Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7-aoBcf0QDgePIqwd31J4c1NsHw.roa
File: 7-aoBcf0QDgePIqwd31J4c1NsHw.roa (raw, json)
Hash identifier: u0S7bL0mlzAxAAvOZb7Qq9BJwIw+5PABmovZM7K6daY=
Subject key identifier: EF:E6:A8:05:C7:F4:40:38:1E:3C:8A:B0:77:7D:49:E1:CD:4D:B0:7C
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0193F779591C244D22FDE5E53504EF399962
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7-aoBcf0QDgePIqwd31J4c1NsHw.roa
Signing time: Tue 24 Dec 2024 07:02:25 +0000
ROA not before: Tue 24 Dec 2024 07:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212177
IP address blocks: 128.0.117.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:79:59:1c:24:4d:22:fd:e5:e5:35:04:ef:39:99:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Dec 24 07:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efe6a805c7f440381e3c8ab0777d49e1cd4db07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4d:11:48:c0:6e:c7:09:c5:3a:d1:df:84:d0:
d9:e5:86:71:ac:5b:3f:cb:9a:36:06:e9:94:f7:8c:
78:9c:80:a7:eb:16:15:d3:c7:8b:98:5b:19:22:8f:
ee:0e:4b:23:c6:c2:db:41:87:8c:92:cf:3e:1d:7c:
82:9c:39:df:40:9f:9b:13:84:13:8b:5a:09:40:73:
07:28:71:3e:c2:ab:bd:73:f8:fb:85:0e:38:fa:81:
8a:ec:a0:21:2b:9e:83:0f:94:51:fd:59:f9:a2:8f:
0e:3e:3c:18:5f:da:d8:de:8e:7b:ec:d5:4c:da:a1:
8a:b1:8c:d0:ab:8c:fb:aa:28:f5:d5:bd:21:60:da:
e0:4b:9f:ab:44:f7:68:dc:37:a3:6f:c5:dd:ea:91:
ab:a6:63:f8:e2:10:99:30:ff:d1:85:d6:41:87:28:
a3:48:42:8c:d5:bd:d2:c9:54:41:2e:90:cd:1c:e8:
52:e6:7c:f1:5a:5e:dd:9b:a2:9a:4d:7f:58:d3:60:
f6:ba:fa:0a:ab:1f:b5:01:71:fa:59:65:83:6e:2d:
f8:49:da:be:e1:f0:c5:4b:c4:1c:1d:a9:57:3d:80:
23:34:f8:ab:44:bb:6d:55:da:d6:04:5f:cc:15:37:
cc:0b:b2:00:73:f5:04:d3:90:8d:0a:8c:e8:98:f2:
43:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E6:A8:05:C7:F4:40:38:1E:3C:8A:B0:77:7D:49:E1:CD:4D:B0:7C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7-aoBcf0QDgePIqwd31J4c1NsHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.117.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:74:3c:03:5e:f9:cb:76:7b:91:3e:4d:ad:fa:83:c0:4c:da:
92:9b:73:c6:94:f9:20:93:18:30:d1:ee:f8:85:51:53:ed:3e:
ed:04:95:fe:87:c5:9a:ae:3f:6b:45:19:02:2b:bd:5d:ab:1b:
9b:f7:81:66:b7:b0:aa:e3:96:6b:88:32:cc:36:17:73:16:22:
8b:ae:54:e4:08:08:c0:2c:95:a3:ef:74:00:10:7f:df:87:32:
84:90:67:91:75:39:64:fc:f0:c7:0f:e5:15:8d:03:ee:91:da:
76:52:57:5f:b2:50:b9:ca:dd:4e:d1:22:a0:3d:49:b3:b8:15:
1a:ad:1c:b3:f6:19:e7:57:73:f6:46:01:8f:08:12:df:07:eb:
0c:ae:80:d9:92:32:64:32:a7:58:a2:47:76:bc:b2:8a:aa:5d:
6f:75:c1:0d:38:5b:79:28:57:ce:f8:1b:22:79:8a:9d:af:47:
cc:87:75:6f:c8:e9:24:f2:df:82:22:cc:a0:c1:e2:ee:c7:70:
94:70:ce:51:e0:46:5d:4d:93:79:00:5d:43:56:74:53:d8:c9:
29:09:5d:9c:c3:2a:59:d1:51:f9:3a:03:34:2b:0b:bc:ee:20:
83:37:bb:db:f3:05:03:db:c3:0e:18:07:ff:fd:25:cb:3e:1f:
0c:bc:2c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP3eVkcJE0i/eXlNQTvOZliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQxMjI0MDcwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU2YTgwNWM3ZjQ0MDM4MWUzYzhhYjA3NzdkNDllMWNkNGRiMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU0RSMBuxwnFOtHfhNDZ5YZxrFs/
y5o2BumU94x4nICn6xYV08eLmFsZIo/uDksjxsLbQYeMks8+HXyCnDnfQJ+bE4QT
i1oJQHMHKHE+wqu9c/j7hQ44+oGK7KAhK56DD5RR/Vn5oo8OPjwYX9rY3o577NVM
2qGKsYzQq4z7qij11b0hYNrgS5+rRPdo3Dejb8Xd6pGrpmP44hCZMP/RhdZBhyij
SEKM1b3SyVRBLpDNHOhS5nzxWl7dm6KaTX9Y02D2uvoKqx+1AXH6WWWDbi34Sdq+
4fDFS8QcHalXPYAjNPirRLttVdrWBF/MFTfMC7IAc/UE05CNCozomPJDQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/mqAXH9EA4HjyKsHd9SeHNTbB8MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNy1hb0JjZjBRRGdlUElxd2QzMUo0YzFOc0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAB1MA0G
CSqGSIb3DQEBCwUAA4IBAQBrdDwDXvnLdnuRPk2t+oPATNqSm3PGlPkgkxgw0e74
hVFT7T7tBJX+h8Warj9rRRkCK71dqxub94Fmt7Cq45ZriDLMNhdzFiKLrlTkCAjA
LJWj73QAEH/fhzKEkGeRdTlk/PDHD+UVjQPukdp2UldfslC5yt1O0SKgPUmzuBUa
rRyz9hnnV3P2RgGPCBLfB+sMroDZkjJkMqdYokd2vLKKql1vdcENOFt5KFfO+Bsi
eYqdr0fMh3VvyOkk8t+CIsygweLux3CUcM5R4EZdTZN5AF1DVnRT2MkpCV2cwypZ
0VH5OgM0Kwu87iCDN7vb8wUD28MOGAf//SXLPh8MvCw5
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:29 2025 by rpki-client