Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/7sdmE5F3pe9bAPKXf0f9cnjhnG0.roa
File: 7sdmE5F3pe9bAPKXf0f9cnjhnG0.roa (raw, json)
Hash identifier: fYhVRjTbda7iEUSislvjMDJFaxgfGZj3hsK3i//5Xak=
Subject key identifier: EE:C7:66:13:91:77:A5:EF:5B:00:F2:97:7F:47:FD:72:78:E1:9C:6D
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 0194258E5EFAB75F8032B28CB3F08FAF711C
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/7sdmE5F3pe9bAPKXf0f9cnjhnG0.roa
Signing time: Thu 02 Jan 2025 05:47:54 +0000
ROA not before: Thu 02 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44922
IP address blocks: 2a03:400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:5e:fa:b7:5f:80:32:b2:8c:b3:f0:8f:af:71:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jan 2 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eec766139177a5ef5b00f2977f47fd7278e19c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:16:30:49:e3:1a:e9:bb:5e:a2:87:cc:5f:
00:a4:70:5d:2f:2f:22:22:3d:c1:01:dd:0e:f5:0b:
c1:a2:0b:a9:02:e9:b2:f3:65:85:79:3e:e4:e1:5c:
08:6d:5f:1c:5e:ca:4d:42:01:3a:38:d6:a2:64:92:
c1:2b:04:00:36:09:60:92:b4:d0:31:f5:24:17:0b:
9c:f2:81:2e:2b:dd:5c:ef:b7:b4:31:68:2a:1d:98:
12:f3:ef:19:01:a1:6b:d6:0d:e4:1c:7a:ae:15:49:
48:b9:72:32:7a:bd:77:11:c6:a5:79:83:2b:66:39:
be:10:fc:69:f9:02:13:ce:ea:de:41:37:88:91:f3:
d6:0e:9e:5b:1c:13:2e:09:4b:5c:26:4c:75:e8:a5:
2b:f2:32:e8:35:51:18:e6:ca:0b:ee:82:20:01:a6:
7b:18:ea:b1:a1:da:e6:5f:55:4a:c5:84:e5:96:91:
ce:eb:7e:00:93:fc:98:39:75:fd:0d:e8:bb:2c:8e:
4c:dd:89:c6:95:3f:36:e2:e6:f3:e2:37:ed:d5:65:
d0:23:1c:07:38:f5:13:89:5f:1b:c3:24:ae:3b:a6:
dc:a5:c9:21:9c:b1:db:ac:de:74:2e:1f:06:45:c4:
66:22:35:2a:d2:50:b7:81:b8:08:35:74:25:9a:62:
65:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C7:66:13:91:77:A5:EF:5B:00:F2:97:7F:47:FD:72:78:E1:9C:6D
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/7sdmE5F3pe9bAPKXf0f9cnjhnG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:400::/32
Signature Algorithm: sha256WithRSAEncryption
98:42:3a:99:6c:f1:80:28:cf:6d:a9:9d:20:a4:ce:a3:7b:9b:
67:b1:6c:5a:8b:2e:a1:4b:06:80:de:10:bc:6c:6d:1f:9e:74:
ab:d3:09:ae:fa:c1:3a:89:78:ec:d5:4f:62:54:3c:f9:06:b1:
72:5b:d9:5a:ea:9c:0a:99:4d:af:2e:e0:ba:e5:6d:c3:01:eb:
fb:49:08:0a:61:5e:b3:48:9c:80:71:68:d1:32:54:6e:12:d3:
4f:22:cc:aa:f6:f1:dd:b4:7f:ef:06:cb:40:44:5d:46:1d:df:
74:d9:8f:22:e3:44:e2:75:8a:9a:13:c2:4a:76:99:e4:ba:91:
01:c3:4c:77:ae:87:9c:0b:57:2d:47:8c:de:aa:a1:4f:34:ea:
03:c6:19:93:ff:59:23:1f:5f:58:58:23:59:d5:09:1a:79:f7:
85:89:8c:fd:9a:51:46:4b:10:5f:87:c1:bf:c9:58:27:fc:3e:
25:4d:37:11:5d:f1:04:55:79:2d:92:fa:62:d0:59:27:95:d0:
25:0c:0f:0d:8a:31:b1:00:70:02:ef:c9:6c:73:00:49:73:e6:
7c:f1:d9:09:b7:59:2b:35:65:fd:ee:ce:e5:d9:3f:33:f8:a8:
67:48:19:3e:e8:e5:ec:cc:3e:7d:30:04:c5:c1:94:af:b8:e0:
b5:18:e0:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQljl76t1+AMrKMs/CPr3EcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjUwMTAyMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM3NjYxMzkxNzdhNWVmNWIwMGYyOTc3ZjQ3ZmQ3Mjc4ZTE5YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxQWMEnjGum7XqKHzF8ApHBdLy8i
Ij3BAd0O9QvBogupAumy82WFeT7k4VwIbV8cXspNQgE6ONaiZJLBKwQANglgkrTQ
MfUkFwuc8oEuK91c77e0MWgqHZgS8+8ZAaFr1g3kHHquFUlIuXIyer13EcaleYMr
Zjm+EPxp+QITzureQTeIkfPWDp5bHBMuCUtcJkx16KUr8jLoNVEY5soL7oIgAaZ7
GOqxodrmX1VKxYTllpHO634Ak/yYOXX9Dei7LI5M3YnGlT824ubz4jft1WXQIxwH
OPUTiV8bwySuO6bcpckhnLHbrN50Lh8GRcRmIjUq0lC3gbgINXQlmmJl6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO7HZhORd6XvWwDyl39H/XJ44ZxtMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvN3NkbUU1RjNwZTliQVBLWGYwZjljbmpobkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgMEADAN
BgkqhkiG9w0BAQsFAAOCAQEAmEI6mWzxgCjPbamdIKTOo3ubZ7FsWosuoUsGgN4Q
vGxtH550q9MJrvrBOol47NVPYlQ8+QaxclvZWuqcCplNry7guuVtwwHr+0kICmFe
s0icgHFo0TJUbhLTTyLMqvbx3bR/7wbLQERdRh3fdNmPIuNE4nWKmhPCSnaZ5LqR
AcNMd66HnAtXLUeM3qqhTzTqA8YZk/9ZIx9fWFgjWdUJGnn3hYmM/ZpRRksQX4fB
v8lYJ/w+JU03EV3xBFV5LZL6YtBZJ5XQJQwPDYoxsQBwAu/JbHMASXPmfPHZCbdZ
KzVl/e7O5dk/M/ioZ0gZPujl7Mw+fTAExcGUr7jgtRjgOg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:52:09 2025 by rpki-client