Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/7HURvuFRaYZYnwIH2DSK4T-x3gU.roa
File: 7HURvuFRaYZYnwIH2DSK4T-x3gU.roa (raw, json)
Hash identifier: NsG/h0fr4qR5VPlxmLrwHXWuRJJbqeq450TgHXrIdyk=
Subject key identifier: EC:75:11:BE:E1:51:69:86:58:9F:02:07:D8:34:8A:E1:3F:B1:DE:05
Certificate issuer: /CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Certificate serial: 01941F8CA2598B6AFA0DACE9E72A57C47C01
Authority key identifier: E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/7HURvuFRaYZYnwIH2DSK4T-x3gU.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202194
IP address blocks: 2a04:c000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a2:59:8b:6a:fa:0d:ac:e9:e7:2a:57:c4:7c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec7511bee1516986589f0207d8348ae13fb1de05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5b:cb:aa:8e:f4:f6:92:15:16:13:b0:10:6a:
77:e8:8f:fa:a9:7e:95:3e:3b:86:a2:7d:c8:2a:34:
92:a4:28:15:58:66:93:e9:f1:05:98:ee:f2:15:af:
7f:e8:55:5b:5c:a2:13:a0:03:12:90:d1:39:19:66:
3c:08:50:7a:4f:df:95:d3:3e:e9:22:00:42:9f:81:
75:52:c4:d5:57:08:0b:5a:cf:2f:c1:4a:02:2d:81:
42:58:34:c7:bf:b1:1a:78:c2:90:24:88:fe:5f:6a:
cf:d8:19:fd:10:ae:1f:47:63:05:84:02:6a:7f:c8:
75:16:5a:fc:a3:82:bd:13:84:06:d4:f6:73:3b:a3:
c1:4b:be:df:e3:af:bf:0c:af:3d:94:06:e5:31:00:
c8:78:fc:16:13:13:35:05:f4:ef:1d:69:fa:fc:00:
f3:44:26:ba:9a:0e:03:5f:ed:b8:09:83:fe:88:27:
b4:25:b5:ac:71:06:d9:dd:71:bf:d8:30:cc:3b:63:
03:ab:c8:90:e5:e0:03:8e:31:34:11:c2:6c:05:74:
8c:a0:be:f8:54:14:2f:46:1b:48:b7:cc:fc:0f:b6:
be:30:3a:50:43:b7:31:f0:c9:68:de:b7:ae:de:9d:
8d:76:1d:4a:95:09:29:77:76:55:d8:54:ec:f4:6e:
2d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:75:11:BE:E1:51:69:86:58:9F:02:07:D8:34:8A:E1:3F:B1:DE:05
X509v3 Authority Key Identifier:
keyid:E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/7HURvuFRaYZYnwIH2DSK4T-x3gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/5HUh57azir-4i_cem8WgKy7M07M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c000::/29
Signature Algorithm: sha256WithRSAEncryption
0c:85:7d:d4:c6:2a:56:5c:bb:56:9f:93:95:0d:7e:82:cc:16:
6c:9b:fc:5e:e8:c5:60:98:f6:03:3d:77:f1:33:c3:55:7e:f8:
43:e7:8e:c3:81:5d:6d:87:6b:b2:79:e2:63:40:6c:3f:61:55:
e2:8c:62:02:1c:b7:e5:bb:df:6f:88:6c:cf:7f:34:01:d0:a4:
ec:e6:57:7b:c9:6a:c2:b2:8a:25:54:77:11:db:4a:53:70:a5:
7b:8e:86:34:c7:7c:fe:af:1e:88:44:82:7b:8c:d1:0d:75:e5:
bb:f7:bd:36:41:79:86:34:6a:b7:88:70:65:a1:94:22:6a:2d:
c4:ff:38:c4:49:fd:26:83:2d:0e:03:43:fb:60:65:90:1c:df:
27:13:a7:3e:62:2e:36:64:72:29:a3:c0:fb:9c:87:43:22:5b:
9f:ea:8e:e0:c8:7a:fb:33:6c:21:52:8b:0a:45:8c:27:bb:13:
d7:53:15:f6:cb:c9:0a:68:68:07:3c:11:1c:48:f0:64:bb:ce:
3f:65:ec:40:84:67:a6:5b:96:9e:0a:91:dd:b6:78:c2:60:04:
1f:c4:76:0d:3c:cc:bb:66:94:34:51:7e:86:20:f5:06:4b:27:
fd:b5:90:8a:db:b5:84:bc:88:07:29:37:a8:a6:fd:8f:d9:47:
4a:e4:50:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjKJZi2r6Dazp5ypXxHwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzUyMWU3YjZiMzhhYmZiODhiZjcxZTliYzVhMDJiMmVj
Y2QzYjMwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc1MTFiZWUxNTE2OTg2NTg5ZjAyMDdkODM0OGFlMTNmYjFkZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVvLqo709pIVFhOwEGp36I/6qX6V
PjuGon3IKjSSpCgVWGaT6fEFmO7yFa9/6FVbXKIToAMSkNE5GWY8CFB6T9+V0z7p
IgBCn4F1UsTVVwgLWs8vwUoCLYFCWDTHv7EaeMKQJIj+X2rP2Bn9EK4fR2MFhAJq
f8h1Flr8o4K9E4QG1PZzO6PBS77f46+/DK89lAblMQDIePwWExM1BfTvHWn6/ADz
RCa6mg4DX+24CYP+iCe0JbWscQbZ3XG/2DDMO2MDq8iQ5eADjjE0EcJsBXSMoL74
VBQvRhtIt8z8D7a+MDpQQ7cx8Mlo3reu3p2Ndh1KlQkpd3ZV2FTs9G4tmwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOx1Eb7hUWmGWJ8CB9g0iuE/sd4FMB8GA1UdIwQY
MBaAFOR1Iee2s4q/uIv3HpvFoCsuzNOzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYt
ODM2MWE4MzAzNTIyLzEvN0hVUnZ1RlJhWVpZbndJSDJEU0s0VC14M2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYtODM2MWE4MzAzNTIy
LzEvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgTAADAN
BgkqhkiG9w0BAQsFAAOCAQEADIV91MYqVly7Vp+TlQ1+gswWbJv8XujFYJj2Az13
8TPDVX74Q+eOw4FdbYdrsnniY0BsP2FV4oxiAhy35bvfb4hsz380AdCk7OZXe8lq
wrKKJVR3EdtKU3Cle46GNMd8/q8eiESCe4zRDXXlu/e9NkF5hjRqt4hwZaGUImot
xP84xEn9JoMtDgND+2BlkBzfJxOnPmIuNmRyKaPA+5yHQyJbn+qO4Mh6+zNsIVKL
CkWMJ7sT11MV9svJCmhoBzwRHEjwZLvOP2XsQIRnpluWngqR3bZ4wmAEH8R2DTzM
u2aUNFF+hiD1Bksn/bWQitu1hLyIByk3qKb9j9lHSuRQ3g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:15:33 2025 by rpki-client