Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7zfngT6RNOq9VJzKUYEpH9T5Ty0.roa
File: 7zfngT6RNOq9VJzKUYEpH9T5Ty0.roa (raw, json)
Hash identifier: b2pfdzC45GMVipBGZQW2DlQf49+s2YH1i4ZbUxDlU4k=
Subject key identifier: EF:37:E7:81:3E:91:34:EA:BD:54:9C:CA:51:81:29:1F:D4:F9:4F:2D
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195CEDF370A411DC990AA45989223E0F412
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7zfngT6RNOq9VJzKUYEpH9T5Ty0.roa
Signing time: Tue 25 Mar 2025 19:54:49 +0000
ROA not before: Tue 25 Mar 2025 19:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:7682::/32 maxlen: 32
2a11:9fc2::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:c443::/32 maxlen: 32
2a11:cd02::/32 maxlen: 32
2a11:d081::/32 maxlen: 32
2a11:fec1::/32 maxlen: 32
2a12:4c03::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:df:37:0a:41:1d:c9:90:aa:45:98:92:23:e0:f4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 25 19:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef37e7813e9134eabd549cca5181291fd4f94f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:88:e7:e6:e3:8d:4e:f5:7d:e9:92:8a:e7:
81:5a:61:63:76:60:84:cf:94:9a:3d:bb:03:cd:8d:
fe:d1:13:12:68:77:d0:fd:c9:c7:7d:0a:17:bd:06:
07:4c:b8:e8:79:3d:fa:9a:6c:7f:0f:d1:fb:7a:57:
d6:76:e3:92:e1:6a:0a:19:26:9e:bd:45:db:bd:90:
4f:45:55:4d:6a:ed:c2:59:b9:9a:4b:ea:b5:ba:3d:
b9:cc:9c:df:7f:19:01:68:fd:74:53:8e:b6:63:8c:
df:af:f6:a3:24:93:de:f2:05:11:6f:4d:c6:ad:4a:
d9:bf:08:75:f8:3f:6c:27:91:d5:89:ac:f5:cd:1c:
1b:c1:05:04:5f:c5:84:55:6c:ff:19:a7:75:3c:fd:
ef:5f:a8:2b:a8:ff:68:24:45:dc:54:dd:23:07:39:
2c:fc:6a:e5:79:23:91:3b:4f:69:c5:37:fe:ac:fe:
3d:93:7f:f9:74:05:44:e3:ce:08:eb:df:90:7d:96:
6f:7d:e2:7d:86:4e:6f:5d:da:8d:38:b9:ab:03:51:
53:7c:b5:65:3c:ad:06:a5:aa:9c:78:31:bf:2d:59:
b5:94:ab:b4:39:94:43:70:a6:9f:34:bb:9c:b7:14:
c4:de:2a:9c:d6:4a:7d:29:d0:19:67:bf:92:32:3f:
1d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:37:E7:81:3E:91:34:EA:BD:54:9C:CA:51:81:29:1F:D4:F9:4F:2D
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7zfngT6RNOq9VJzKUYEpH9T5Ty0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7682::/32
2a11:9fc2::/32
2a11:b785::/32
2a11:c443::/32
2a11:cd02::/32
2a11:d081::/32
2a11:fec1::/32
2a12:4c03::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
07:93:cc:d3:2b:63:42:c4:0f:aa:45:0b:7d:db:b0:2a:61:09:
06:ad:43:96:de:b4:ef:25:1f:62:7a:3d:86:0e:47:1e:83:77:
14:47:3f:2c:d7:f7:a6:48:0c:c6:00:42:1e:04:04:5c:90:9c:
9e:a8:d9:f8:bc:7c:7e:ca:58:d7:d3:43:70:05:88:c6:d4:99:
27:77:48:05:d8:e2:8e:d0:53:f4:86:c4:75:c6:81:05:bd:6b:
b0:9f:e4:a7:11:00:f6:83:7f:d8:95:e9:07:09:39:15:39:a6:
c3:63:8e:a1:0e:46:a4:27:51:7e:02:7c:8d:75:ae:12:42:34:
e4:c8:3f:fd:ae:67:3a:55:9b:83:22:7d:ff:cf:8f:af:1c:b6:
a1:cd:37:47:1d:02:8b:55:55:e8:e5:f0:ca:82:39:c0:d6:ec:
f9:f4:9d:a7:e2:20:e4:ab:c1:1f:09:10:6b:92:75:80:5d:84:
0c:c2:13:c9:23:24:22:16:50:1a:cd:4d:2e:06:33:9a:bb:6e:
96:2c:ae:a1:95:66:43:ff:3d:03:6e:69:63:2a:c4:06:a4:a0:
07:31:65:25:91:1e:dc:93:ef:38:c4:32:26:43:f3:c3:e7:a7:
95:75:d2:a7:7f:48:85:1b:6d:37:09:19:12:c1:16:b8:5e:02:
9a:95:c6:19
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZXO3zcKQR3JkKpFmJIj4PQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMzI1MTk1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM3ZTc4MTNlOTEzNGVhYmQ1NDljY2E1MTgxMjkxZmQ0Zjk0ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvKI5+bjjU71femSiueBWmFjdmCE
z5SaPbsDzY3+0RMSaHfQ/cnHfQoXvQYHTLjoeT36mmx/D9H7elfWduOS4WoKGSae
vUXbvZBPRVVNau3CWbmaS+q1uj25zJzffxkBaP10U462Y4zfr/ajJJPe8gURb03G
rUrZvwh1+D9sJ5HViaz1zRwbwQUEX8WEVWz/Gad1PP3vX6grqP9oJEXcVN0jBzks
/GrleSORO09pxTf+rP49k3/5dAVE484I69+QfZZvfeJ9hk5vXdqNOLmrA1FTfLVl
PK0GpaqceDG/LVm1lKu0OZRDcKafNLuctxTE3iqc1kp9KdAZZ7+SMj8dXQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFO8354E+kTTqvVScylGBKR/U+U8tMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvN3pmbmdUNlJOT3E5Vkp6S1VZRXBIOVQ1VHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUAKhF2ggMF
ACoRn8IDBQAqEbeFAwUAKhHEQwMFACoRzQIDBQAqEdCBAwUAKhH+wQMFACoSTAMD
BQAqEkwGMA0GCSqGSIb3DQEBCwUAA4IBAQAHk8zTK2NCxA+qRQt927AqYQkGrUOW
3rTvJR9iej2GDkceg3cURz8s1/emSAzGAEIeBARckJyeqNn4vHx+yljX00NwBYjG
1Jknd0gF2OKO0FP0hsR1xoEFvWuwn+SnEQD2g3/YlekHCTkVOabDY46hDkakJ1F+
AnyNda4SQjTkyD/9rmc6VZuDIn3/z4+vHLahzTdHHQKLVVXo5fDKgjnA1uz59J2n
4iDkq8EfCRBrknWAXYQMwhPJIyQiFlAazU0uBjOau26WLK6hlWZD/z0DbmljKsQG
pKAHMWUlkR7ck+84xDImQ/PD56eVddKnf0iFG203CRkSwRa4XgKalcYZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:45:42 2025 by rpki-client