Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/9fYVFfHTqf1a_imjPpvJGZndsKw.roa
File: 9fYVFfHTqf1a_imjPpvJGZndsKw.roa (raw, json)
Hash identifier: rlKOE4E7l83H6REVCLchmgjMBofrkEYi53PSu+quf3c=
Subject key identifier: F5:F6:15:15:F1:D3:A9:FD:5A:FE:29:A3:3E:9B:C9:19:99:DD:B0:AC
Certificate issuer: /CN=d08db08e1338a579ad3789535fa73a5e54511ff1
Certificate serial: 0197364DCCD389E198B98E3AA4A6DBA67FBC
Authority key identifier: D0:8D:B0:8E:13:38:A5:79:AD:37:89:53:5F:A7:3A:5E:54:51:1F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2wjhM4pXmtN4lTX6c6XlRRH_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/9fYVFfHTqf1a_imjPpvJGZndsKw.roa
Signing time: Tue 03 Jun 2025 14:59:17 +0000
ROA not before: Tue 03 Jun 2025 14:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:678:58c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:4d:cc:d3:89:e1:98:b9:8e:3a:a4:a6:db:a6:7f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08db08e1338a579ad3789535fa73a5e54511ff1
Validity
Not Before: Jun 3 14:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5f61515f1d3a9fd5afe29a33e9bc91999ddb0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:16:f3:aa:f7:77:a4:39:1a:0c:60:83:3a:41:
8f:53:a5:f3:1c:dd:60:23:7b:22:d1:8b:99:b9:00:
36:9c:39:9b:4f:ad:d6:a6:73:97:e4:f7:d2:64:bc:
50:0e:06:04:57:cf:b7:b8:4a:a9:1e:43:5a:9e:13:
00:48:39:13:9f:71:0d:73:63:b6:07:08:ba:6c:9f:
06:62:07:55:0b:29:88:dc:86:a0:0a:07:27:ae:c0:
c9:71:47:85:13:53:fc:d6:87:2a:ac:47:eb:9e:17:
99:89:d3:7a:aa:df:ab:01:3e:86:ac:33:17:eb:09:
d9:fe:a8:a4:7d:cd:cf:d7:fb:7a:7a:9b:42:86:de:
75:47:27:9f:0c:56:28:09:27:3d:dc:a4:f9:23:3c:
19:b1:13:a5:e8:54:1f:b9:c0:ba:1e:e4:71:86:00:
d2:bc:bd:60:d2:79:b7:5b:12:ba:d0:19:14:7f:d9:
d9:db:81:a1:eb:b9:58:9f:ab:d5:49:a5:65:fc:c1:
ba:d0:d8:53:92:78:b0:c4:6c:4e:8e:66:69:e6:15:
23:ab:9c:6e:b4:b5:94:2f:14:32:d8:0e:73:62:f8:
a3:27:b7:71:5b:c7:4b:d8:28:e1:48:7c:06:18:12:
35:10:23:e0:b7:75:f6:a5:4b:45:82:65:1e:8f:21:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F6:15:15:F1:D3:A9:FD:5A:FE:29:A3:3E:9B:C9:19:99:DD:B0:AC
X509v3 Authority Key Identifier:
keyid:D0:8D:B0:8E:13:38:A5:79:AD:37:89:53:5F:A7:3A:5E:54:51:1F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2wjhM4pXmtN4lTX6c6XlRRH_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/9fYVFfHTqf1a_imjPpvJGZndsKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2b2cb3-ccb6-41e0-89bc-1b760451dac8/1/0I2wjhM4pXmtN4lTX6c6XlRRH_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:58c::/48
Signature Algorithm: sha256WithRSAEncryption
8d:3a:cf:60:bc:fc:17:7d:6b:9d:5f:d3:91:57:a1:5e:d1:ca:
b3:9d:89:8e:a5:aa:f2:87:3c:da:cd:1e:0e:36:b7:3c:ff:b2:
7f:4f:4e:42:b3:c9:92:ad:d0:d8:2d:f3:f2:69:1b:5e:70:98:
39:76:0b:ca:80:dd:74:7c:3e:f3:9d:5d:22:e1:ff:b9:d2:10:
d5:b9:c5:c4:e8:29:54:8f:3d:89:65:70:e5:18:3c:f1:0f:ec:
0e:11:38:95:14:42:4c:2c:9b:f5:83:bf:0a:5a:54:62:1f:39:
1a:5f:20:f0:16:3b:c5:fb:51:ff:55:98:e2:73:ba:b3:ae:df:
7f:6d:46:46:51:59:ff:47:65:15:93:b0:d0:59:62:d2:a2:41:
02:5a:6a:29:7f:aa:11:b0:89:72:d3:d6:96:49:e4:35:50:c9:
37:5f:d3:d8:36:f0:ee:f2:8e:07:25:7b:0f:f3:56:3d:2b:1c:
0c:45:44:25:d6:ab:90:82:5d:ab:94:9c:d1:6c:c4:9c:72:d3:
69:8e:ef:29:f1:5c:29:6e:8a:ec:45:9d:e7:ff:eb:ce:03:74:
8a:12:a6:e9:cb:99:d0:94:bb:b2:15:d1:5e:d8:73:7d:7f:d4:
11:db:bf:7f:65:39:f7:d9:fd:04:0c:ad:6b:6a:c8:a5:5a:a5:
21:bf:98:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZc2TczTieGYuY46pKbbpn+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRiMDhlMTMzOGE1NzlhZDM3ODk1MzVmYTczYTVlNTQ1
MTFmZjEwHhcNMjUwNjAzMTQ1OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWY2MTUxNWYxZDNhOWZkNWFmZTI5YTMzZTliYzkxOTk5ZGRiMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxbzqvd3pDkaDGCDOkGPU6XzHN1g
I3si0YuZuQA2nDmbT63WpnOX5PfSZLxQDgYEV8+3uEqpHkNanhMASDkTn3ENc2O2
Bwi6bJ8GYgdVCymI3IagCgcnrsDJcUeFE1P81ocqrEfrnheZidN6qt+rAT6GrDMX
6wnZ/qikfc3P1/t6eptCht51RyefDFYoCSc93KT5IzwZsROl6FQfucC6HuRxhgDS
vL1g0nm3WxK60BkUf9nZ24Gh67lYn6vVSaVl/MG60NhTkniwxGxOjmZp5hUjq5xu
tLWULxQy2A5zYvijJ7dxW8dL2CjhSHwGGBI1ECPgt3X2pUtFgmUejyHLVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPX2FRXx06n9Wv4poz6byRmZ3bCsMB8GA1UdIwQY
MBaAFNCNsI4TOKV5rTeJU1+nOl5UUR/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkyd2poTTRwWG10TjRsVFg2YzZYbFJSSF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yYjJjYjMtY2NiNi00MWUwLTg5YmMt
MWI3NjA0NTFkYWM4LzEvOWZZVkZmSFRxZjFhX2ltalBwdkpHWm5kc0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yYjJjYjMtY2NiNi00MWUwLTg5YmMtMWI3NjA0NTFkYWM4
LzEvMEkyd2poTTRwWG10TjRsVFg2YzZYbFJSSF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAWM
MA0GCSqGSIb3DQEBCwUAA4IBAQCNOs9gvPwXfWudX9ORV6Fe0cqznYmOparyhzza
zR4ONrc8/7J/T05Cs8mSrdDYLfPyaRtecJg5dgvKgN10fD7znV0i4f+50hDVucXE
6ClUjz2JZXDlGDzxD+wOETiVFEJMLJv1g78KWlRiHzkaXyDwFjvF+1H/VZjic7qz
rt9/bUZGUVn/R2UVk7DQWWLSokECWmopf6oRsIly09aWSeQ1UMk3X9PYNvDu8o4H
JXsP81Y9KxwMRUQl1quQgl2rlJzRbMScctNpju8p8VwpborsRZ3n/+vOA3SKEqbp
y5nQlLuyFdFe2HN9f9QR279/ZTn32f0EDK1rasilWqUhv5hG
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:20:10 2025 by rpki-client