Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/7Hb0cxDKgEME9YU1nJ9t4uvfRA8.roa
File: 7Hb0cxDKgEME9YU1nJ9t4uvfRA8.roa (raw, json)
Hash identifier: AkQY9ppbVhy4tGFhPFQeNdZuvfoba48WrfFAMllJVEc=
Subject key identifier: EC:76:F4:73:10:CA:80:43:04:F5:85:35:9C:9F:6D:E2:EB:DF:44:0F
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 019425FD4F9F529D83C75194D623EAE3C014
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/7Hb0cxDKgEME9YU1nJ9t4uvfRA8.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22773
IP address blocks: 195.64.122.0/24 maxlen: 24
2a10:d505::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4f:9f:52:9d:83:c7:51:94:d6:23:ea:e3:c0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec76f47310ca804304f585359c9f6de2ebdf440f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:59:31:e0:bc:27:df:f6:f3:80:e3:74:3c:ce:
55:20:3f:68:29:0f:63:4d:c3:e5:f5:e4:52:af:5c:
89:96:c4:6e:cd:e6:a9:7c:e9:8f:59:15:52:6a:13:
08:c4:ce:1a:d0:20:af:a6:5b:80:03:cf:03:70:cc:
e2:95:c3:50:ed:48:34:01:ad:9f:3b:16:7f:ab:df:
97:6e:11:a7:22:2b:92:8c:b7:ea:02:b1:40:f4:4d:
77:d6:fa:ea:e7:59:8c:84:09:d9:73:e1:c5:a8:f0:
55:3d:68:6b:30:8f:c2:da:19:df:9b:df:dc:be:d7:
ad:cb:3d:df:18:a8:be:f3:1b:c4:b4:df:2c:bc:07:
79:ef:2e:7c:0c:79:c5:df:86:bc:cd:df:b3:5d:f6:
32:21:f4:3e:ca:b9:90:70:b9:7f:86:59:a2:27:50:
bf:b9:3d:01:6b:61:41:85:c8:92:e4:43:99:0d:71:
0f:a3:b9:ce:bb:0c:e9:54:18:5a:13:72:b5:59:31:
e0:0a:d3:a4:dd:3f:34:95:1a:e3:d7:f7:29:d9:ba:
6c:0b:e8:9d:58:10:5e:b4:4a:33:5b:44:c2:dc:aa:
90:a2:8f:de:41:fb:1a:9b:e0:7a:03:eb:3d:51:ff:
b1:2e:79:46:c0:df:b0:42:f3:c6:b6:8e:f4:b0:cc:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:76:F4:73:10:CA:80:43:04:F5:85:35:9C:9F:6D:E2:EB:DF:44:0F
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/7Hb0cxDKgEME9YU1nJ9t4uvfRA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.122.0/24
IPv6:
2a10:d505::/32
Signature Algorithm: sha256WithRSAEncryption
50:3e:2f:21:4d:0d:52:d2:9a:e1:56:47:3d:75:f1:85:f1:95:
5a:66:42:6a:a3:14:f2:31:9a:ef:e2:39:bd:a4:5a:b4:4b:49:
d0:a9:b9:00:ff:20:cf:4a:b7:3e:86:e4:f3:da:c5:30:a3:98:
16:6c:cb:49:88:c0:1d:50:e0:ed:f7:d1:31:11:69:ce:5c:4c:
7f:f4:3d:bd:9f:f6:d8:e4:44:13:a8:80:6e:50:0d:ba:6b:73:
39:dd:2b:df:51:e2:14:d9:ab:16:87:7a:f5:c1:89:f4:d8:a6:
79:1b:15:28:80:a5:9f:be:05:ae:52:40:d3:82:15:31:09:49:
5c:45:d6:e4:b6:bf:e5:6b:db:3b:a3:c9:77:a4:22:fc:dd:42:
5b:c3:08:d8:2d:4d:ed:06:a2:88:fc:e2:87:5c:3f:f1:eb:50:
67:30:ed:d9:84:15:d4:bb:6d:54:99:9c:20:00:a0:f2:da:26:
8f:31:33:79:a9:24:55:2e:a6:af:96:04:32:44:e5:8a:2f:09:
bd:58:2c:c1:d1:cd:31:d9:ac:5d:f7:17:59:a3:e0:a3:95:46:
6c:c7:82:e3:3e:da:b3:96:2d:c4:6c:3e:23:cf:1f:5e:19:43:
9d:95:51:96:38:eb:0d:68:0a:db:ea:94:70:2f:d9:1d:4a:18:
de:89:02:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/U+fUp2Dx1GU1iPq48AUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc2ZjQ3MzEwY2E4MDQzMDRmNTg1MzU5YzlmNmRlMmViZGY0NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlkx4Lwn3/bzgON0PM5VID9oKQ9j
TcPl9eRSr1yJlsRuzeapfOmPWRVSahMIxM4a0CCvpluAA88DcMzilcNQ7Ug0Aa2f
OxZ/q9+XbhGnIiuSjLfqArFA9E131vrq51mMhAnZc+HFqPBVPWhrMI/C2hnfm9/c
vtetyz3fGKi+8xvEtN8svAd57y58DHnF34a8zd+zXfYyIfQ+yrmQcLl/hlmiJ1C/
uT0Ba2FBhciS5EOZDXEPo7nOuwzpVBhaE3K1WTHgCtOk3T80lRrj1/cp2bpsC+id
WBBetEozW0TC3KqQoo/eQfsam+B6A+s9Uf+xLnlGwN+wQvPGto70sMyOjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOx29HMQyoBDBPWFNZyfbeLr30QPMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvN0hiMGN4REtnRU1FOVlVMW5KOXQ0dXZmUkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw0B6MA0E
AgACMAcDBQAqENUFMA0GCSqGSIb3DQEBCwUAA4IBAQBQPi8hTQ1S0prhVkc9dfGF
8ZVaZkJqoxTyMZrv4jm9pFq0S0nQqbkA/yDPSrc+huTz2sUwo5gWbMtJiMAdUODt
99ExEWnOXEx/9D29n/bY5EQTqIBuUA26a3M53SvfUeIU2asWh3r1wYn02KZ5GxUo
gKWfvgWuUkDTghUxCUlcRdbktr/la9s7o8l3pCL83UJbwwjYLU3tBqKI/OKHXD/x
61BnMO3ZhBXUu21UmZwgAKDy2iaPMTN5qSRVLqavlgQyROWKLwm9WCzB0c0x2axd
9xdZo+CjlUZsx4LjPtqzli3EbD4jzx9eGUOdlVGWOOsNaArb6pRwL9kdShjeiQLi
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:49 2025 by rpki-client