Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/v4SQRLHf5nYkBHaVpXii5dfLZag.roa
File: v4SQRLHf5nYkBHaVpXii5dfLZag.roa (raw, json)
Hash identifier: x7u2+GIzDIiFV+NfRd1Z38RUJjx62IOURXcAS9yBuRc=
Subject key identifier: BF:84:90:44:B1:DF:E6:76:24:04:76:95:A5:78:A2:E5:D7:CB:65:A8
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 019B4AD05BA6A297320ADDD7AA9E3539F551
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/v4SQRLHf5nYkBHaVpXii5dfLZag.roa
Signing time: Tue 23 Dec 2025 10:45:27 +0000
ROA not before: Tue 23 Dec 2025 10:45:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57793
IP address blocks: 2a03:b980::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:4a:d0:5b:a6:a2:97:32:0a:dd:d7:aa:9e:35:39:f5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Dec 23 10:45:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf849044b1dfe67624047695a578a2e5d7cb65a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:64:38:94:da:6c:14:d5:1e:cd:83:d4:80:20:
9f:01:e8:f8:9a:57:24:4a:31:a8:ae:ff:09:4c:e3:
7c:af:22:c3:2b:e7:db:c1:ef:00:1c:62:02:7b:8b:
5e:e0:1e:46:02:71:40:c2:46:2c:44:ff:48:39:4a:
4e:f3:b4:16:00:c2:e0:aa:8e:10:af:2b:fd:9c:dc:
73:c9:54:03:e4:d0:b3:64:7e:1a:2f:9d:de:37:fc:
a7:20:d2:3a:63:7f:a1:0b:d1:c2:1f:fb:1e:5e:d1:
cb:5f:83:0b:83:9e:f4:4b:7d:7c:a0:d0:97:40:90:
6a:ff:b7:8b:91:94:4a:52:82:da:e5:e8:41:13:73:
6b:50:22:46:9d:3f:52:dd:b4:ff:4b:83:50:78:21:
f5:ba:83:8c:c9:e2:b6:5e:ca:2a:d1:ee:62:13:fa:
4e:9f:2c:1b:7e:cd:95:74:66:56:94:cc:7e:45:49:
12:1b:f7:ed:b4:0f:e5:71:42:72:64:3c:24:d1:28:
76:46:71:0f:d1:03:3d:8e:7d:8b:c7:03:f7:7f:dd:
c5:2c:77:7e:ba:a9:00:bd:64:66:5f:a8:60:23:3a:
70:13:61:c1:d1:19:0f:67:65:b9:a7:d0:ae:a3:dd:
6a:98:62:95:da:b5:58:d4:7d:a1:00:0e:8f:cc:b5:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:84:90:44:B1:DF:E6:76:24:04:76:95:A5:78:A2:E5:D7:CB:65:A8
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/v4SQRLHf5nYkBHaVpXii5dfLZag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b980::/32
Signature Algorithm: sha256WithRSAEncryption
9e:7a:af:ff:62:aa:c3:bd:b0:96:0f:c8:d4:6d:d2:92:ef:13:
d1:24:c5:91:bd:76:84:26:b4:1c:20:bc:5f:bf:fd:01:ab:97:
a8:ac:04:43:24:98:91:93:6c:a0:70:a7:87:ac:89:fd:f4:db:
e8:fe:b2:57:0a:a3:54:de:6b:81:87:ec:8c:46:9b:97:73:75:
c0:83:03:15:d8:6a:d4:7d:9d:54:6a:03:f3:7a:48:b9:46:cc:
71:fa:20:35:a6:90:8c:1a:46:be:c8:2f:2d:b9:dd:42:4c:06:
45:03:ff:b9:be:48:3a:9e:15:7a:3f:74:80:bf:e3:b3:31:3e:
b1:e8:ca:cc:cb:5f:10:06:a0:32:11:fb:38:de:42:b6:b0:d4:
37:e1:ea:cd:89:90:48:aa:9e:4c:eb:ff:8f:cb:67:00:ac:b4:
dd:fa:bd:67:a1:63:51:26:00:cf:0c:6f:72:11:8a:fe:f4:c8:
1c:00:51:a6:49:c0:9f:b0:0a:30:a3:56:a1:52:0c:5d:e7:9d:
b1:5e:8c:f8:06:de:da:ac:fd:99:85:93:0f:15:20:0d:ed:49:
8a:a2:75:0c:3e:48:a5:0e:2e:c3:ae:cd:14:1a:17:81:72:28:
44:86:54:e0:48:66:2b:18:45:ce:6e:cb:b7:fb:b7:6a:fd:10:
43:fe:d0:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZtK0FumopcyCt3Xqp41OfVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA2N2Q3N2JmZWE5OWRmMjVjZTVlMDhhOTIxM2QxMTI4
MDE0Y2YwHhcNMjUxMjIzMTA0NTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0OTA0NGIxZGZlNjc2MjQwNDc2OTVhNTc4YTJlNWQ3Y2I2NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGQ4lNpsFNUezYPUgCCfAej4mlck
SjGorv8JTON8ryLDK+fbwe8AHGICe4te4B5GAnFAwkYsRP9IOUpO87QWAMLgqo4Q
ryv9nNxzyVQD5NCzZH4aL53eN/ynINI6Y3+hC9HCH/seXtHLX4MLg570S318oNCX
QJBq/7eLkZRKUoLa5ehBE3NrUCJGnT9S3bT/S4NQeCH1uoOMyeK2Xsoq0e5iE/pO
nywbfs2VdGZWlMx+RUkSG/fttA/lcUJyZDwk0Sh2RnEP0QM9jn2LxwP3f93FLHd+
uqkAvWRmX6hgIzpwE2HB0RkPZ2W5p9Cuo91qmGKV2rVY1H2hAA6PzLWwlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL+EkESx3+Z2JAR2laV4ouXXy2WoMB8GA1UdIwQY
MBaAFG5AZ9d7/qmd8lzl4IqSE9ESgBTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmIt
MzMwM2Y3MTYyMmY5LzEvdjRTUVJMSGY1bllrQkhhVnBYaWk1ZGZMWmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmItMzMwM2Y3MTYyMmY5
LzEvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgO5gDAN
BgkqhkiG9w0BAQsFAAOCAQEAnnqv/2Kqw72wlg/I1G3Sku8T0STFkb12hCa0HCC8
X7/9AauXqKwEQySYkZNsoHCnh6yJ/fTb6P6yVwqjVN5rgYfsjEabl3N1wIMDFdhq
1H2dVGoD83pIuUbMcfogNaaQjBpGvsgvLbndQkwGRQP/ub5IOp4Vej90gL/jszE+
sejKzMtfEAagMhH7ON5CtrDUN+HqzYmQSKqeTOv/j8tnAKy03fq9Z6FjUSYAzwxv
chGK/vTIHABRpknAn7AKMKNWoVIMXeedsV6M+Abe2qz9mYWTDxUgDe1JiqJ1DD5I
pQ4uw67NFBoXgXIoRIZU4EhmKxhFzm7Lt/u3av0QQ/7QJQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:23:39 2026 by rpki-client