Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/7_ycmg0-2tzp7CIdo8gplL9a278.roa
File: 7_ycmg0-2tzp7CIdo8gplL9a278.roa (raw, json)
Hash identifier: XEoDI5Kr97fRLNGyRswSpfdzIPuYNKJgNWwTLw/sOpg=
Subject key identifier: EF:FC:9C:9A:0D:3E:DA:DC:E9:EC:22:1D:A3:C8:29:94:BF:5A:DB:BF
Certificate issuer: /CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Certificate serial: 019425FDAC534DF2D7D3C0DB93963F5F120C
Authority key identifier: BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/7_ycmg0-2tzp7CIdo8gplL9a278.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48590
IP address blocks: 195.70.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:53:4d:f2:d7:d3:c0:db:93:96:3f:5f:12:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=effc9c9a0d3edadce9ec221da3c82994bf5adbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:93:4b:31:62:17:8b:98:5c:8d:6b:d8:e3:
b9:c2:a7:89:63:b0:bf:89:6e:63:0f:9b:ef:a8:e2:
a1:35:b7:b3:62:6e:8f:00:59:e7:33:1c:b5:ab:e8:
6b:e9:b2:c6:ae:48:ec:72:10:2a:25:ab:2b:37:7f:
bc:35:c8:42:18:fd:10:21:2c:af:4e:6d:a2:b4:4b:
96:55:4c:8a:8f:63:5a:68:d3:67:08:74:9c:b2:0f:
91:ca:9d:f2:8c:09:9e:d6:ff:bf:fd:c2:c8:38:8b:
ba:69:4b:e3:0c:39:6d:1c:18:64:66:b3:1c:d0:e5:
3b:1a:0d:f7:d6:22:51:0a:d5:d9:46:ec:cd:64:c9:
29:69:62:74:0a:c1:de:90:e6:4d:a7:a6:25:7c:52:
a7:57:b1:7c:fc:36:d1:57:f3:ea:67:c9:9e:da:3c:
77:4c:9e:df:2a:54:d3:15:cd:0b:bc:49:39:88:74:
79:e4:63:93:22:be:54:10:70:d1:b0:d2:7c:28:68:
92:72:63:58:8c:81:dc:8a:64:74:73:bb:b8:32:1b:
22:b5:39:18:8b:79:a5:aa:8f:e1:d5:84:a9:f8:64:
2c:e1:b7:62:40:df:e6:f8:7f:a4:84:2a:7f:ba:b0:
31:4d:f2:68:b6:36:6b:6f:3f:71:00:3f:f4:7a:c4:
75:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FC:9C:9A:0D:3E:DA:DC:E9:EC:22:1D:A3:C8:29:94:BF:5A:DB:BF
X509v3 Authority Key Identifier:
keyid:BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/7_ycmg0-2tzp7CIdo8gplL9a278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.70.29.0/24
Signature Algorithm: sha256WithRSAEncryption
96:f8:68:0b:fa:55:67:02:5f:c5:67:d2:e1:a1:66:bc:cb:60:
c7:5c:45:38:97:c9:05:d5:3e:50:6d:98:4b:0b:40:4e:8b:a8:
9a:0c:ac:ef:33:f0:84:9a:d1:c0:7c:fb:10:83:f1:c0:98:a1:
27:26:bc:c6:83:ad:28:20:4d:df:3d:11:aa:fc:2c:d9:c8:cb:
b7:87:7b:ee:5c:a1:b4:cf:f8:df:46:1d:91:61:d0:28:bb:9a:
90:45:07:9e:0b:a7:62:42:52:71:50:28:41:ce:a3:16:01:fa:
8f:01:87:3c:1d:bd:18:16:11:5e:49:7f:66:db:1b:d5:80:cf:
5f:d2:05:4a:88:e2:33:7b:dc:57:06:77:a0:df:d6:7e:45:d1:
a6:d2:f4:ae:12:6d:92:df:98:ab:c9:a7:40:50:fe:fd:b6:bb:
49:00:eb:95:e2:c5:1c:24:9f:20:33:6f:96:8f:a4:41:6b:0b:
b3:92:8e:53:80:58:e8:81:37:6f:d8:eb:dd:0e:c1:6b:98:06:
46:52:1e:51:55:eb:cb:25:ea:7a:a4:b8:1d:f2:07:7b:c6:a3:
70:5f:f0:d0:d5:c2:9a:dc:b0:83:fb:84:01:a0:0c:ac:da:be:
77:d4:a9:c8:66:d7:da:d0:e1:c4:77:d5:18:1d:d7:9e:13:d5:
f3:03:73:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/axTTfLX08Dbk5Y/XxIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM1NDJkZDYzZmVkMjUwZGU1Y2I2NWY2ZWNhNDg3ZTdm
NDc4NDcwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZjOWM5YTBkM2VkYWRjZTllYzIyMWRhM2M4Mjk5NGJmNWFkYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa2TSzFiF4uYXI1r2OO5wqeJY7C/
iW5jD5vvqOKhNbezYm6PAFnnMxy1q+hr6bLGrkjschAqJasrN3+8NchCGP0QISyv
Tm2itEuWVUyKj2NaaNNnCHScsg+Ryp3yjAme1v+//cLIOIu6aUvjDDltHBhkZrMc
0OU7Gg331iJRCtXZRuzNZMkpaWJ0CsHekOZNp6YlfFKnV7F8/DbRV/PqZ8me2jx3
TJ7fKlTTFc0LvEk5iHR55GOTIr5UEHDRsNJ8KGiScmNYjIHcimR0c7u4MhsitTkY
i3mlqo/h1YSp+GQs4bdiQN/m+H+khCp/urAxTfJotjZrbz9xAD/0esR12wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/8nJoNPtrc6ewiHaPIKZS/Wtu/MB8GA1UdIwQY
MBaAFL/jVC3WP+0lDeXLZfbspIfn9HhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEt
OGQzYTZkMTY1ZGEzLzEvN195Y21nMC0ydHpwN0NJZG84Z3BsTDlhMjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEtOGQzYTZkMTY1ZGEz
LzEvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0YdMA0G
CSqGSIb3DQEBCwUAA4IBAQCW+GgL+lVnAl/FZ9LhoWa8y2DHXEU4l8kF1T5QbZhL
C0BOi6iaDKzvM/CEmtHAfPsQg/HAmKEnJrzGg60oIE3fPRGq/CzZyMu3h3vuXKG0
z/jfRh2RYdAou5qQRQeeC6diQlJxUChBzqMWAfqPAYc8Hb0YFhFeSX9m2xvVgM9f
0gVKiOIze9xXBneg39Z+RdGm0vSuEm2S35iryadAUP79trtJAOuV4sUcJJ8gM2+W
j6RBawuzko5TgFjogTdv2OvdDsFrmAZGUh5RVevLJep6pLgd8gd7xqNwX/DQ1cKa
3LCD+4QBoAys2r531KnIZtfa0OHEd9UYHdeeE9XzA3OV
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:05:37 2025 by rpki-client