Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/f87u7kBdxRsndUbHafpkZkro0IU.roa
File: f87u7kBdxRsndUbHafpkZkro0IU.roa (raw, json)
Hash identifier: zdIYsmtX/Gy6oFoVgbZrLwhX3d3gff2hTbpByuS7zVc=
Subject key identifier: 7F:CE:EE:EE:40:5D:C5:1B:27:75:46:C7:69:FA:64:66:4A:E8:D0:85
Certificate issuer: /CN=87eb97f98c882ef426b36663411d4081430ac421
Certificate serial: 0194D56F44743A8283DB972530615E2D1B13
Authority key identifier: 87:EB:97:F9:8C:88:2E:F4:26:B3:66:63:41:1D:40:81:43:0A:C4:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-uX-YyILvQms2ZjQR1AgUMKxCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/f87u7kBdxRsndUbHafpkZkro0IU.roa
Signing time: Wed 05 Feb 2025 09:27:06 +0000
ROA not before: Wed 05 Feb 2025 09:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207771
IP address blocks: 2001:67c:970::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:6f:44:74:3a:82:83:db:97:25:30:61:5e:2d:1b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87eb97f98c882ef426b36663411d4081430ac421
Validity
Not Before: Feb 5 09:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fceeeee405dc51b277546c769fa64664ae8d085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f4:b4:65:b4:68:30:e3:6c:a8:94:82:58:a5:
f7:f0:fb:00:6d:d8:24:29:e4:ef:57:e1:28:82:d5:
40:b1:56:87:d2:dc:5a:80:fe:d1:be:05:71:d1:bc:
fb:04:6d:44:a7:46:93:be:e4:6d:0d:b6:ac:ae:3a:
21:57:6e:81:39:42:9b:51:ff:00:09:f9:a6:91:36:
3a:d7:97:a2:96:eb:50:73:e3:6e:1d:7a:0b:50:4f:
27:ff:af:af:0d:b5:c9:20:78:3c:cc:03:d5:ca:da:
94:4a:3d:69:ab:ab:51:d1:e7:52:25:31:69:af:97:
94:6d:a1:55:14:46:64:d5:a3:ce:cc:dd:ac:66:01:
45:9f:39:f3:80:dd:43:ac:4e:a6:3a:c4:7a:90:33:
9d:27:10:e0:47:26:56:83:42:a5:f7:07:63:99:98:
c6:fd:ba:ea:d2:02:93:d6:ce:6f:8e:34:a9:2e:c2:
37:71:75:f1:85:8a:4c:60:45:4b:43:4a:6e:6e:a1:
a4:9d:ac:eb:8a:d3:8a:df:58:11:44:e4:62:45:6d:
8f:97:9c:7d:c7:bb:e1:5b:ff:7b:31:38:64:26:88:
e5:ab:15:e4:15:9a:9b:99:59:82:19:71:d9:d4:aa:
40:9b:59:c0:e8:d1:71:6b:bd:f5:d5:e6:51:c4:a2:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CE:EE:EE:40:5D:C5:1B:27:75:46:C7:69:FA:64:66:4A:E8:D0:85
X509v3 Authority Key Identifier:
keyid:87:EB:97:F9:8C:88:2E:F4:26:B3:66:63:41:1D:40:81:43:0A:C4:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-uX-YyILvQms2ZjQR1AgUMKxCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/f87u7kBdxRsndUbHafpkZkro0IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dea8f4-d688-4524-af29-3f6d7d7ea1b0/1/h-uX-YyILvQms2ZjQR1AgUMKxCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:970::/48
Signature Algorithm: sha256WithRSAEncryption
26:75:5f:54:9f:3e:4c:b3:a5:17:fa:98:25:d3:03:11:a1:fd:
e2:40:76:9e:e6:01:ea:3c:db:49:ee:25:1d:c3:97:05:56:dc:
3b:7e:4e:7c:b6:4a:aa:e0:49:b5:1a:da:ae:8f:98:b4:e7:b3:
14:76:21:e4:f4:dd:ff:7c:5f:57:df:a6:98:a6:ff:70:15:e2:
e4:f8:7d:a7:c1:54:7c:e3:e6:5d:3d:5c:9a:2d:88:54:af:af:
df:5c:c0:04:5a:f0:89:ae:8f:31:fc:1b:fe:2c:c2:07:1b:df:
1f:db:68:f8:04:ab:92:1d:57:75:f1:fc:89:98:30:2a:f2:3d:
28:25:3c:da:6b:e1:54:77:2d:c0:ca:30:25:84:e8:4e:64:49:
81:77:15:d9:00:34:e8:cc:52:ec:d7:6e:5c:be:5e:cc:dd:3f:
9b:26:fe:8b:ce:81:d6:cb:24:be:96:d5:d4:0d:c5:a5:ea:e8:
e5:8a:6b:e5:a1:ec:70:8f:9b:47:60:54:5d:05:5a:25:53:c3:
a7:67:30:2d:29:a8:2f:49:7f:58:5c:94:0c:14:ac:0b:9c:88:
e1:84:b4:7a:fd:51:96:47:7a:5e:a0:3e:6c:1b:52:7f:68:07:
33:2e:37:4e:ff:07:83:11:a5:67:9b:cf:36:bf:84:68:00:10:
98:aa:0a:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZTVb0R0OoKD25clMGFeLRsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWI5N2Y5OGM4ODJlZjQyNmIzNjY2MzQxMWQ0MDgxNDMw
YWM0MjEwHhcNMjUwMjA1MDkyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNlZWVlZTQwNWRjNTFiMjc3NTQ2Yzc2OWZhNjQ2NjRhZThkMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PS0ZbRoMONsqJSCWKX38PsAbdgk
KeTvV+EogtVAsVaH0txagP7RvgVx0bz7BG1Ep0aTvuRtDbasrjohV26BOUKbUf8A
CfmmkTY615eilutQc+NuHXoLUE8n/6+vDbXJIHg8zAPVytqUSj1pq6tR0edSJTFp
r5eUbaFVFEZk1aPOzN2sZgFFnznzgN1DrE6mOsR6kDOdJxDgRyZWg0Kl9wdjmZjG
/brq0gKT1s5vjjSpLsI3cXXxhYpMYEVLQ0pubqGknazritOK31gRRORiRW2Pl5x9
x7vhW/97MThkJojlqxXkFZqbmVmCGXHZ1KpAm1nA6NFxa7311eZRxKLbcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH/O7u5AXcUbJ3VGx2n6ZGZK6NCFMB8GA1UdIwQY
MBaAFIfrl/mMiC70JrNmY0EdQIFDCsQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC11WC1ZeUlMdlFtczJaalFSMUFnVU1LeENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kZWE4ZjQtZDY4OC00NTI0LWFmMjkt
M2Y2ZDdkN2VhMWIwLzEvZjg3dTdrQmR4UnNuZFViSGFmcGtaa3JvMElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kZWE4ZjQtZDY4OC00NTI0LWFmMjktM2Y2ZDdkN2VhMWIw
LzEvaC11WC1ZeUlMdlFtczJaalFSMUFnVU1LeENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAlw
MA0GCSqGSIb3DQEBCwUAA4IBAQAmdV9Unz5Ms6UX+pgl0wMRof3iQHae5gHqPNtJ
7iUdw5cFVtw7fk58tkqq4Em1Gtquj5i057MUdiHk9N3/fF9X36aYpv9wFeLk+H2n
wVR84+ZdPVyaLYhUr6/fXMAEWvCJro8x/Bv+LMIHG98f22j4BKuSHVd18fyJmDAq
8j0oJTzaa+FUdy3AyjAlhOhOZEmBdxXZADTozFLs125cvl7M3T+bJv6LzoHWyyS+
ltXUDcWl6ujlimvloexwj5tHYFRdBVolU8OnZzAtKagvSX9YXJQMFKwLnIjhhLR6
/VGWR3peoD5sG1J/aAczLjdO/weDEaVnm882v4RoABCYqgqD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:30 2025 by rpki-client on console.sobornost.net