Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vJOP6NsBkFTP_UJAL8w5F_gPZ20.roa
File: vJOP6NsBkFTP_UJAL8w5F_gPZ20.roa (raw, json)
Hash identifier: bG8ILvwR/7maJEnN48NuUP/vcbB7dLuW4bAvXpMCmyk=
Subject key identifier: BC:93:8F:E8:DB:01:90:54:CF:FD:42:40:2F:CC:39:17:F8:0F:67:6D
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 01963FFF7E0948069E90816E8410DD92700C
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vJOP6NsBkFTP_UJAL8w5F_gPZ20.roa
Signing time: Wed 16 Apr 2025 19:07:10 +0000
ROA not before: Wed 16 Apr 2025 19:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:da41::/32 maxlen: 32
2a0c:ac5::/32 maxlen: 32
2a11:35c1::/32 maxlen: 32
2a11:7081::/32 maxlen: 32
2a12:7305::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ff:7e:09:48:06:9e:90:81:6e:84:10:dd:92:70:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 16 19:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc938fe8db019054cffd42402fcc3917f80f676d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:ab:06:d4:70:6e:51:d6:10:08:5a:1e:1c:
fa:f9:c9:ee:f3:49:e7:70:10:91:77:90:d0:d7:7e:
40:e9:e8:7a:cc:f6:9f:32:18:a3:be:5a:04:03:04:
08:4b:2c:69:71:f1:af:e1:24:ed:c7:ee:b6:28:8e:
58:71:5b:1e:97:95:e2:85:1c:61:f9:86:57:42:b6:
84:79:f9:8b:f0:3b:89:a1:2b:75:a9:d0:4d:48:cf:
8f:8c:7d:b6:b9:c1:e7:d1:38:ae:34:a6:71:1f:ff:
c0:ae:52:8e:4c:fe:ca:9a:b3:f4:db:5f:7d:aa:28:
18:a5:a2:b8:39:6d:fe:ec:c0:16:35:f3:50:fd:34:
3a:08:f2:99:79:0e:b1:1c:ef:82:95:68:70:59:c5:
87:6b:16:f9:5c:7b:3c:5e:82:a7:ad:2f:9a:a3:f8:
a9:87:e1:fa:f8:3a:21:e6:59:07:93:77:2a:15:12:
ef:04:fe:ad:4d:79:29:25:1e:d4:ba:b8:9b:98:e6:
64:1a:79:95:59:4f:b8:01:ef:1b:66:99:18:f1:6c:
e7:1e:fe:12:dc:36:42:94:78:11:a9:95:6c:34:ed:
03:fb:17:34:e3:f7:00:03:e5:25:96:66:22:e5:29:
8e:91:0b:43:e9:5b:dc:de:03:2e:d4:af:3a:a6:a3:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:93:8F:E8:DB:01:90:54:CF:FD:42:40:2F:CC:39:17:F8:0F:67:6D
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vJOP6NsBkFTP_UJAL8w5F_gPZ20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da41::/32
2a0c:ac5::/32
2a11:35c1::/32
2a11:7081::/32
2a12:7305::/32
Signature Algorithm: sha256WithRSAEncryption
95:f9:f9:b3:ec:60:05:8b:44:77:73:ae:c2:e1:33:3f:06:f9:
52:b7:ab:67:46:a7:84:da:b6:dc:a1:53:1d:d2:85:f4:bb:c9:
a3:bb:c4:f0:22:75:5b:f7:b8:77:3e:b6:c6:91:58:69:de:bc:
3e:a4:80:20:25:6a:04:e6:2d:60:ab:cb:36:7d:d9:f6:b0:96:
74:de:b3:22:b3:54:06:76:03:b6:9d:4c:33:a8:ac:31:b8:4a:
1e:94:d3:e7:d2:d2:cc:04:83:c7:e4:63:d6:19:2a:3f:cc:6e:
59:95:ad:7f:82:01:8f:37:96:9b:e7:77:8d:c7:b7:3a:c3:2f:
05:3a:95:37:24:c5:e6:a4:22:f3:b7:a4:24:80:5b:17:3a:89:
36:e5:a7:79:7d:2e:71:2b:93:bf:0d:40:8a:ce:b9:27:8d:bf:
eb:04:c2:9d:00:05:1a:eb:38:63:99:3f:92:1e:35:b8:aa:63:
a0:1a:1b:c2:e5:64:b3:59:11:53:38:e0:f7:66:d2:01:6c:a5:
eb:a7:4e:fa:f6:f8:13:7b:18:f6:66:ad:01:3f:27:3f:5a:fa:
0b:80:9f:e3:9a:75:dd:83:7a:58:a8:34:be:c2:34:54:bd:5b:
58:17:48:37:84:8a:e5:86:88:25:dd:2c:45:79:8b:77:65:71:
bf:54:9b:44
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZY//34JSAaekIFuhBDdknAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwNDE2MTkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzkzOGZlOGRiMDE5MDU0Y2ZmZDQyNDAyZmNjMzkxN2Y4MGY2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/CrBtRwblHWEAhaHhz6+cnu80nn
cBCRd5DQ135A6eh6zPafMhijvloEAwQISyxpcfGv4STtx+62KI5YcVsel5XihRxh
+YZXQraEefmL8DuJoSt1qdBNSM+PjH22ucHn0TiuNKZxH//ArlKOTP7KmrP02199
qigYpaK4OW3+7MAWNfNQ/TQ6CPKZeQ6xHO+ClWhwWcWHaxb5XHs8XoKnrS+ao/ip
h+H6+Doh5lkHk3cqFRLvBP6tTXkpJR7UuribmOZkGnmVWU+4Ae8bZpkY8WznHv4S
3DZClHgRqZVsNO0D+xc04/cAA+UllmYi5SmOkQtD6Vvc3gMu1K86pqOdfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLyTj+jbAZBUz/1CQC/MORf4D2dtMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvdkpPUDZOc0JrRlRQX1VKQUw4dzVGX2dQWjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgnaQQMF
ACoMCsUDBQAqETXBAwUAKhFwgQMFACoScwUwDQYJKoZIhvcNAQELBQADggEBAJX5
+bPsYAWLRHdzrsLhMz8G+VK3q2dGp4TattyhUx3ShfS7yaO7xPAidVv3uHc+tsaR
WGnevD6kgCAlagTmLWCryzZ92fawlnTesyKzVAZ2A7adTDOorDG4Sh6U0+fS0swE
g8fkY9YZKj/MblmVrX+CAY83lpvnd43HtzrDLwU6lTckxeakIvO3pCSAWxc6iTbl
p3l9LnErk78NQIrOuSeNv+sEwp0ABRrrOGOZP5IeNbiqY6AaG8LlZLNZEVM44Pdm
0gFspeunTvr2+BN7GPZmrQE/Jz9a+guAn+Oadd2DelioNL7CNFS9W1gXSDeEiuWG
iCXdLEV5i3dlcb9Um0Q=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:14:54 2025 by rpki-client