Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/7aUyAKGiBP7HF5-Qks5RBaph-N0.roa
File: 7aUyAKGiBP7HF5-Qks5RBaph-N0.roa (raw, json)
Hash identifier: WIoUOPjPceExBj6wB8dtmqu0PiSWgy0DQPowl+9/rpg=
Subject key identifier: ED:A5:32:00:A1:A2:04:FE:C7:17:9F:90:92:CE:51:05:AA:61:F8:DD
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A16D4AC7E55BBB427942C0E3A0D7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/7aUyAKGiBP7HF5-Qks5RBaph-N0.roa
Signing time: Wed 01 Jan 2025 07:47:38 +0000
ROA not before: Wed 01 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10031
IP address blocks: 81.52.240.0/22 maxlen: 24
81.52.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a1:6d:4a:c7:e5:5b:bb:42:79:42:c0:e3:a0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eda53200a1a204fec7179f9092ce5105aa61f8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:bb:b6:fd:8f:29:58:71:01:ad:5d:4e:ba:
5f:01:cd:0b:53:1e:77:a0:5b:7a:0b:3e:62:cd:5d:
64:6f:32:de:8e:79:62:1f:36:bd:7d:07:cb:61:75:
32:f6:89:f5:da:83:69:f0:6a:e4:09:a2:60:1f:fb:
9f:c1:6f:1e:03:60:7c:73:76:48:14:a0:c9:12:0a:
02:ee:6a:c3:f5:ff:4c:df:90:e4:2e:25:e4:76:37:
b3:06:fc:dd:57:24:6e:a5:0a:b2:e6:f7:49:f9:36:
2f:22:22:7e:0d:af:73:3f:f5:7a:ea:81:48:21:a4:
9e:90:9f:f1:91:68:34:ec:7d:9e:01:f3:55:de:21:
6b:0e:08:60:26:ab:78:f4:91:ce:fc:f7:50:b7:d1:
94:1f:c0:02:f0:7f:29:ab:fd:26:b1:83:b2:22:45:
d6:76:48:05:19:0e:03:fc:83:5b:b4:b9:b2:9f:a0:
9d:3b:b2:0f:41:bc:8e:86:b4:6a:dc:1e:b2:b5:ed:
6c:10:96:82:86:e2:a1:3e:20:11:c0:02:41:f4:52:
5a:db:19:0c:ff:63:17:c6:76:1a:91:ce:b6:32:49:
cf:3f:0b:55:61:c6:21:e5:90:05:e7:41:f0:61:f4:
8a:ab:28:79:3e:7f:5c:28:7a:f9:2d:2a:87:4a:ab:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A5:32:00:A1:A2:04:FE:C7:17:9F:90:92:CE:51:05:AA:61:F8:DD
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/7aUyAKGiBP7HF5-Qks5RBaph-N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.240.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:2d:77:a7:3f:17:36:e4:17:36:3f:ce:be:8e:3f:4a:9e:21:
d6:36:62:a5:b3:e5:f2:fa:50:27:cc:44:77:4e:97:cf:67:83:
bc:b2:b0:09:5f:c6:b0:53:f5:86:1c:66:e7:1d:66:eb:29:63:
d0:69:94:74:55:be:c3:95:a1:7c:3b:4e:fb:ca:49:db:61:0e:
d9:c9:bc:4c:e7:8a:52:68:30:78:89:e1:22:cd:5d:be:12:eb:
b3:89:7a:1d:5d:3d:47:4b:86:b2:9f:17:dc:76:73:bb:df:cf:
a8:99:88:5a:09:10:28:81:d0:a6:19:57:c0:ba:21:f4:05:13:
5d:91:eb:d5:cf:4c:65:00:84:1a:2c:92:77:01:81:34:ee:fa:
a6:bc:01:80:20:59:4d:85:80:2a:23:56:e9:46:8d:56:51:b4:
3a:d2:73:72:8d:7c:1e:ca:87:a8:e3:87:b8:20:6e:e6:a1:d2:
d3:9c:00:a4:33:cf:49:c2:a9:d8:19:4b:68:4e:f5:b2:f8:90:
37:31:a8:f5:f4:60:cb:81:19:03:2b:8f:de:0a:bd:54:17:a4:
fc:8f:29:a8:2f:60:9c:cd:30:24:3d:2c:e8:ee:70:72:da:7b:
63:6e:5c:47:8e:b5:d4:ae:f8:c3:62:e4:d9:e5:c5:3f:c7:b9:
63:f8:36:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1aFtSsflW7tCeULA46DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE1MzIwMGExYTIwNGZlYzcxNzlmOTA5MmNlNTEwNWFhNjFmOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfO7tv2PKVhxAa1dTrpfAc0LUx53
oFt6Cz5izV1kbzLejnliHza9fQfLYXUy9on12oNp8GrkCaJgH/ufwW8eA2B8c3ZI
FKDJEgoC7mrD9f9M35DkLiXkdjezBvzdVyRupQqy5vdJ+TYvIiJ+Da9zP/V66oFI
IaSekJ/xkWg07H2eAfNV3iFrDghgJqt49JHO/PdQt9GUH8AC8H8pq/0msYOyIkXW
dkgFGQ4D/INbtLmyn6CdO7IPQbyOhrRq3B6yte1sEJaChuKhPiARwAJB9FJa2xkM
/2MXxnYakc62MknPPwtVYcYh5ZAF50HwYfSKqyh5Pn9cKHr5LSqHSqtn/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2lMgChogT+xxefkJLOUQWqYfjdMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvN2FVeUFLR2lCUDdIRjUtUWtzNVJCYXBoLU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUTTwMA0G
CSqGSIb3DQEBCwUAA4IBAQCrLXenPxc25Bc2P86+jj9KniHWNmKls+Xy+lAnzER3
TpfPZ4O8srAJX8awU/WGHGbnHWbrKWPQaZR0Vb7DlaF8O077yknbYQ7ZybxM54pS
aDB4ieEizV2+EuuziXodXT1HS4aynxfcdnO738+omYhaCRAogdCmGVfAuiH0BRNd
kevVz0xlAIQaLJJ3AYE07vqmvAGAIFlNhYAqI1bpRo1WUbQ60nNyjXweyoeo44e4
IG7modLTnACkM89JwqnYGUtoTvWy+JA3Maj19GDLgRkDK4/eCr1UF6T8jymoL2Cc
zTAkPSzo7nBy2ntjblxHjrXUrvjDYuTZ5cU/x7lj+Dba
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:22 2025 by rpki-client