Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/7zkL6is6uiT0K6jbnHgG4_foxLs.roa
File: 7zkL6is6uiT0K6jbnHgG4_foxLs.roa (raw, json)
Hash identifier: 7s5RovPfiSb41Rd6Pj/MwhULMmTO5+df4JKH36bwQEY=
Subject key identifier: EF:39:0B:EA:2B:3A:BA:24:F4:2B:A8:DB:9C:78:06:E3:F7:E8:C4:BB
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 0194228D7DDB042BAE058169D2CED89A264B
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/7zkL6is6uiT0K6jbnHgG4_foxLs.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5486
IP address blocks: 81.5.0.0/21 maxlen: 21
81.5.16.0/21 maxlen: 21
2001:40a8:2000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7d:db:04:2b:ae:05:81:69:d2:ce:d8:9a:26:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef390bea2b3aba24f42ba8db9c7806e3f7e8c4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:fd:d3:92:a0:55:6f:84:ec:f7:a7:3e:a8:
d1:ff:28:0f:97:78:5b:91:62:c1:62:14:86:e1:71:
46:84:8c:d1:e2:9b:f4:82:4c:ae:ca:56:71:58:eb:
43:85:6b:a9:56:9e:01:62:37:56:ea:57:36:b4:66:
dd:5a:3b:71:9d:0e:6a:40:30:91:fd:32:c9:1e:e7:
29:1b:26:bc:4f:39:41:75:d2:82:59:4b:8f:40:46:
65:a8:a6:b7:27:48:e8:fa:97:14:1b:f1:60:70:cc:
71:99:29:c6:6e:28:ea:ac:ea:dd:db:54:9f:78:05:
ec:72:fd:1e:77:59:52:a0:a4:3f:11:73:83:99:bc:
dd:2a:6e:9a:e2:cb:5d:14:37:fc:2d:4e:41:2c:b2:
c8:9b:1b:ef:d0:26:11:cb:42:38:d9:bb:f7:38:46:
a6:f6:76:f0:a3:73:9b:e6:48:97:0f:5e:11:de:52:
b0:45:a8:16:39:41:e7:fa:09:f9:5d:99:f9:66:98:
35:f8:f0:f8:a7:94:c0:9c:8e:6c:de:17:a2:91:4d:
3f:d6:50:21:25:38:85:56:48:f8:6f:50:3d:fc:94:
f0:9d:db:19:b6:7f:cf:2f:50:ba:18:3c:04:ef:86:
d4:c8:50:9d:dd:27:10:27:67:92:d4:26:cd:bf:8e:
be:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:39:0B:EA:2B:3A:BA:24:F4:2B:A8:DB:9C:78:06:E3:F7:E8:C4:BB
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/7zkL6is6uiT0K6jbnHgG4_foxLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.0.0/21
81.5.16.0/21
IPv6:
2001:40a8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
60:ba:0f:44:6d:2e:0e:d7:61:83:09:37:be:ae:bd:03:a4:3c:
fc:9f:a0:4c:eb:44:86:29:de:86:79:e6:8e:e2:98:bd:30:d9:
60:6d:48:24:f3:92:86:9b:a8:99:a7:83:b3:70:92:78:00:33:
a6:71:b2:af:fa:79:b1:bc:41:f1:a3:4e:90:f0:7b:c2:1b:83:
13:f9:31:13:0f:68:d5:b2:f3:b9:fa:e4:37:00:89:91:e4:30:
eb:6c:fe:2f:6e:fd:fb:a4:a1:c5:13:66:4e:4e:ff:67:ef:78:
cb:5c:81:ef:47:28:dc:69:d7:6d:ed:3f:c6:8d:86:81:46:ad:
04:e3:b2:a8:90:07:bb:0d:c0:f1:33:4f:e0:29:25:2f:4d:69:
db:cc:6d:26:8e:03:20:96:27:46:a1:58:09:8a:04:6d:38:d7:
ae:a2:f8:84:3d:b0:95:d0:29:02:74:a1:2a:2d:fe:9e:8e:5c:
7c:f1:33:42:a9:31:c0:8d:66:db:62:e9:1a:c5:4a:9c:39:25:
f7:fd:31:a1:fc:db:89:1d:66:24:b0:91:4f:1d:8f:6a:6f:1d:
38:9a:27:6d:ff:61:de:f8:d1:17:27:70:07:74:bc:1c:47:f9:
fd:cb:de:76:e7:0d:d1:f3:48:31:ba:cb:8f:ac:b1:f3:a7:6d:
bd:11:72:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQijX3bBCuuBYFp0s7YmiZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM5MGJlYTJiM2FiYTI0ZjQyYmE4ZGI5Yzc4MDZlM2Y3ZThjNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCz905KgVW+E7PenPqjR/ygPl3hb
kWLBYhSG4XFGhIzR4pv0gkyuylZxWOtDhWupVp4BYjdW6lc2tGbdWjtxnQ5qQDCR
/TLJHucpGya8TzlBddKCWUuPQEZlqKa3J0jo+pcUG/FgcMxxmSnGbijqrOrd21Sf
eAXscv0ed1lSoKQ/EXODmbzdKm6a4stdFDf8LU5BLLLImxvv0CYRy0I42bv3OEam
9nbwo3Ob5kiXD14R3lKwRagWOUHn+gn5XZn5Zpg1+PD4p5TAnI5s3heikU0/1lAh
JTiFVkj4b1A9/JTwndsZtn/PL1C6GDwE74bUyFCd3ScQJ2eS1CbNv46+3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO85C+orOrok9Cuo25x4BuP36MS7MB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xLzd6a0w2aXM2dWlUMEs2amJuSGdHNF9mb3hMcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBANRBQAD
BANRBRAwDgQCAAIwCAMGACABQKggMA0GCSqGSIb3DQEBCwUAA4IBAQBgug9EbS4O
12GDCTe+rr0DpDz8n6BM60SGKd6GeeaO4pi9MNlgbUgk85KGm6iZp4OzcJJ4ADOm
cbKv+nmxvEHxo06Q8HvCG4MT+TETD2jVsvO5+uQ3AImR5DDrbP4vbv37pKHFE2ZO
Tv9n73jLXIHvRyjcaddt7T/GjYaBRq0E47KokAe7DcDxM0/gKSUvTWnbzG0mjgMg
lidGoVgJigRtONeuoviEPbCV0CkCdKEqLf6ejlx88TNCqTHAjWbbYukaxUqcOSX3
/TGh/NuJHWYksJFPHY9qbx04midt/2He+NEXJ3AHdLwcR/n9y9525w3R80gxusuP
rLHzp229EXK8
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:14 2025 by rpki-client