Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/fUQV7hcWr8wDftL_A0d4dRPlV5Y.roa
File: fUQV7hcWr8wDftL_A0d4dRPlV5Y.roa (raw, json)
Hash identifier: W1gOWwQgZ2lfD/yK9uLmMV4EF6iXlGj32IeijexRu80=
Subject key identifier: 7D:44:15:EE:17:16:AF:CC:03:7E:D2:FF:03:47:78:75:13:E5:57:96
Certificate issuer: /CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Certificate serial: 019425FDB0AC1D64E2C39F8EAEEB3B6EF5C4
Authority key identifier: 70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/fUQV7hcWr8wDftL_A0d4dRPlV5Y.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211432
IP address blocks: 2a0f:6740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b0:ac:1d:64:e2:c3:9f:8e:ae:eb:3b:6e:f5:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7001e422227fa44cc5cb95d2a9dcce0fa5b89c07
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d4415ee1716afcc037ed2ff0347787513e55796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:86:a6:92:d7:c0:81:f0:12:47:71:66:5b:
68:97:e4:99:0a:44:01:c8:81:ab:27:c9:ac:ed:52:
1c:42:65:97:97:9c:c2:99:12:09:c6:e5:86:da:d6:
99:a3:ff:12:cc:da:50:6e:03:7d:a1:a1:bf:75:cf:
7c:6c:4d:f1:1b:d6:41:88:37:0e:cd:a6:1a:24:bb:
df:05:1e:ac:81:2f:62:d0:08:80:22:af:b0:58:a7:
31:57:e3:4a:c1:72:30:07:8c:1f:6f:35:de:a7:b4:
55:db:4f:69:d2:ea:0b:d0:4e:ad:5e:17:fc:53:f0:
16:51:14:52:68:c9:ea:94:2f:99:c9:9a:6c:a5:c5:
8a:33:be:86:d3:af:6b:61:8f:16:43:f1:a0:20:54:
48:5b:79:36:d3:4a:53:d1:66:ba:bb:f2:a9:73:19:
41:93:a5:80:e2:3c:48:b5:50:ba:03:12:90:ac:5a:
fd:74:59:2a:bd:09:30:11:e1:5c:12:fd:1e:ec:36:
9d:42:eb:f0:9d:c5:ac:f8:e1:88:45:b7:7b:cb:97:
70:0b:c7:40:49:df:33:db:dd:84:c1:d2:05:7c:66:
3f:2b:d3:fd:6b:8a:11:c7:ac:77:8d:d8:64:43:87:
1a:67:0b:ed:42:58:c1:5f:47:91:e3:44:f5:b4:d9:
12:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:44:15:EE:17:16:AF:CC:03:7E:D2:FF:03:47:78:75:13:E5:57:96
X509v3 Authority Key Identifier:
keyid:70:01:E4:22:22:7F:A4:4C:C5:CB:95:D2:A9:DC:CE:0F:A5:B8:9C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/fUQV7hcWr8wDftL_A0d4dRPlV5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/992d03-883b-404d-887e-f2435d5cf37b/1/cAHkIiJ_pEzFy5XSqdzOD6W4nAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6740::/29
Signature Algorithm: sha256WithRSAEncryption
87:fe:10:58:9d:b9:0e:00:4e:59:ea:cd:34:ec:08:5c:b9:36:
ab:1c:28:7c:39:c8:5a:f8:69:62:29:06:0c:e0:8f:63:42:74:
1c:09:f0:14:11:d3:b3:dc:da:50:11:45:8a:2b:45:5c:9c:5e:
a8:33:5b:ff:ed:01:43:2e:0b:dd:87:40:95:7a:a4:f2:f7:56:
06:52:f0:89:09:2e:c9:f1:a3:0f:30:3e:fd:61:c0:60:bf:c6:
cd:49:38:a6:2a:32:58:01:bc:d9:1a:00:da:d3:5e:bb:1c:b9:
35:a2:c9:68:e9:c8:67:14:d6:31:38:7a:fb:3c:55:58:8b:60:
db:01:49:57:ca:1f:df:4a:35:44:62:27:93:7f:06:6c:5d:b3:
db:19:92:25:b8:43:79:ba:b2:8c:a5:c1:8c:b0:6f:5e:d1:b0:
f2:ef:4d:3d:e6:0a:6f:0d:f1:82:bc:90:d1:80:47:8d:78:48:
22:ac:21:c6:1f:e9:22:3b:ff:cc:7c:b8:7d:1e:33:ed:00:95:
03:7e:7e:c4:a5:e1:61:df:82:fa:fb:c6:a5:d9:f9:16:56:e5:
38:1e:ff:c9:2b:7a:42:1e:f6:bf:53:46:3a:0d:4c:d5:38:54:
73:a9:ef:8e:50:3e:60:a6:50:b0:cf:c8:1f:5f:5a:bc:31:39:
a6:5b:6a:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/bCsHWTiw5+Orus7bvXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMDFlNDIyMjI3ZmE0NGNjNWNiOTVkMmE5ZGNjZTBmYTVi
ODljMDcwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQ0MTVlZTE3MTZhZmNjMDM3ZWQyZmYwMzQ3Nzg3NTEzZTU1Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoiGppLXwIHwEkdxZltol+SZCkQB
yIGrJ8ms7VIcQmWXl5zCmRIJxuWG2taZo/8SzNpQbgN9oaG/dc98bE3xG9ZBiDcO
zaYaJLvfBR6sgS9i0AiAIq+wWKcxV+NKwXIwB4wfbzXep7RV209p0uoL0E6tXhf8
U/AWURRSaMnqlC+ZyZpspcWKM76G069rYY8WQ/GgIFRIW3k200pT0Wa6u/KpcxlB
k6WA4jxItVC6AxKQrFr9dFkqvQkwEeFcEv0e7DadQuvwncWs+OGIRbd7y5dwC8dA
Sd8z292EwdIFfGY/K9P9a4oRx6x3jdhkQ4caZwvtQljBX0eR40T1tNkSOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH1EFe4XFq/MA37S/wNHeHUT5VeWMB8GA1UdIwQY
MBaAFHAB5CIif6RMxcuV0qnczg+luJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2Ut
ZjI0MzVkNWNmMzdiLzEvZlVRVjdoY1dyOHdEZnRMX0EwZDRkUlBsVjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85OTJkMDMtODgzYi00MDRkLTg4N2UtZjI0MzVkNWNmMzdi
LzEvY0FIa0lpSl9wRXpGeTVYU3Fkek9ENlc0bkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9nQDAN
BgkqhkiG9w0BAQsFAAOCAQEAh/4QWJ25DgBOWerNNOwIXLk2qxwofDnIWvhpYikG
DOCPY0J0HAnwFBHTs9zaUBFFiitFXJxeqDNb/+0BQy4L3YdAlXqk8vdWBlLwiQku
yfGjDzA+/WHAYL/GzUk4pioyWAG82RoA2tNeuxy5NaLJaOnIZxTWMTh6+zxVWItg
2wFJV8of30o1RGInk38GbF2z2xmSJbhDebqyjKXBjLBvXtGw8u9NPeYKbw3xgryQ
0YBHjXhIIqwhxh/pIjv/zHy4fR4z7QCVA35+xKXhYd+C+vvGpdn5FlblOB7/ySt6
Qh72v1NGOg1M1ThUc6nvjlA+YKZQsM/IH19avDE5pltqZA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:35:40 2025 by rpki-client