Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/f7JcNH2C1fm7aE2WXoUgeVSx7wU.roa
File: f7JcNH2C1fm7aE2WXoUgeVSx7wU.roa (raw, json)
Hash identifier: zABYK+6Tkzo4L+7iuSw/5xcqCiaRk5WOk9aDnetjX/s=
Subject key identifier: 7F:B2:5C:34:7D:82:D5:F9:BB:68:4D:96:5E:85:20:79:54:B1:EF:05
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222033DCB7C6A600E7AAF27F8B6FBA9F
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/f7JcNH2C1fm7aE2WXoUgeVSx7wU.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207314
IP address blocks: 2a0e:8f02:2230::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:33:dc:b7:c6:a6:00:e7:aa:f2:7f:8b:6f:ba:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fb25c347d82d5f9bb684d965e85207954b1ef05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ed:65:e8:f8:82:42:14:c5:af:18:b2:48:e1:
06:bb:1b:bc:86:03:0b:4e:fc:83:71:a0:5e:b7:e3:
aa:24:59:87:e7:14:a8:4b:40:3a:07:2e:20:0e:a8:
21:9a:9f:cc:e2:62:ce:6d:42:a2:c0:63:27:e4:fd:
bf:00:36:a1:3b:8c:59:90:e7:ef:b8:86:c4:7f:74:
14:01:a9:ee:92:a4:97:d8:16:5f:39:ab:db:df:d6:
a1:8e:84:28:90:9c:5e:29:18:2e:42:96:21:5f:c5:
a6:cf:e7:9d:93:2d:7d:26:85:52:16:73:6d:3c:84:
3a:f9:98:72:13:f1:dc:52:e9:7c:72:64:3b:be:06:
10:51:76:a8:ef:ae:b3:fe:dd:0f:a7:3f:1e:f5:49:
ee:b8:fa:2a:c4:08:f9:81:7d:38:c6:23:eb:cb:fa:
98:e9:00:1b:20:2e:b4:c0:d5:0a:23:a9:6a:f8:3c:
a5:f9:a0:6b:41:50:f2:41:98:53:cb:33:6d:7b:d3:
ea:08:b2:73:ab:97:c3:8f:02:27:ad:82:a0:2d:18:
b7:be:07:fa:df:34:4b:43:99:0f:4c:a5:b5:93:4c:
3f:e4:4e:e3:85:58:e0:27:c3:c7:ed:48:b8:ff:05:
44:a2:9a:f0:5e:9e:e3:e8:ae:81:d5:83:f8:b9:de:
a5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B2:5C:34:7D:82:D5:F9:BB:68:4D:96:5E:85:20:79:54:B1:EF:05
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/f7JcNH2C1fm7aE2WXoUgeVSx7wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2230::/44
Signature Algorithm: sha256WithRSAEncryption
38:36:74:f9:cb:a8:9b:e5:60:7a:9f:79:bb:6d:71:b6:9f:9f:
6e:99:64:47:2e:72:06:a6:56:de:14:64:51:34:4b:c1:d6:bf:
23:cc:0f:c3:a7:78:ca:17:75:6e:ab:bf:92:09:4d:4f:f4:2b:
7f:16:5c:3c:15:b1:21:cc:e2:c7:d0:dd:1d:bb:5b:e8:b7:c7:
39:98:84:c5:56:4b:10:b1:b6:e5:af:17:fa:f1:67:9d:28:fb:
e2:f7:e2:2f:6e:b5:83:de:1f:ad:5a:a2:14:94:e0:b1:80:f4:
5a:be:7c:97:b5:9c:fe:c1:4c:ae:48:d9:dd:06:54:2f:31:fa:
c3:38:78:18:31:e1:21:25:5b:13:10:82:3e:aa:c0:c1:09:40:
87:8e:38:c6:e7:bb:37:0c:ec:e4:8e:2b:3a:27:32:70:01:21:
b6:8d:63:0c:6a:4f:d2:b1:82:b6:9e:45:8b:d5:0b:99:21:88:
63:15:43:30:2f:69:f9:f1:66:e3:bd:aa:74:54:38:16:21:3f:
ff:93:98:14:ac:4f:7f:18:97:bb:45:34:bc:8b:b2:d1:55:b8:
c3:77:92:24:ac:68:d0:58:0f:f3:31:af:36:79:53:1c:6d:19:
1a:4d:7c:ab:d6:5e:75:a8:35:fd:75:24:cd:07:d2:35:be:0c:
49:7d:d0:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDPct8amAOeq8n+Lb7qfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmIyNWMzNDdkODJkNWY5YmI2ODRkOTY1ZTg1MjA3OTU0YjFlZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO1l6PiCQhTFrxiySOEGuxu8hgML
TvyDcaBet+OqJFmH5xSoS0A6By4gDqghmp/M4mLObUKiwGMn5P2/ADahO4xZkOfv
uIbEf3QUAanukqSX2BZfOavb39ahjoQokJxeKRguQpYhX8Wmz+edky19JoVSFnNt
PIQ6+ZhyE/HcUul8cmQ7vgYQUXao766z/t0Ppz8e9UnuuPoqxAj5gX04xiPry/qY
6QAbIC60wNUKI6lq+Dyl+aBrQVDyQZhTyzNte9PqCLJzq5fDjwInrYKgLRi3vgf6
3zRLQ5kPTKW1k0w/5E7jhVjgJ8PH7Ui4/wVEoprwXp7j6K6B1YP4ud6lpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH+yXDR9gtX5u2hNll6FIHlUse8FMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvZjdKY05IMkMxZm03YUUyV1hvVWdlVlN4N3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiIw
MA0GCSqGSIb3DQEBCwUAA4IBAQA4NnT5y6ib5WB6n3m7bXG2n59umWRHLnIGplbe
FGRRNEvB1r8jzA/Dp3jKF3Vuq7+SCU1P9Ct/Flw8FbEhzOLH0N0du1vot8c5mITF
VksQsbblrxf68WedKPvi9+IvbrWD3h+tWqIUlOCxgPRavnyXtZz+wUyuSNndBlQv
MfrDOHgYMeEhJVsTEII+qsDBCUCHjjjG57s3DOzkjis6JzJwASG2jWMMak/SsYK2
nkWL1QuZIYhjFUMwL2n58Wbjvap0VDgWIT//k5gUrE9/GJe7RTS8i7LRVbjDd5Ik
rGjQWA/zMa82eVMcbRkaTXyr1l51qDX9dSTNB9I1vgxJfdA4
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:18:23 2025 by rpki-client