Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/1-NN7sVbgRc7-e06UCxTChEWhBGw.roa
File: 1-NN7sVbgRc7-e06UCxTChEWhBGw.roa (raw, json)
Hash identifier: 1nkStuI6UE5AiUo/eeuy7d+ojDXercvaN8swfpqL2XQ=
Subject key identifier: F8:D3:7B:B1:56:E0:45:CE:FE:7B:4E:94:0B:14:C2:84:45:A1:04:6C
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0194214445361AEB480BB46442E85EC0A8F1
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/1-NN7sVbgRc7-e06UCxTChEWhBGw.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216370
IP address blocks: 2a06:9686:a00::/39 maxlen: 39
2a06:9686:c00::/39 maxlen: 39
2a06:9686:e00::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:45:36:1a:eb:48:0b:b4:64:42:e8:5e:c0:a8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8d37bb156e045cefe7b4e940b14c28445a1046c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:c3:6e:87:ed:d3:2a:21:dc:fe:46:54:3e:b2:
2e:bc:ce:89:76:77:32:9f:27:83:34:32:6d:e0:86:
9f:aa:a9:7c:3e:fb:68:6d:92:2f:a1:a0:01:3d:68:
b0:41:cd:ec:64:ae:13:47:9a:db:53:bc:d5:f8:54:
72:9e:a5:d2:56:c8:64:e6:79:70:38:16:53:2a:f5:
05:e1:a8:9f:36:2a:0a:3f:49:30:fe:43:15:b7:33:
73:ec:f7:96:ca:cf:04:25:3e:01:1d:68:fd:95:d9:
bc:25:b1:d0:c9:3c:f3:dc:a3:be:71:be:fe:bd:ed:
be:02:39:20:12:d7:79:6f:13:97:e7:8c:b1:76:77:
ef:1c:93:d2:75:d3:f6:07:74:00:99:bf:c2:72:c1:
af:ff:ec:dc:ec:47:e4:f4:34:8e:ef:cd:d9:8f:c0:
56:85:8a:91:41:4a:7f:ac:47:ee:0a:fa:a3:1b:7f:
98:40:18:19:15:9d:c6:3c:de:46:4b:ee:b9:01:6c:
25:a7:f9:0d:05:2f:60:eb:76:c3:97:f0:52:55:a5:
b2:ac:a0:36:16:a6:28:69:8f:fc:ad:e6:4c:6a:18:
c7:57:2e:19:49:cd:53:83:9d:0d:c6:ed:48:6b:1b:
91:0b:fa:3f:46:4b:11:53:d7:19:ad:78:79:e2:85:
df:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D3:7B:B1:56:E0:45:CE:FE:7B:4E:94:0B:14:C2:84:45:A1:04:6C
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/1-NN7sVbgRc7-e06UCxTChEWhBGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686:a00::-2a06:9686:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:eb:58:a1:b2:35:82:74:6a:95:06:a2:bc:a9:d3:29:72:26:
d2:89:2e:b1:db:a1:7a:08:cc:9c:4a:ec:8e:9b:47:b0:74:a6:
36:b3:f0:29:12:94:44:34:1f:1b:d4:5c:83:fc:f6:d9:08:1a:
23:db:11:78:ca:48:92:5c:5b:90:40:59:59:14:f9:92:16:b5:
37:3a:69:35:42:20:42:fe:6c:c9:69:24:39:ec:88:3a:50:ba:
9a:2b:a2:9b:99:d9:5b:72:88:0c:85:0b:96:b9:15:11:f0:89:
08:61:32:c8:e9:41:3e:4a:e0:62:f1:8a:cd:bb:e2:cb:ba:a7:
2d:ed:83:e7:41:7c:3d:33:87:36:46:41:93:26:9a:78:53:b3:
c3:38:a8:2f:b4:d8:e2:13:2e:44:4f:f1:58:e2:d8:9d:ad:cd:
9f:b2:d6:b4:7b:87:e3:ec:cc:10:77:fb:f2:a3:09:7e:36:e2:
af:a6:92:e8:42:1c:7d:30:a3:6d:1e:d0:c4:98:31:95:b9:45:
78:c8:fe:22:3e:f3:2c:b8:64:a1:0a:80:1e:a2:58:3d:fa:0b:
88:29:c0:47:05:66:18:3c:6e:f9:55:4f:58:0a:fe:c9:20:d6:
0a:32:a4:49:9e:cf:55:6e:e6:e1:37:c3:77:4d:b2:66:a3:c4:
fc:c4:d5:bf
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQhREU2GutIC7RkQuhewKjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQzN2JiMTU2ZTA0NWNlZmU3YjRlOTQwYjE0YzI4NDQ1YTEwNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+sNuh+3TKiHc/kZUPrIuvM6Jdncy
nyeDNDJt4Iafqql8PvtobZIvoaABPWiwQc3sZK4TR5rbU7zV+FRynqXSVshk5nlw
OBZTKvUF4aifNioKP0kw/kMVtzNz7PeWys8EJT4BHWj9ldm8JbHQyTzz3KO+cb7+
ve2+AjkgEtd5bxOX54yxdnfvHJPSddP2B3QAmb/CcsGv/+zc7Efk9DSO783Zj8BW
hYqRQUp/rEfuCvqjG3+YQBgZFZ3GPN5GS+65AWwlp/kNBS9g63bDl/BSVaWyrKA2
FqYoaY/8reZMahjHVy4ZSc1Tg50Nxu1IaxuRC/o/RksRU9cZrXh54oXf3QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPjTe7FW4EXO/ntOlAsUwoRFoQRsMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvMS1OTjdzVmJnUmM3LWUwNlVDeFRDaEVXaEJHdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvMTdhNzEyLTRlNWEtNDBjNS1hM2EyLTEyMDI1YzU0ZjQ4
NC8xL2ZEdUlkLUdoTVA1UU9HeGhEVzZ0VmtHNWU2WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEjAQAwYBKgaW
hgoDBgQqBpaGADANBgkqhkiG9w0BAQsFAAOCAQEAFutYobI1gnRqlQaivKnTKXIm
0okusduhegjMnErsjptHsHSmNrPwKRKURDQfG9Rcg/z22QgaI9sReMpIklxbkEBZ
WRT5kha1NzppNUIgQv5syWkkOeyIOlC6miuim5nZW3KIDIULlrkVEfCJCGEyyOlB
PkrgYvGKzbviy7qnLe2D50F8PTOHNkZBkyaaeFOzwzioL7TY4hMuRE/xWOLYna3N
n7LWtHuH4+zMEHf78qMJfjbir6aS6EIcfTCjbR7QxJgxlblFeMj+Ij7zLLhkoQqA
HqJYPfoLiCnARwVmGDxu+VVPWAr+ySDWCjKkSZ7PVW7m4TfDd02yZqPE/MTVvw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net