Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/P8Eoq9RR0aGjSpGwX1OgPUIROxQ.roa
File: P8Eoq9RR0aGjSpGwX1OgPUIROxQ.roa (raw, json)
Hash identifier: s3K98YwNuWaxYBAIxIP0FKSAzloX75bONeEAcTalG7c=
Subject key identifier: 3F:C1:28:AB:D4:51:D1:A1:A3:4A:91:B0:5F:53:A0:3D:42:11:3B:14
Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial: 019420D5AA6AB2914D2C330AA59A62300129
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/P8Eoq9RR0aGjSpGwX1OgPUIROxQ.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19324
IP address blocks: 91.197.228.0/22 maxlen: 24
185.181.116.0/22 maxlen: 24
2a0a:cb80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:aa:6a:b2:91:4d:2c:33:0a:a5:9a:62:30:01:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fc128abd451d1a1a34a91b05f53a03d42113b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f3:3f:5e:b3:8b:02:47:e6:30:2c:4c:ab:ec:
e4:b4:8a:ed:ec:52:00:4c:b2:64:a3:62:76:06:95:
7d:4e:81:d3:66:23:eb:2c:a0:29:47:9a:54:b6:b9:
a3:88:fc:26:7c:56:65:02:58:43:00:36:90:65:3a:
a6:43:d5:e6:9c:43:9a:85:fb:fb:db:4f:18:ac:36:
df:30:00:42:5e:ec:79:84:4c:fe:76:3b:15:d7:68:
71:6b:a6:31:5e:be:77:27:e7:00:10:07:ce:54:26:
d6:ac:cc:8a:6c:c6:b7:97:e7:ea:58:9b:61:c7:4c:
a4:68:6f:d2:63:f5:da:9c:bd:0e:fd:12:50:9e:d9:
8b:c6:d9:ce:47:42:78:de:4b:91:ff:4a:10:7b:7b:
f6:89:57:76:c2:93:39:0a:76:94:4b:c2:7c:d4:c0:
ca:16:2a:ac:5e:df:b7:50:93:fd:57:a0:fd:51:e5:
34:1d:13:ed:a4:89:33:db:74:65:8c:34:8f:1c:51:
b6:a8:bc:07:eb:6d:ef:d7:6e:9b:9e:b1:56:39:fe:
ad:24:33:32:a9:68:c7:e5:12:53:a2:90:04:d4:da:
66:0e:c8:3f:b4:4d:a5:e1:e1:22:c9:fe:04:fd:2c:
3d:2a:9c:4f:08:8f:c1:c2:7d:5e:bf:28:44:9a:42:
7b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C1:28:AB:D4:51:D1:A1:A3:4A:91:B0:5F:53:A0:3D:42:11:3B:14
X509v3 Authority Key Identifier:
keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/P8Eoq9RR0aGjSpGwX1OgPUIROxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.228.0/22
185.181.116.0/22
IPv6:
2a0a:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
45:c4:d2:83:ed:93:af:62:4c:1c:31:12:06:9a:74:df:60:c0:
37:e6:37:b1:ea:74:c8:b2:47:71:14:06:12:54:32:77:7d:03:
39:5b:57:6f:a1:6d:22:6e:10:df:48:68:8d:a6:73:ca:4d:ba:
a0:e7:d4:de:19:5d:5c:25:c9:89:0f:21:0a:07:18:34:10:02:
25:33:03:12:7e:16:57:31:e4:a2:38:d1:13:b7:0d:f5:bb:f3:
03:9c:4c:db:1b:bc:e0:3c:b4:6b:c0:cc:ab:e7:87:fe:cb:dc:
c3:6f:7a:56:c2:62:22:94:71:bb:a2:4e:6c:1a:bd:90:6b:f9:
70:29:64:fd:f6:06:81:88:0e:4e:12:af:5a:ce:7f:43:e9:3b:
f7:d3:20:f1:a6:ac:54:9e:9d:f8:f5:6d:64:df:c5:d9:06:ac:
38:1d:4e:df:1b:7b:f3:d7:57:99:56:39:f2:a1:86:0c:6f:e6:
9a:a8:19:fb:c0:61:95:4d:62:6c:97:18:74:3e:bb:85:f0:6e:
7a:75:4a:19:ca:da:fb:c4:0a:c3:28:78:53:38:d5:16:a9:95:
52:3a:8b:d4:b1:30:d7:05:d7:27:35:ad:3c:7f:f4:42:02:b4:
54:a3:f9:ec:7c:1b:36:a2:41:49:f6:02:df:10:e5:a5:09:4e:
ff:96:23:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1apqspFNLDMKpZpiMAEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmMxMjhhYmQ0NTFkMWExYTM0YTkxYjA1ZjUzYTAzZDQyMTEzYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvM/XrOLAkfmMCxMq+zktIrt7FIA
TLJko2J2BpV9ToHTZiPrLKApR5pUtrmjiPwmfFZlAlhDADaQZTqmQ9XmnEOahfv7
208YrDbfMABCXux5hEz+djsV12hxa6YxXr53J+cAEAfOVCbWrMyKbMa3l+fqWJth
x0ykaG/SY/XanL0O/RJQntmLxtnOR0J43kuR/0oQe3v2iVd2wpM5CnaUS8J81MDK
FiqsXt+3UJP9V6D9UeU0HRPtpIkz23RljDSPHFG2qLwH623v126bnrFWOf6tJDMy
qWjH5RJTopAE1NpmDsg/tE2l4eEiyf4E/Sw9KpxPCI/Bwn1evyhEmkJ7jwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD/BKKvUUdGho0qRsF9ToD1CETsUMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvUDhFb3E5UlIwYUdqU3BHd1gxT2dQVUlST3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBFxNKD7ZOvYkwc
MRIGmnTfYMA35jex6nTIskdxFAYSVDJ3fQM5W1dvoW0ibhDfSGiNpnPKTbqg59Te
GV1cJcmJDyEKBxg0EAIlMwMSfhZXMeSiONETtw31u/MDnEzbG7zgPLRrwMyr54f+
y9zDb3pWwmIilHG7ok5sGr2Qa/lwKWT99gaBiA5OEq9azn9D6Tv30yDxpqxUnp34
9W1k38XZBqw4HU7fG3vz11eZVjnyoYYMb+aaqBn7wGGVTWJslxh0PruF8G56dUoZ
ytr7xArDKHhTONUWqZVSOovUsTDXBdcnNa08f/RCArRUo/nsfBs2okFJ9gLfEOWl
CU7/liMz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:53 2025 by rpki-client on console.sobornost.net