Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7g4KdSk0oMEt3rH3ZJ8R3dxMTi0.roa
File: 7g4KdSk0oMEt3rH3ZJ8R3dxMTi0.roa (raw, json)
Hash identifier: lxHXvphbzHFD8HzCFhMpWZbKa/TJm7QEqeDzMizn4WU=
Subject key identifier: EE:0E:0A:75:29:34:A0:C1:2D:DE:B1:F7:64:9F:11:DD:DC:4C:4E:2D
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019424452A06E22CDF6F6327FA7CDB988CB9
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7g4KdSk0oMEt3rH3ZJ8R3dxMTi0.roa
Signing time: Wed 01 Jan 2025 23:48:20 +0000
ROA not before: Wed 01 Jan 2025 23:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 2a11:b787::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2a:06:e2:2c:df:6f:63:27:fa:7c:db:98:8c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jan 1 23:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee0e0a752934a0c12ddeb1f7649f11dddc4c4e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8e:0a:d9:bb:70:2a:a6:f8:24:ed:94:d4:b1:
69:ac:b3:ce:56:1c:37:1b:3e:6f:ca:b8:35:21:53:
43:b5:2f:8f:8b:16:9a:d0:93:34:3a:0c:69:90:e2:
bb:04:45:4f:83:73:61:97:5d:b1:d4:c5:df:3c:b0:
7b:67:f8:10:a2:23:d6:44:1f:ae:94:c4:98:1d:93:
4c:cc:da:f0:eb:52:db:ae:54:03:eb:2d:03:b5:b6:
e0:dc:21:7d:be:0f:23:2d:f8:9a:5c:9e:0f:e3:72:
c5:c5:76:23:c3:56:da:5e:fe:b4:05:2a:3f:e8:a3:
ea:9f:e4:1f:20:ac:0b:cb:d7:89:38:ef:09:8a:03:
67:49:1f:94:0f:4a:2a:77:3f:73:03:46:c6:b8:6e:
19:26:54:c6:08:4e:dd:fe:48:00:db:cd:af:44:79:
6d:73:9c:45:d8:45:87:d6:23:69:b2:39:b0:c9:41:
8b:93:73:5f:ec:ab:6a:74:95:07:16:14:65:04:1a:
97:8d:a9:34:c8:e4:10:fb:2c:6a:c3:3b:e6:8e:cb:
ed:bd:a9:15:e2:86:31:21:35:1d:f0:c5:1a:0d:89:
be:60:c5:5b:6b:eb:2e:75:24:f7:7e:00:99:26:7d:
2e:42:59:60:02:90:02:25:c7:6d:cd:d6:6a:14:26:
c5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:0E:0A:75:29:34:A0:C1:2D:DE:B1:F7:64:9F:11:DD:DC:4C:4E:2D
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/7g4KdSk0oMEt3rH3ZJ8R3dxMTi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b787::/32
Signature Algorithm: sha256WithRSAEncryption
34:ae:b6:ba:8c:54:f7:87:74:88:47:80:61:47:92:98:3a:a8:
51:79:af:e4:a1:29:45:84:a4:4d:c8:1a:80:87:33:7c:80:d1:
ed:8a:a2:c6:00:84:3a:6a:8b:15:78:69:af:1c:15:0c:c1:ef:
71:9a:e4:13:46:15:87:76:98:ab:d0:67:6a:8d:3a:bc:87:78:
69:11:bb:10:bb:a4:a0:bd:65:a9:74:61:dd:62:09:4f:56:4e:
a9:f4:c5:78:9a:28:7c:eb:d0:70:3b:d5:57:8a:89:a5:d2:e5:
cd:2f:a7:e7:06:17:88:64:14:05:e7:50:4e:16:86:be:da:bb:
76:fc:00:65:00:c4:31:53:66:ec:f5:25:65:55:f9:60:a2:18:
c4:c3:9e:c6:55:75:fe:62:1a:55:0c:25:27:71:6c:95:a0:ee:
57:d6:da:93:83:f2:01:e3:70:be:84:ee:b8:a0:81:84:00:08:
d5:d7:24:1a:f4:28:da:63:b0:f0:e4:92:1c:ae:56:f9:59:2b:
0a:fe:d3:2d:2d:0d:de:ff:54:3e:61:08:07:c2:0e:01:7d:39:
6d:0d:0b:cc:38:85:8b:8c:ed:94:5c:59:d2:43:5f:3b:0a:9a:
cd:24:9d:08:56:93:37:ac:1c:65:ea:98:87:da:d2:31:b3:cf:
36:e5:69:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRSoG4izfb2Mn+nzbmIy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMTAxMjM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTBlMGE3NTI5MzRhMGMxMmRkZWIxZjc2NDlmMTFkZGRjNGM0ZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y4K2btwKqb4JO2U1LFprLPOVhw3
Gz5vyrg1IVNDtS+Pixaa0JM0OgxpkOK7BEVPg3Nhl12x1MXfPLB7Z/gQoiPWRB+u
lMSYHZNMzNrw61LbrlQD6y0Dtbbg3CF9vg8jLfiaXJ4P43LFxXYjw1baXv60BSo/
6KPqn+QfIKwLy9eJOO8JigNnSR+UD0oqdz9zA0bGuG4ZJlTGCE7d/kgA282vRHlt
c5xF2EWH1iNpsjmwyUGLk3Nf7KtqdJUHFhRlBBqXjak0yOQQ+yxqwzvmjsvtvakV
4oYxITUd8MUaDYm+YMVba+sudST3fgCZJn0uQllgApACJcdtzdZqFCbFfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO4OCnUpNKDBLd6x92SfEd3cTE4tMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvN2c0S2RTazBvTUV0M3JIM1pKOFIzZHhNVGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhG3hzAN
BgkqhkiG9w0BAQsFAAOCAQEANK62uoxU94d0iEeAYUeSmDqoUXmv5KEpRYSkTcga
gIczfIDR7YqixgCEOmqLFXhprxwVDMHvcZrkE0YVh3aYq9Bnao06vId4aRG7ELuk
oL1lqXRh3WIJT1ZOqfTFeJoofOvQcDvVV4qJpdLlzS+n5wYXiGQUBedQThaGvtq7
dvwAZQDEMVNm7PUlZVX5YKIYxMOexlV1/mIaVQwlJ3FslaDuV9bak4PyAeNwvoTu
uKCBhAAI1dckGvQo2mOw8OSSHK5W+VkrCv7TLS0N3v9UPmEIB8IOAX05bQ0LzDiF
i4ztlFxZ0kNfOwqazSSdCFaTN6wcZeqYh9rSMbPPNuVpLA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:28:00 2025 by rpki-client