Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c991ef-84b4-496f-a856-5ce4d8dbd159/1/7p3bshSBfl7JZFvo3V1B0hB4k14.roa
File: 7p3bshSBfl7JZFvo3V1B0hB4k14.roa (raw, json)
Hash identifier: cbZ+dbslEUIQt31Sa26Aju1jHZ6F6X9W/yVOC5Hx/IY=
Subject key identifier: EE:9D:DB:B2:14:81:7E:5E:C9:64:5B:E8:DD:5D:41:D2:10:78:93:5E
Certificate issuer: /CN=1e65ede3b6aae7475c354b1e9b84d6a7832b077b
Certificate serial: 0195DA9CE39BBD71308C4729CD8C2914D194
Authority key identifier: 1E:65:ED:E3:B6:AA:E7:47:5C:35:4B:1E:9B:84:D6:A7:83:2B:07:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HmXt47aq50dcNUsem4TWp4MrB3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c991ef-84b4-496f-a856-5ce4d8dbd159/1/7p3bshSBfl7JZFvo3V1B0hB4k14.roa
Signing time: Fri 28 Mar 2025 02:37:49 +0000
ROA not before: Fri 28 Mar 2025 02:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213577
IP address blocks: 193.53.249.0/24 maxlen: 24
193.53.254.0/24 maxlen: 24
193.56.14.0/24 maxlen: 24
193.56.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:da:9c:e3:9b:bd:71:30:8c:47:29:cd:8c:29:14:d1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e65ede3b6aae7475c354b1e9b84d6a7832b077b
Validity
Not Before: Mar 28 02:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee9ddbb214817e5ec9645be8dd5d41d21078935e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:e6:9b:03:d9:3f:03:63:91:de:82:c3:f6:
79:9b:ed:91:48:a4:b2:4c:56:e1:e6:00:4d:8c:38:
f3:c7:f9:b8:7f:19:cf:ee:88:2c:78:1b:de:d0:46:
d5:c4:a7:1b:eb:2a:60:2c:f9:ef:fd:05:77:8c:08:
8a:92:7f:f9:43:f0:7d:60:b7:29:81:65:29:68:02:
74:9c:45:1c:21:e5:27:42:77:9c:9c:3d:5e:51:1a:
b9:04:e1:83:b1:47:89:3e:db:63:24:e2:5f:cd:0a:
68:e0:8c:35:b8:07:af:01:27:8d:c7:2a:ab:85:25:
dd:f0:68:2e:00:97:f3:c4:a1:a4:61:48:a5:3e:ef:
66:ff:12:88:48:d9:8f:32:30:6e:6a:dd:19:b2:6b:
3d:b0:c9:3b:7c:e3:66:61:f9:89:44:77:b2:4a:3e:
99:cd:38:f7:eb:98:73:22:99:69:59:d7:6f:64:38:
2a:05:53:7e:c0:ce:f2:55:13:c4:88:eb:b6:47:b0:
41:af:2b:de:ac:cb:03:89:f5:3c:a0:72:bb:f5:b8:
25:c7:b9:4d:9f:9f:20:ee:7d:78:aa:62:25:58:fd:
4c:0a:9f:b6:0d:ce:6c:ed:64:ef:ec:9e:3e:00:78:
fa:c0:c1:f2:d8:11:30:24:ca:de:0f:f8:39:8d:0b:
60:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9D:DB:B2:14:81:7E:5E:C9:64:5B:E8:DD:5D:41:D2:10:78:93:5E
X509v3 Authority Key Identifier:
keyid:1E:65:ED:E3:B6:AA:E7:47:5C:35:4B:1E:9B:84:D6:A7:83:2B:07:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HmXt47aq50dcNUsem4TWp4MrB3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c991ef-84b4-496f-a856-5ce4d8dbd159/1/7p3bshSBfl7JZFvo3V1B0hB4k14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c991ef-84b4-496f-a856-5ce4d8dbd159/1/HmXt47aq50dcNUsem4TWp4MrB3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.249.0/24
193.53.254.0/24
193.56.14.0/24
193.56.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2d:41:d6:22:bf:11:47:80:12:de:be:75:a6:e2:9d:6c:e1:
09:2d:d8:1c:88:76:6e:d2:25:5f:2e:3c:f9:64:f2:f5:e6:2f:
ae:60:70:b1:d3:1e:ea:15:6b:d6:7b:7f:c3:0d:5f:ac:98:d9:
d8:99:81:d7:51:44:49:ce:fe:1e:92:83:7c:88:de:e1:76:24:
02:fa:ac:ed:12:ef:b0:91:ab:39:b7:be:a3:9b:4c:ab:01:75:
50:10:c3:da:36:e3:77:85:d6:ab:0a:1b:8f:4b:00:d1:bb:87:
5a:8e:d4:b7:01:f9:56:b7:93:a5:40:91:64:4a:51:a7:c2:83:
7e:cc:4e:18:02:9b:9c:be:4b:1a:e6:5b:58:3b:d2:9b:79:61:
6d:4c:b0:bb:4b:7d:78:fb:ac:71:c6:24:5c:2c:4c:d3:ad:94:
c1:3d:a7:5c:a6:05:76:c0:f7:ed:fa:1e:e3:db:7d:2a:a4:ce:
41:6f:14:ce:83:69:da:4b:9a:39:4f:f2:68:03:0d:88:cd:3b:
be:3d:6d:0b:8c:de:77:40:a1:54:d1:61:81:55:f7:47:5d:13:
49:83:d6:a8:a5:7e:03:a9:ad:91:47:e0:07:a3:f8:3a:33:80:
99:cd:ef:99:04:82:a0:5a:09:57:c7:94:a0:f2:4b:2e:b8:ea:
31:22:cf:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXanOObvXEwjEcpzYwpFNGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNjVlZGUzYjZhYWU3NDc1YzM1NGIxZTliODRkNmE3ODMy
YjA3N2IwHhcNMjUwMzI4MDIzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTlkZGJiMjE0ODE3ZTVlYzk2NDViZThkZDVkNDFkMjEwNzg5MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcTmmwPZPwNjkd6Cw/Z5m+2RSKSy
TFbh5gBNjDjzx/m4fxnP7ogseBve0EbVxKcb6ypgLPnv/QV3jAiKkn/5Q/B9YLcp
gWUpaAJ0nEUcIeUnQnecnD1eURq5BOGDsUeJPttjJOJfzQpo4Iw1uAevASeNxyqr
hSXd8GguAJfzxKGkYUilPu9m/xKISNmPMjBuat0Zsms9sMk7fONmYfmJRHeySj6Z
zTj365hzIplpWddvZDgqBVN+wM7yVRPEiOu2R7BBryverMsDifU8oHK79bglx7lN
n58g7n14qmIlWP1MCp+2Dc5s7WTv7J4+AHj6wMHy2BEwJMreD/g5jQtg8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO6d27IUgX5eyWRb6N1dQdIQeJNeMB8GA1UdIwQY
MBaAFB5l7eO2qudHXDVLHpuE1qeDKwd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG1YdDQ3YXE1MGRjTlVzZW00VFdwNE1yQjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jOTkxZWYtODRiNC00OTZmLWE4NTYt
NWNlNGQ4ZGJkMTU5LzEvN3AzYnNoU0JmbDdKWkZ2bzNWMUIwaEI0azE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jOTkxZWYtODRiNC00OTZmLWE4NTYtNWNlNGQ4ZGJkMTU5
LzEvSG1YdDQ3YXE1MGRjTlVzZW00VFdwNE1yQjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTX5AwQA
wTX+AwQAwTgOAwQAwTgpMA0GCSqGSIb3DQEBCwUAA4IBAQCdLUHWIr8RR4AS3r51
puKdbOEJLdgciHZu0iVfLjz5ZPL15i+uYHCx0x7qFWvWe3/DDV+smNnYmYHXUURJ
zv4ekoN8iN7hdiQC+qztEu+wkas5t76jm0yrAXVQEMPaNuN3hdarChuPSwDRu4da
jtS3AflWt5OlQJFkSlGnwoN+zE4YApucvksa5ltYO9KbeWFtTLC7S314+6xxxiRc
LEzTrZTBPadcpgV2wPft+h7j230qpM5BbxTOg2naS5o5T/JoAw2IzTu+PW0LjN53
QKFU0WGBVfdHXRNJg9aopX4Dqa2RR+AHo/g6M4CZze+ZBIKgWglXx5Sg8ksuuOox
Is/r
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net