce
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgISAZf1V0zAYp8+PI1UYnP7hfrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwNzEwMTcxNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2UxYWZhZDE2MDA3MTMzNTY5MmMzMTg1NDIxZDU5MTQwM2U5ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45wk6wgGgNC6EP88lNoGs31T1s1/
ZZ3rHKXJzT7mAAS4ZCmxPf9/StgaGS55ECtSBlyjLKl0w/do26OEd0mQOWEZ7xwV
Jk2DFwpyCNI6Z+AmWDmezAPEPrtMsW5TehIJFpdHj/IuEBz3x30PjxLrzNz0R5R1
D/19hEEvKuupXpTKcKgLY9w9rbINvm0nEw29CKs834Y828L/+MvbPCb6y7mML9g7
FwUOpB3hswqDyxnuK1Q6bG1hUaXH2luCkHwx9xYXYhzdKmK9bSPjl7kiJoZwufQn
WiznoAog0r5qS0WESvQOtJppQe9B7XJgXWnE36/u7JAnZdz9+vcHovlyIQIDAQAB
o4IDNzCCAzMwHQYDVR0OBBYEFLzhr60WAHEzVpLDGFQh1ZFAPp/bMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvdk9HdnJSWUFjVE5Xa3NNWVZDSFZrVUEtbjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSwYIKwYBBQUHAQcBAf8EggE6MIIBNjCCATIEAgACMIIB
KgMFASoJaQADBQIqCrvAAwUAKgq7xjAOAwUAKg25wQMFACoNucIDBQAqDfZBMA4D
BQAqDfZDAwUAKg32RAMFACoN9kcwDgMFBioOiEADBQAqDohCAwUAKg6RgAMFACoO
kYQDBQAqDpGHMA0DBAIqDwwDBQAqDwwCAwUBKg9DADAOAwUGKg9ywAMFACoPcsID
BQIqD9qAAwUAKhEYQDAOAwUAKhEYQwMFACoRGEQwDgMFByoRLYADBQAqES2CAwUA
KhExwAMFACoRMcIDBQAqETHEMA0DBAAqET8DBQAqET8CMA4DBQYqEUHAAwUAKhFB
wgMFACoRZscDBQAqEhJBAwUAKhISRTAOAwUAKhIxQwMFACoSMUQDBQAqEjFHAwUB
KhLMAAMFACoSzAMwDQYJKoZIhvcNAQELBQADggEBABVTakl+FEqIg0LIeCOtit8M
12Xvo8NG3a5rjyFsbIZ7tcqWJEeIndARdRnshRKw2b4nYPLF/We7knKFVkwmiaFw
ATssP3eOV+gd4uxRXesVJ8vDb2y6B9WqLXgNCOAvHT5laqZxFVGKLAKmw2SFuq7x
XSaVHPDp+oazAGkR+qylYKmHEK90qI9Lw28s9kaYKKmViccGY7/w0wz0sIoz4bcT
QMFKEf/rZ+gyFRJl8aPuY3YoT7Frm+xlIwApaEZbmMtHACr9ra7d3+rHdoeV4b9P
dfEZXubuCzAAcEWRR4GXEBxbuR9UO1Dd2yAOeB2wlSPFVwWD8vg62leuzVLIns4=
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:04:07 2025 by rpki-client