Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/0d0d11-8b0c-4360-ac61-dab9f8ba8fb6/1/7zgJLwVmV842Ywy3l4oAYDOGp4w.roa
File: 7zgJLwVmV842Ywy3l4oAYDOGp4w.roa (raw, json)
Hash identifier: AYbt1RSDmpRQAXV9FrFAgJxWoMbfvxnjrtRy1sQLkRw=
Subject key identifier: EF:38:09:2F:05:66:57:CE:36:63:0C:B7:97:8A:00:60:33:86:A7:8C
Certificate issuer: /CN=da60f646bc7f488caf5ebdca8072c09d63f61a21
Certificate serial: 01942821442FA7829F2234CF34EAC1EA85AC
Authority key identifier: DA:60:F6:46:BC:7F:48:8C:AF:5E:BD:CA:80:72:C0:9D:63:F6:1A:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2mD2Rrx_SIyvXr3KgHLAnWP2GiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/0d0d11-8b0c-4360-ac61-dab9f8ba8fb6/1/7zgJLwVmV842Ywy3l4oAYDOGp4w.roa
Signing time: Thu 02 Jan 2025 17:47:36 +0000
ROA not before: Thu 02 Jan 2025 17:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204155
IP address blocks: 194.31.120.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:21:44:2f:a7:82:9f:22:34:cf:34:ea:c1:ea:85:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da60f646bc7f488caf5ebdca8072c09d63f61a21
Validity
Not Before: Jan 2 17:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef38092f056657ce36630cb7978a00603386a78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:58:1b:08:a0:c0:03:76:ab:eb:c4:24:a3:99:
6c:f3:49:c1:37:e7:40:40:9a:cc:55:db:ed:e5:f7:
a2:0c:01:6c:11:cd:bb:fc:1c:78:b2:82:37:9d:aa:
84:8b:ee:38:a9:25:37:2b:f2:a7:9f:c0:e4:67:a9:
01:cf:77:8c:96:d6:ab:b8:eb:44:a1:3d:da:c1:b8:
4f:04:aa:46:02:0e:f5:e4:1d:4e:4a:cf:e2:e9:f3:
11:2c:df:c1:8b:c1:9a:84:50:de:44:f8:7d:0f:0e:
a7:ad:a5:01:71:92:10:2c:d3:f1:c1:41:5c:db:d2:
62:28:a3:88:10:84:42:e9:02:4d:db:66:74:e0:d9:
9a:53:d2:d5:a7:d8:73:94:5d:7c:44:8a:05:20:26:
72:5e:4b:9d:87:e8:38:33:6f:72:b9:bd:ea:16:b0:
d0:1f:c9:ae:3c:3c:c0:7c:40:69:a0:6d:4a:a0:b7:
e8:7d:75:7d:f7:0d:e8:78:7d:c8:ce:63:ef:4a:a9:
a4:97:77:3c:46:5c:16:49:09:05:99:ec:f2:c7:81:
f4:0a:55:af:27:8f:ed:7f:43:1c:a0:35:7b:25:db:
da:a0:5f:80:be:e7:a1:40:fe:77:27:f5:64:7a:3c:
63:8d:93:6a:b0:c4:62:ca:da:ff:b1:9e:f2:6f:7e:
29:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:38:09:2F:05:66:57:CE:36:63:0C:B7:97:8A:00:60:33:86:A7:8C
X509v3 Authority Key Identifier:
keyid:DA:60:F6:46:BC:7F:48:8C:AF:5E:BD:CA:80:72:C0:9D:63:F6:1A:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mD2Rrx_SIyvXr3KgHLAnWP2GiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0d0d11-8b0c-4360-ac61-dab9f8ba8fb6/1/7zgJLwVmV842Ywy3l4oAYDOGp4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0d0d11-8b0c-4360-ac61-dab9f8ba8fb6/1/2mD2Rrx_SIyvXr3KgHLAnWP2GiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.120.0/21
Signature Algorithm: sha256WithRSAEncryption
60:ef:c5:5c:d3:ea:3a:d4:d6:df:f8:44:6e:93:b1:46:ab:02:
26:a1:38:ea:86:11:0d:f2:66:35:aa:40:f4:a3:92:4a:fd:26:
56:a5:51:68:d0:a5:f3:e1:3b:73:2c:3a:6a:15:af:45:0f:bd:
48:46:8b:47:3a:34:50:b2:71:46:35:76:04:7f:c6:90:6e:0d:
fa:6e:f4:4d:c4:f9:4f:d9:64:88:ad:79:a2:95:d5:d4:d8:e5:
36:46:85:3d:62:65:46:c5:cc:19:7c:13:38:e5:bc:ea:f8:e5:
a0:cc:fa:79:4d:58:46:d6:29:ca:29:e8:7a:9a:7f:c4:85:cf:
4c:34:e2:e9:f9:29:79:47:0b:89:9b:88:65:32:62:f6:6e:2b:
e7:a7:09:83:ed:31:0d:47:4c:1f:76:de:39:68:6d:70:3e:82:
ca:bc:3e:00:75:0d:25:85:2f:ee:93:71:a9:3d:97:cd:60:8b:
d6:70:12:da:78:85:ca:54:1b:88:17:7e:65:23:fa:93:0d:83:
8d:33:d4:df:e5:c5:ce:12:2d:7f:65:b1:14:d2:50:34:98:91:
29:65:5e:67:ae:de:ae:8a:c4:a4:5f:3a:73:f9:82:06:73:c8:
c8:d6:58:b5:f9:ed:a2:e8:3e:d7:e8:78:b1:fb:c0:bf:5a:56:
91:82:9f:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoIUQvp4KfIjTPNOrB6oWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjBmNjQ2YmM3ZjQ4OGNhZjVlYmRjYTgwNzJjMDlkNjNm
NjFhMjEwHhcNMjUwMTAyMTc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM4MDkyZjA1NjY1N2NlMzY2MzBjYjc5NzhhMDA2MDMzODZhNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFgbCKDAA3ar68Qko5ls80nBN+dA
QJrMVdvt5feiDAFsEc27/Bx4soI3naqEi+44qSU3K/Knn8DkZ6kBz3eMltaruOtE
oT3awbhPBKpGAg715B1OSs/i6fMRLN/Bi8GahFDeRPh9Dw6nraUBcZIQLNPxwUFc
29JiKKOIEIRC6QJN22Z04NmaU9LVp9hzlF18RIoFICZyXkudh+g4M29yub3qFrDQ
H8muPDzAfEBpoG1KoLfofXV99w3oeH3IzmPvSqmkl3c8RlwWSQkFmezyx4H0ClWv
J4/tf0McoDV7JdvaoF+AvuehQP53J/VkejxjjZNqsMRiytr/sZ7yb34pFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO84CS8FZlfONmMMt5eKAGAzhqeMMB8GA1UdIwQY
MBaAFNpg9ka8f0iMr169yoBywJ1j9hohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1EMlJyeF9TSXl2WHIzS2dITEFuV1AyR2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wZDBkMTEtOGIwYy00MzYwLWFjNjEt
ZGFiOWY4YmE4ZmI2LzEvN3pnSkx3Vm1WODQyWXd5M2w0b0FZRE9HcDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wZDBkMTEtOGIwYy00MzYwLWFjNjEtZGFiOWY4YmE4ZmI2
LzEvMm1EMlJyeF9TSXl2WHIzS2dITEFuV1AyR2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwh94MA0G
CSqGSIb3DQEBCwUAA4IBAQBg78Vc0+o61Nbf+ERuk7FGqwImoTjqhhEN8mY1qkD0
o5JK/SZWpVFo0KXz4TtzLDpqFa9FD71IRotHOjRQsnFGNXYEf8aQbg36bvRNxPlP
2WSIrXmildXU2OU2RoU9YmVGxcwZfBM45bzq+OWgzPp5TVhG1inKKeh6mn/Ehc9M
NOLp+Sl5RwuJm4hlMmL2bivnpwmD7TENR0wfdt45aG1wPoLKvD4AdQ0lhS/uk3Gp
PZfNYIvWcBLaeIXKVBuIF35lI/qTDYONM9Tf5cXOEi1/ZbEU0lA0mJEpZV5nrt6u
isSkXzpz+YIGc8jI1li1+e2i6D7X6Hix+8C/WlaRgp9o
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:12 2025 by rpki-client