Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/7fvFmCf70OoyCtjW6q-YAjjiptE.roa
File: 7fvFmCf70OoyCtjW6q-YAjjiptE.roa (raw, json)
Hash identifier: lD6p2V3Fh7qOAiBluHoM70XX68qSFbEeobI0lYUOj4E=
Subject key identifier: ED:FB:C5:98:27:FB:D0:EA:32:0A:D8:D6:EA:AF:98:02:38:E2:A6:D1
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 019424B3CE11A61F0BE5C35ECB4D21EBB5A2
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/7fvFmCf70OoyCtjW6q-YAjjiptE.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34685
IP address blocks: 2a01:7f0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ce:11:a6:1f:0b:e5:c3:5e:cb:4d:21:eb:b5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edfbc59827fbd0ea320ad8d6eaaf980238e2a6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:e4:ba:f7:82:60:69:72:12:02:40:8a:34:
76:a3:03:36:45:dd:3a:0a:1e:e9:f0:ad:ab:81:97:
3d:46:8d:31:09:ae:c9:2d:8c:f0:83:31:03:bc:cf:
a1:0d:79:78:8a:3a:d1:85:81:7f:2e:8a:a1:56:0d:
d4:70:3e:6e:ad:a6:4a:5d:6e:7f:6b:dc:47:21:5d:
04:e1:e4:e0:b4:4a:ab:f8:fe:70:e0:8a:9d:2a:28:
12:00:92:0a:47:c8:03:ae:65:8a:49:81:23:9a:5e:
b2:16:08:e0:99:11:83:7a:a9:ef:ef:e5:e4:ff:3d:
60:9a:1e:9a:48:3e:60:55:ed:28:81:ee:54:ca:3b:
0e:28:7a:41:05:76:e1:3e:00:7f:17:cf:5f:5c:64:
84:0f:84:54:f3:19:cc:30:c0:4e:5c:f2:29:58:b5:
cc:de:9a:dc:bf:2f:8f:61:e5:8d:cd:fa:29:a0:73:
29:4a:2c:0e:27:06:d3:9c:38:7a:4f:7e:00:dd:de:
e5:8b:13:d2:3c:06:a9:03:07:33:33:6a:3b:48:1d:
2d:d8:7a:1e:d3:59:a7:24:c4:59:f5:4c:f1:72:6f:
a8:5c:b1:e4:41:cf:28:d9:46:46:ee:58:05:1a:8d:
48:14:61:49:66:48:7e:97:de:04:3b:21:b5:19:5b:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FB:C5:98:27:FB:D0:EA:32:0A:D8:D6:EA:AF:98:02:38:E2:A6:D1
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/7fvFmCf70OoyCtjW6q-YAjjiptE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:3d:6c:10:37:4a:06:1c:79:40:9a:de:e7:a7:34:38:b5:12:
41:a0:1c:02:b7:f2:67:20:4b:dd:f7:f8:7d:17:c2:37:2f:79:
ed:ba:fb:88:f1:60:6b:3f:f1:8b:c8:66:a9:d9:a5:06:e0:1d:
31:00:1c:b1:00:69:4c:8c:19:b8:aa:09:88:09:ce:b2:89:de:
f3:63:e8:68:e1:a1:ec:5a:91:12:08:3d:d8:6f:42:05:8f:b4:
b2:42:ee:6f:be:01:27:7c:ec:d8:f6:19:42:fb:09:7d:8c:61:
42:5d:73:27:3e:4e:6b:25:12:a7:ec:57:23:b1:60:ed:a0:6b:
22:b8:1f:12:c6:0a:b6:3e:7d:1a:95:af:a0:18:01:7e:d1:64:
4d:94:e8:27:62:27:95:10:9e:c3:8c:79:09:d3:15:9d:3a:3c:
7c:b8:6e:6d:bf:e4:6d:85:8b:dd:1d:df:07:19:c4:01:f5:2c:
63:9d:1c:8c:d0:3e:83:da:02:aa:c7:e4:46:9a:56:55:56:8f:
50:91:cc:c5:14:b4:4f:30:25:88:0e:c8:6f:87:2f:e2:29:15:
82:3e:0c:1c:4f:9a:73:96:fe:55:79:d0:26:64:63:d8:72:e6:
77:c1:76:63:26:9e:6d:e3:3b:cd:32:7c:40:99:99:23:55:31:
63:78:d9:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks84Rph8L5cNey00h67WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGZiYzU5ODI3ZmJkMGVhMzIwYWQ4ZDZlYWFmOTgwMjM4ZTJhNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKDkuveCYGlyEgJAijR2owM2Rd06
Ch7p8K2rgZc9Ro0xCa7JLYzwgzEDvM+hDXl4ijrRhYF/LoqhVg3UcD5uraZKXW5/
a9xHIV0E4eTgtEqr+P5w4IqdKigSAJIKR8gDrmWKSYEjml6yFgjgmRGDeqnv7+Xk
/z1gmh6aSD5gVe0oge5UyjsOKHpBBXbhPgB/F89fXGSED4RU8xnMMMBOXPIpWLXM
3prcvy+PYeWNzfopoHMpSiwOJwbTnDh6T34A3d7lixPSPAapAwczM2o7SB0t2Hoe
01mnJMRZ9Uzxcm+oXLHkQc8o2UZG7lgFGo1IFGFJZkh+l94EOyG1GVs+bwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO37xZgn+9DqMgrY1uqvmAI44qbRMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvN2Z2Rm1DZjcwT295Q3RqVzZxLVlBamppcHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEH8DAN
BgkqhkiG9w0BAQsFAAOCAQEAbj1sEDdKBhx5QJre56c0OLUSQaAcArfyZyBL3ff4
fRfCNy957br7iPFgaz/xi8hmqdmlBuAdMQAcsQBpTIwZuKoJiAnOsone82PoaOGh
7FqREgg92G9CBY+0skLub74BJ3zs2PYZQvsJfYxhQl1zJz5OayUSp+xXI7Fg7aBr
IrgfEsYKtj59GpWvoBgBftFkTZToJ2InlRCew4x5CdMVnTo8fLhubb/kbYWL3R3f
BxnEAfUsY50cjNA+g9oCqsfkRppWVVaPUJHMxRS0TzAliA7Ib4cv4ikVgj4MHE+a
c5b+VXnQJmRj2HLmd8F2YyaebeM7zTJ8QJmZI1UxY3jZ7g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:14 2025 by rpki-client