Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/1-dg7TaWV82KOHZHIJgTUymZmJgs.roa
File: 1-dg7TaWV82KOHZHIJgTUymZmJgs.roa (raw, json)
Hash identifier: OHxUNSJGF4ubujb3bExDBjKv5n6Tf+O2P2jONhprDjA=
Subject key identifier: F9:D8:3B:4D:A5:95:F3:62:8E:1D:91:C8:26:04:D4:CA:66:66:26:0B
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01970E04096131381C5561FD844AB94DE3E4
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/1-dg7TaWV82KOHZHIJgTUymZmJgs.roa
Signing time: Mon 26 May 2025 19:13:54 +0000
ROA not before: Mon 26 May 2025 19:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a06:4387::/32 maxlen: 32
2a09:a203::/32 maxlen: 32
2a0a:c0c5::/32 maxlen: 32
2a0d:f842::/32 maxlen: 32
2a0e:7f05::/32 maxlen: 32
2a0f:9d07::/32 maxlen: 32
2a12:38c6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0e:04:09:61:31:38:1c:55:61:fd:84:4a:b9:4d:e3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: May 26 19:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9d83b4da595f3628e1d91c82604d4ca6666260b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:3b:3a:a1:65:67:8f:63:fc:eb:0c:61:e7:
61:b0:d7:4a:88:e1:12:85:92:6a:92:aa:4c:12:6e:
15:b5:e7:6a:49:c1:7f:ce:6a:d1:04:05:80:59:22:
96:81:95:13:a0:6b:02:77:40:c8:26:f3:70:08:2a:
bc:bc:5c:3c:02:2a:e7:5f:5a:2d:7a:40:83:be:88:
d7:b7:92:d0:6c:44:25:18:99:6c:41:e4:fa:35:83:
ca:db:7d:47:e0:b9:05:38:8e:98:be:54:a1:d6:3f:
d7:81:ca:8f:49:d1:30:3c:38:30:c2:0b:a3:34:88:
cd:8d:a7:27:35:e5:31:3b:5a:87:7e:56:7f:47:53:
2a:78:45:b6:f1:bd:bb:de:87:5f:a8:e7:ad:d1:1a:
bc:0f:12:ea:3b:f1:4f:27:80:98:e1:4a:78:6b:05:
f9:37:9e:ec:60:10:81:79:84:94:79:36:bd:4e:8a:
01:77:1e:ce:a7:88:96:85:92:fe:c1:7f:00:7d:ce:
6c:c0:49:56:71:48:24:ae:32:7b:8e:b3:20:61:d8:
40:2d:8c:fb:9c:02:b2:f7:31:5e:86:3c:2c:35:3d:
14:38:98:8c:8a:ef:63:48:b3:d1:33:cc:fa:5f:60:
ea:99:e6:8f:23:76:fe:44:94:61:81:07:0c:df:9d:
68:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D8:3B:4D:A5:95:F3:62:8E:1D:91:C8:26:04:D4:CA:66:66:26:0B
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/1-dg7TaWV82KOHZHIJgTUymZmJgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4387::/32
2a09:a203::/32
2a0a:c0c5::/32
2a0d:f842::/32
2a0e:7f05::/32
2a0f:9d07::/32
2a12:38c6::/32
Signature Algorithm: sha256WithRSAEncryption
c5:d3:da:ec:8b:c0:07:c6:1c:24:bd:d5:fd:5c:72:ec:62:58:
fa:a6:51:8c:68:9a:17:15:0c:13:18:06:a3:69:a4:ad:d9:48:
67:bc:64:b7:05:18:c0:bd:31:77:8a:f5:20:e2:02:34:0c:17:
33:12:1e:24:9b:a3:c9:fd:ae:75:70:8b:d5:53:47:33:f3:89:
31:ef:e2:b3:dc:13:f6:b3:2c:d0:47:32:dd:47:4c:ee:d5:20:
6a:6d:97:68:43:27:49:c1:14:f5:74:3b:b5:8f:b4:6e:26:05:
f9:5f:cc:79:6b:6c:33:44:cf:fa:05:cf:10:a1:45:03:77:7d:
7a:6c:a3:2b:fd:be:16:a8:69:ce:3e:5e:bd:eb:48:4d:7d:db:
7a:5f:76:06:dd:a1:dd:f2:6e:d2:72:f8:73:f3:c2:71:9e:ae:
8e:44:99:1b:78:d9:8b:3f:4d:cf:56:d6:6e:4d:d3:d9:db:33:
6a:0b:1d:61:b6:b1:9e:21:66:15:f6:e8:00:8b:d5:27:6e:69:
69:4f:41:c6:bf:6e:62:55:bf:ea:01:b1:3a:64:17:f7:23:9f:
2a:14:6e:d3:53:6a:cb:93:3e:f4:7c:30:55:d1:ad:c4:18:88:
c8:40:1f:33:64:c3:67:8b:e2:9b:02:3e:ae:e8:15:ff:07:bf:
4f:a9:7d:5b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZcOBAlhMTgcVWH9hEq5TePkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNTI2MTkxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ4M2I0ZGE1OTVmMzYyOGUxZDkxYzgyNjA0ZDRjYTY2NjYyNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyg7OqFlZ49j/OsMYedhsNdKiOES
hZJqkqpMEm4VtedqScF/zmrRBAWAWSKWgZUToGsCd0DIJvNwCCq8vFw8AirnX1ot
ekCDvojXt5LQbEQlGJlsQeT6NYPK231H4LkFOI6YvlSh1j/XgcqPSdEwPDgwwguj
NIjNjacnNeUxO1qHflZ/R1MqeEW28b273odfqOet0Rq8DxLqO/FPJ4CY4Up4awX5
N57sYBCBeYSUeTa9TooBdx7Op4iWhZL+wX8Afc5swElWcUgkrjJ7jrMgYdhALYz7
nAKy9zFehjwsNT0UOJiMiu9jSLPRM8z6X2DqmeaPI3b+RJRhgQcM351oiQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPnYO02llfNijh2RyCYE1MpmZiYLMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvMS1kZzdUYVdWODJLT0haSElKZ1RVeW1abUpncy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2EvN2IxMjA1LTM0NTAtNGU5MC04YjE0LTE3ZTY2YzFmZDNk
MS8xL0pnc3J4RlIzeUIxM1Rhb01LS3RFdDNTNkNTQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBKBggrBgEFBQcBBwEB/wQ7MDkwNwQCAAIwMQMFACoGQ4cD
BQAqCaIDAwUAKgrAxQMFACoN+EIDBQAqDn8FAwUAKg+dBwMFACoSOMYwDQYJKoZI
hvcNAQELBQADggEBAMXT2uyLwAfGHCS91f1ccuxiWPqmUYxomhcVDBMYBqNppK3Z
SGe8ZLcFGMC9MXeK9SDiAjQMFzMSHiSbo8n9rnVwi9VTRzPziTHv4rPcE/azLNBH
Mt1HTO7VIGptl2hDJ0nBFPV0O7WPtG4mBflfzHlrbDNEz/oFzxChRQN3fXpsoyv9
vhaoac4+Xr3rSE1923pfdgbdod3ybtJy+HPzwnGero5EmRt42Ys/Tc9W1m5N09nb
M2oLHWG2sZ4hZhX26ACL1SduaWlPQca/bmJVv+oBsTpkF/cjnyoUbtNTasuTPvR8
MFXRrcQYiMhAHzNkw2eL4psCPq7oFf8Hv0+pfVs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:26:51 2025 by rpki-client