Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/e7v6KfsQ42Ju_th6J-KjayhE0pc.roa
File: e7v6KfsQ42Ju_th6J-KjayhE0pc.roa (raw, json)
Hash identifier: 2QzdBlDL7vaApFGThIZoir4ZfxpYLQiDlB23vrYFa1A=
Subject key identifier: 7B:BB:FA:29:FB:10:E3:62:6E:FE:D8:7A:27:E2:A3:6B:28:44:D2:97
Certificate issuer: /CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
Certificate serial: 019424448907970F9C6C75991CE06C2C306F
Authority key identifier: AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/e7v6KfsQ42Ju_th6J-KjayhE0pc.roa
Signing time: Wed 01 Jan 2025 23:47:38 +0000
ROA not before: Wed 01 Jan 2025 23:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60645
IP address blocks: 185.32.4.0/22 maxlen: 22
2a04:3dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:89:07:97:0f:9c:6c:75:99:1c:e0:6c:2c:30:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
Validity
Not Before: Jan 1 23:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bbbfa29fb10e3626efed87a27e2a36b2844d297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:06:bc:7d:c3:c2:38:63:6e:0a:74:fc:c9:
24:a4:16:e9:33:e3:d1:10:49:a8:9d:8d:e1:3e:90:
bb:61:a0:7e:0c:27:f3:f3:4f:e6:dd:22:14:1d:b1:
8e:55:a8:e4:cd:74:5e:6c:4f:86:01:53:30:16:50:
1a:38:06:02:aa:6f:cc:d3:18:06:20:1c:70:c1:0f:
23:2c:53:ef:ed:9c:69:5b:fe:f1:da:cc:c5:dd:8e:
a7:9d:d7:2b:30:fc:27:3b:4c:95:72:df:8c:fe:79:
42:2c:46:8a:ec:62:6a:8b:a3:a3:b4:c5:7e:ab:ba:
d4:93:ab:76:40:ce:e1:5f:a8:c4:e3:d2:99:75:76:
b9:2d:3a:bd:1b:9f:71:88:71:a1:0c:33:0e:14:fc:
80:a2:c1:3c:c8:01:21:eb:ea:7a:94:ae:2b:a5:52:
f1:df:5c:5b:c8:9d:64:b3:a6:dd:84:69:6d:93:b7:
55:d7:a7:5d:7f:f0:b6:7f:6b:c7:b6:20:fc:26:38:
3e:9b:8b:f6:f8:5d:9d:dd:0a:60:5a:65:4e:3d:8e:
4a:3f:55:fd:e1:58:8d:d5:cf:df:be:f8:99:fd:bf:
c5:cd:21:92:6b:65:e1:7c:f4:21:0b:6c:7b:24:0c:
c4:dc:c4:bd:67:6d:c2:09:b9:97:75:90:60:8a:7e:
a9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:BB:FA:29:FB:10:E3:62:6E:FE:D8:7A:27:E2:A3:6B:28:44:D2:97
X509v3 Authority Key Identifier:
keyid:AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/e7v6KfsQ42Ju_th6J-KjayhE0pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.4.0/22
IPv6:
2a04:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
cc:07:11:d0:0b:41:6d:aa:f1:17:7c:3b:03:eb:b5:4b:77:e6:
c2:ae:aa:79:9f:a1:80:a6:94:42:39:63:db:59:e6:3f:f9:d3:
7c:db:9e:4f:b8:a5:89:62:9c:b0:78:4a:c7:f8:e0:81:89:99:
ab:b4:99:2a:d7:19:92:03:da:f9:30:95:8f:7b:30:ad:62:d8:
f0:c8:62:22:d9:1f:83:e9:a0:10:05:0b:ee:b0:41:00:00:77:
bd:c2:9f:1a:e7:e4:63:8d:dc:8e:ba:ba:03:d6:44:a4:c4:d3:
d7:41:13:d5:97:b8:bb:65:f9:d5:1a:77:91:2a:62:a4:54:c6:
8f:14:61:01:69:85:dd:f2:12:5a:33:2e:4d:93:35:30:52:41:
a4:7f:3f:11:8e:1c:4f:91:03:f7:d6:80:02:f4:56:ee:98:ca:
58:46:95:39:d1:93:82:d6:a2:04:e9:dd:bd:1d:1a:94:8e:24:
7e:b3:7d:62:8c:0b:4b:fc:8e:22:81:70:33:6a:6a:64:6e:9b:
e7:1a:94:b0:da:32:8b:72:b7:2a:b8:81:f6:75:b5:3d:49:ba:
1e:68:ef:35:82:b9:27:49:ee:77:d1:db:17:73:50:fe:43:6c:
ff:11:ea:7f:2a:a2:45:19:0a:f1:86:44:c1:66:2a:54:01:64:
f2:21:bd:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRIkHlw+cbHWZHOBsLDBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWEwYjljYzVjZThiZmQ5ZWUyNmQwOWQ3ZTkxMTUxYTQy
ZDM3MGQwHhcNMjUwMTAxMjM0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmJiZmEyOWZiMTBlMzYyNmVmZWQ4N2EyN2UyYTM2YjI4NDRkMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvUGvH3Dwjhjbgp0/MkkpBbpM+PR
EEmonY3hPpC7YaB+DCfz80/m3SIUHbGOVajkzXRebE+GAVMwFlAaOAYCqm/M0xgG
IBxwwQ8jLFPv7ZxpW/7x2szF3Y6nndcrMPwnO0yVct+M/nlCLEaK7GJqi6OjtMV+
q7rUk6t2QM7hX6jE49KZdXa5LTq9G59xiHGhDDMOFPyAosE8yAEh6+p6lK4rpVLx
31xbyJ1ks6bdhGltk7dV16ddf/C2f2vHtiD8Jjg+m4v2+F2d3QpgWmVOPY5KP1X9
4ViN1c/fvviZ/b/FzSGSa2XhfPQhC2x7JAzE3MS9Z23CCbmXdZBgin6pJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHu7+in7EONibv7Yeifio2soRNKXMB8GA1UdIwQY
MBaAFKwaC5zFzov9nuJtCdfpEVGkLTcNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMt
YWE3MzUzZDRkOThmLzEvZTd2Nktmc1E0Mkp1X3RoNkotS2pheWhFMHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMtYWE3MzUzZDRkOThm
LzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSAEMA0E
AgACMAcDBQMqBD3AMA0GCSqGSIb3DQEBCwUAA4IBAQDMBxHQC0FtqvEXfDsD67VL
d+bCrqp5n6GAppRCOWPbWeY/+dN8255PuKWJYpyweErH+OCBiZmrtJkq1xmSA9r5
MJWPezCtYtjwyGIi2R+D6aAQBQvusEEAAHe9wp8a5+RjjdyOuroD1kSkxNPXQRPV
l7i7ZfnVGneRKmKkVMaPFGEBaYXd8hJaMy5NkzUwUkGkfz8RjhxPkQP31oAC9Fbu
mMpYRpU50ZOC1qIE6d29HRqUjiR+s31ijAtL/I4igXAzampkbpvnGpSw2jKLcrcq
uIH2dbU9SboeaO81grknSe530dsXc1D+Q2z/Eep/KqJFGQrxhkTBZipUAWTyIb2R
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:46 2025 by rpki-client