Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/af7c07-1aa9-4335-b10b-426ba426b754/1/88xf3VGjqfjwxcq6Zmu8HZefO2E.roa
File: 88xf3VGjqfjwxcq6Zmu8HZefO2E.roa (raw, json)
Hash identifier: eEE4BzMG9l87ro4pc68Fh1z7BHo9ksykf02qR7nc1RA=
Subject key identifier: F3:CC:5F:DD:51:A3:A9:F8:F0:C5:CA:BA:66:6B:BC:1D:97:9F:3B:61
Certificate issuer: /CN=e92af4dda2fc01f8e14793084b0acc8965a7716c
Certificate serial: 019D1FB092946E6A5A63FC20C0016AEC4623
Authority key identifier: E9:2A:F4:DD:A2:FC:01:F8:E1:47:93:08:4B:0A:CC:89:65:A7:71:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Sr03aL8AfjhR5MISwrMiWWncWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/af7c07-1aa9-4335-b10b-426ba426b754/1/88xf3VGjqfjwxcq6Zmu8HZefO2E.roa
Signing time: Tue 24 Mar 2026 11:52:38 +0000
ROA not before: Tue 24 Mar 2026 11:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a14:b400::/29 maxlen: 48
2a14:b400::/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:b0:92:94:6e:6a:5a:63:fc:20:c0:01:6a:ec:46:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92af4dda2fc01f8e14793084b0acc8965a7716c
Validity
Not Before: Mar 24 11:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f3cc5fdd51a3a9f8f0c5caba666bbc1d979f3b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:eb:43:ae:c4:c7:e4:31:ad:c1:a4:e8:00:e6:
47:07:62:7c:84:93:e7:bd:56:92:ad:96:a1:f7:ae:
a6:6e:c3:12:4a:3c:59:ff:68:79:2c:1d:c7:5d:68:
f8:a9:cf:4e:e9:45:1b:0c:10:86:54:2c:11:d6:73:
ae:dd:5c:6b:69:d2:75:5b:ab:a5:fa:22:40:a6:2a:
4c:fa:f4:26:37:a0:aa:e9:ff:0b:3b:ea:ea:39:75:
e5:c1:a4:85:23:c5:78:5b:08:79:c0:cb:09:be:d9:
cc:60:70:64:ea:d3:e0:9c:a9:17:a5:c9:de:ae:23:
fd:83:00:4a:2d:05:9e:e0:e4:b2:4f:7c:a8:79:7e:
18:55:81:ee:2a:82:86:ed:36:7d:23:25:c9:81:0a:
6b:6e:de:cb:e1:d1:2b:4e:26:30:54:56:02:27:2e:
23:67:1f:8a:72:21:92:d3:66:d5:e2:28:e5:3c:37:
2f:66:1a:0d:23:5b:5b:31:f9:a2:42:e2:dd:73:bd:
a6:6e:55:4d:31:78:51:e8:70:2a:a6:df:76:02:69:
db:a8:74:ce:c6:45:52:67:75:78:b4:61:1c:23:d9:
f1:ac:07:c2:85:f3:50:f1:e0:e4:5b:38:46:6e:04:
da:b1:37:ba:41:cd:89:1f:87:96:a9:c2:d5:86:0c:
af:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CC:5F:DD:51:A3:A9:F8:F0:C5:CA:BA:66:6B:BC:1D:97:9F:3B:61
X509v3 Authority Key Identifier:
keyid:E9:2A:F4:DD:A2:FC:01:F8:E1:47:93:08:4B:0A:CC:89:65:A7:71:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Sr03aL8AfjhR5MISwrMiWWncWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/af7c07-1aa9-4335-b10b-426ba426b754/1/88xf3VGjqfjwxcq6Zmu8HZefO2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/af7c07-1aa9-4335-b10b-426ba426b754/1/6Sr03aL8AfjhR5MISwrMiWWncWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b400::/29
Signature Algorithm: sha256WithRSAEncryption
96:59:3a:73:24:2c:6f:65:73:88:3b:7b:76:13:43:fa:c9:d7:
01:2d:d1:7a:d9:fd:f0:25:42:93:5d:fa:92:cf:32:20:b6:a1:
53:58:96:7d:9f:97:2c:b1:67:64:d9:0c:79:65:a6:e7:a7:6c:
24:0e:d6:c8:50:66:e9:d8:e9:3c:a6:b7:25:a0:b5:22:ee:70:
4c:52:ae:3a:c3:6b:67:47:8a:d9:86:d7:70:63:15:33:17:3d:
d7:ad:9c:3c:e0:97:dc:bc:aa:64:f2:b9:fe:4e:46:8e:9f:be:
c2:64:32:da:65:c4:f6:f6:3f:96:dc:27:c9:7e:e3:d6:c7:18:
7a:4f:ab:4b:c6:08:1e:47:ff:6d:59:b2:70:eb:fc:d1:f9:8d:
f5:d2:79:a8:b5:e7:37:6c:9a:d2:30:96:c0:46:bd:d4:c3:3a:
14:80:d4:50:87:56:fd:f5:b4:27:c0:8f:e8:b4:d5:ce:f6:a3:
fd:ad:ee:26:ae:51:46:d1:c8:04:b9:68:db:94:1c:35:fc:eb:
b5:8c:77:5a:e9:5e:30:c9:12:e5:b1:3c:6b:93:f9:ec:e8:a2:
80:58:d5:6e:97:8f:58:c6:2a:4b:58:13:a7:b4:f9:13:d7:0d:
4b:a8:23:ac:c6:7e:8c:62:88:5f:2a:7d:f6:02:a6:86:5d:5b:
7c:6f:21:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ0fsJKUbmpaY/wgwAFq7EYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmFmNGRkYTJmYzAxZjhlMTQ3OTMwODRiMGFjYzg5NjVh
NzcxNmMwHhcNMjYwMzI0MTE1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NjNWZkZDUxYTNhOWY4ZjBjNWNhYmE2NjZiYmMxZDk3OWYzYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwutDrsTH5DGtwaToAOZHB2J8hJPn
vVaSrZah966mbsMSSjxZ/2h5LB3HXWj4qc9O6UUbDBCGVCwR1nOu3VxradJ1W6ul
+iJApipM+vQmN6Cq6f8LO+rqOXXlwaSFI8V4Wwh5wMsJvtnMYHBk6tPgnKkXpcne
riP9gwBKLQWe4OSyT3yoeX4YVYHuKoKG7TZ9IyXJgQprbt7L4dErTiYwVFYCJy4j
Zx+KciGS02bV4ijlPDcvZhoNI1tbMfmiQuLdc72mblVNMXhR6HAqpt92AmnbqHTO
xkVSZ3V4tGEcI9nxrAfChfNQ8eDkWzhGbgTasTe6Qc2JH4eWqcLVhgyvRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPPMX91Ro6n48MXKumZrvB2XnzthMB8GA1UdIwQY
MBaAFOkq9N2i/AH44UeTCEsKzIllp3FsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNyMDNhTDhBZmpoUjVNSVN3ck1pV1duY1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hZjdjMDctMWFhOS00MzM1LWIxMGIt
NDI2YmE0MjZiNzU0LzEvODh4ZjNWR2pxZmp3eGNxNlptdThIWmVmTzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hZjdjMDctMWFhOS00MzM1LWIxMGItNDI2YmE0MjZiNzU0
LzEvNlNyMDNhTDhBZmpoUjVNSVN3ck1pV1duY1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhS0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAllk6cyQsb2VziDt7dhND+snXAS3Retn98CVCk136
ks8yILahU1iWfZ+XLLFnZNkMeWWm56dsJA7WyFBm6djpPKa3JaC1Iu5wTFKuOsNr
Z0eK2YbXcGMVMxc9162cPOCX3LyqZPK5/k5Gjp++wmQy2mXE9vY/ltwnyX7j1scY
ek+rS8YIHkf/bVmycOv80fmN9dJ5qLXnN2ya0jCWwEa91MM6FIDUUIdW/fW0J8CP
6LTVzvaj/a3uJq5RRtHIBLlo25QcNfzrtYx3WuleMMkS5bE8a5P57OiigFjVbpeP
WMYqS1gTp7T5E9cNS6gjrMZ+jGKIXyp99gKmhl1bfG8hYQ==
-----END CERTIFICATE-----
Generated at Tue May 19 15:17:42 2026 by rpki-client