Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/noOSwGyGW2OWrloFfM-kUB02U6g.roa
File: noOSwGyGW2OWrloFfM-kUB02U6g.roa (raw, json)
Hash identifier: IRPDeCKALcTu044ee4zk71SnlWJl9PCk2BbdG4HUUM4=
Subject key identifier: 9E:83:92:C0:6C:86:5B:63:96:AE:5A:05:7C:CF:A4:50:1D:36:53:A8
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019717C76DE374CCFB65FB950777518BB0B1
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/noOSwGyGW2OWrloFfM-kUB02U6g.roa
Signing time: Wed 28 May 2025 16:43:54 +0000
ROA not before: Wed 28 May 2025 16:43:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:4381::/32 maxlen: 32
2a06:4384::/32 maxlen: 32
2a09:a201::/32 maxlen: 32
2a0a:c0c0::/32 maxlen: 32
2a0c:9481::/32 maxlen: 32
2a0d:f844::/32 maxlen: 32
2a0e:7f04::/32 maxlen: 32
2a0e:c4c4::/32 maxlen: 32
2a0e:c4c5::/32 maxlen: 32
2a0e:eec1::/32 maxlen: 32
2a0f:1800::/32 maxlen: 32
2a0f:9d05::/32 maxlen: 32
2a12:38c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:c7:6d:e3:74:cc:fb:65:fb:95:07:77:51:8b:b0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: May 28 16:43:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e8392c06c865b6396ae5a057ccfa4501d3653a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:7c:df:0e:a6:21:ad:a1:14:72:14:04:2b:
d0:2b:5e:ad:4d:9c:ca:27:ce:ec:a4:44:3d:29:85:
a7:b7:8f:ca:44:6d:8e:f2:dc:39:ac:c2:21:d4:0d:
20:cf:fa:30:cd:3c:e9:6d:e7:70:ae:ec:39:8f:06:
42:59:34:e7:3f:75:d1:9a:ac:a3:4b:86:00:43:5a:
c5:54:c1:30:02:58:64:cd:2f:20:e5:88:48:2a:3b:
d8:b1:9d:99:e6:17:cd:5e:42:e8:9e:29:3f:33:fb:
4e:76:e5:d6:3f:3f:f4:a7:f8:da:cf:0c:24:ff:20:
ff:d4:7b:7d:dc:1e:c4:8b:06:fa:b7:f6:38:e0:b8:
60:55:31:1b:57:3a:8c:30:7c:85:42:4e:60:e4:00:
1e:b7:0c:62:12:8b:c7:df:ff:bf:8b:9a:80:a2:50:
73:99:20:8b:9d:28:26:fb:b5:5c:0e:26:d6:a1:9c:
a5:5c:cd:80:6c:6f:71:3b:ef:a7:c6:17:ae:5c:26:
cd:99:30:d1:89:9d:ae:52:5e:ab:75:3b:20:6f:1e:
b0:36:7d:8a:91:75:52:20:7b:58:ea:b1:77:d5:83:
d6:c4:f6:f0:2f:2c:86:bf:d5:e9:22:b8:0b:bc:36:
8a:2e:a7:fb:e8:a6:49:96:e2:24:3a:7d:5f:ad:7c:
c8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:83:92:C0:6C:86:5B:63:96:AE:5A:05:7C:CF:A4:50:1D:36:53:A8
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/noOSwGyGW2OWrloFfM-kUB02U6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4381::/32
2a06:4384::/32
2a09:a201::/32
2a0a:c0c0::/32
2a0c:9481::/32
2a0d:f844::/32
2a0e:7f04::/32
2a0e:c4c4::/31
2a0e:eec1::/32
2a0f:1800::/32
2a0f:9d05::/32
2a12:38c1::/32
Signature Algorithm: sha256WithRSAEncryption
86:57:e5:a3:53:48:0a:2f:e1:49:96:f6:64:c6:e3:cf:31:94:
a5:b5:9d:c0:06:cf:05:c8:11:c8:30:8b:f7:2c:06:25:b9:a7:
69:1c:3a:4f:c0:72:d3:d8:5b:ac:01:39:fe:e0:8b:13:a4:7c:
40:03:ac:37:67:50:a2:d8:33:cd:93:d6:85:2d:83:c8:f2:c0:
e3:d4:cb:2c:c8:41:ba:f1:1b:9d:c9:b3:35:b6:e0:fd:66:ba:
b9:79:8d:b1:36:c9:45:3c:ee:af:08:c9:73:79:bb:49:8a:d9:
f1:17:99:4c:f8:b6:8d:1b:3d:9b:6f:68:c1:69:d1:85:99:f0:
2c:ef:cd:8d:68:7a:92:06:ff:aa:11:13:04:b0:9b:46:3e:84:
cb:2f:2b:67:ac:b2:ba:43:ce:27:49:e9:9c:ec:68:22:e8:54:
4c:16:32:62:a4:23:75:31:d7:85:fd:24:80:38:d3:d5:c2:e1:
dc:a1:bf:63:b9:e3:36:41:36:43:39:87:dd:2a:06:38:6d:fd:
43:5a:6f:01:1a:e0:73:b5:0a:14:d9:66:e5:48:69:75:d7:fb:
f1:55:fb:0d:6c:2a:63:eb:8d:cc:20:63:4d:65:e9:f6:52:9f:
ed:61:e5:9e:cb:61:cf:5c:fe:5e:99:8f:66:2b:d5:69:93:e5:
95:53:e8:91
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZcXx23jdMz7ZfuVB3dRi7CxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNTI4MTY0MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTgzOTJjMDZjODY1YjYzOTZhZTVhMDU3Y2NmYTQ1MDFkMzY1M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6p83w6mIa2hFHIUBCvQK16tTZzK
J87spEQ9KYWnt4/KRG2O8tw5rMIh1A0gz/owzTzpbedwruw5jwZCWTTnP3XRmqyj
S4YAQ1rFVMEwAlhkzS8g5YhIKjvYsZ2Z5hfNXkLonik/M/tOduXWPz/0p/jazwwk
/yD/1Ht93B7Eiwb6t/Y44LhgVTEbVzqMMHyFQk5g5AAetwxiEovH3/+/i5qAolBz
mSCLnSgm+7VcDibWoZylXM2AbG9xO++nxheuXCbNmTDRiZ2uUl6rdTsgbx6wNn2K
kXVSIHtY6rF31YPWxPbwLyyGv9XpIrgLvDaKLqf76KZJluIkOn1frXzIUwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJ6DksBshltjlq5aBXzPpFAdNlOoMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvbm9PU3dHeUdXMk9XcmxvRmZNLWtVQjAyVTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKgZDgQMF
ACoGQ4QDBQAqCaIBAwUAKgrAwAMFACoMlIEDBQAqDfhEAwUAKg5/BAMFASoOxMQD
BQAqDu7BAwUAKg8YAAMFACoPnQUDBQAqEjjBMA0GCSqGSIb3DQEBCwUAA4IBAQCG
V+WjU0gKL+FJlvZkxuPPMZSltZ3ABs8FyBHIMIv3LAYluadpHDpPwHLT2FusATn+
4IsTpHxAA6w3Z1Ci2DPNk9aFLYPI8sDj1MssyEG68RudybM1tuD9Zrq5eY2xNslF
PO6vCMlzebtJitnxF5lM+LaNGz2bb2jBadGFmfAs782NaHqSBv+qERMEsJtGPoTL
LytnrLK6Q84nSemc7Ggi6FRMFjJipCN1MdeF/SSAONPVwuHcob9jueM2QTZDOYfd
KgY4bf1DWm8BGuBztQoU2WblSGl11/vxVfsNbCpj643MIGNNZen2Up/tYeWey2HP
XP5emY9mK9Vpk+WVU+iR
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:41:57 2025 by rpki-client