Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/7R9_GJs-RL0ErJSF-LSh2qvUnoE.roa
File: 7R9_GJs-RL0ErJSF-LSh2qvUnoE.roa (raw, json)
Hash identifier: vAKa7err3VX58GgPpqscTS8KcHYZ802QYuzRZdVwrE8=
Subject key identifier: ED:1F:7F:18:9B:3E:44:BD:04:AC:94:85:F8:B4:A1:DA:AB:D4:9E:81
Certificate issuer: /CN=885e6e65e8d74182039634566cd1fa2b2b325702
Certificate serial: 0194F162EF769EEABE8AD71E556822E9B52B
Authority key identifier: 88:5E:6E:65:E8:D7:41:82:03:96:34:56:6C:D1:FA:2B:2B:32:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iF5uZejXQYIDljRWbNH6KysyVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/7R9_GJs-RL0ErJSF-LSh2qvUnoE.roa
Signing time: Mon 10 Feb 2025 19:43:00 +0000
ROA not before: Mon 10 Feb 2025 19:43:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42638
IP address blocks: 91.189.200.0/21 maxlen: 21
193.104.83.0/24 maxlen: 24
2a14:bb00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:62:ef:76:9e:ea:be:8a:d7:1e:55:68:22:e9:b5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885e6e65e8d74182039634566cd1fa2b2b325702
Validity
Not Before: Feb 10 19:43:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed1f7f189b3e44bd04ac9485f8b4a1daabd49e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b6:d9:79:43:a4:84:08:a9:5f:27:7c:3a:8f:
87:68:4e:65:1a:75:a1:60:ff:09:00:63:06:45:77:
9b:f0:bf:cd:ec:d1:33:8d:1f:97:b2:d0:5a:05:54:
84:f6:ee:b7:08:4e:7f:16:e5:06:4a:5e:80:fc:f9:
64:b3:37:2a:c8:41:1d:89:4d:d2:90:d7:47:62:09:
cc:10:0b:ba:25:0b:75:dc:33:6e:2c:f1:f0:02:9a:
ba:c3:57:d9:9a:3d:45:04:35:4e:6e:56:ab:4e:1f:
34:b9:f4:c7:13:71:88:46:c9:ac:e4:8e:3d:cb:73:
e8:a3:2b:8d:b9:54:e1:51:eb:ef:bc:9c:77:c4:0e:
69:52:a8:ec:8a:a7:68:8f:fc:8c:66:a8:f1:b5:65:
c8:7a:63:ce:7e:8c:5e:f8:c3:af:41:be:2c:e1:5b:
74:0a:08:2d:f4:de:e3:29:4a:71:8f:62:7c:db:a1:
af:2b:e9:53:ad:73:be:17:3b:96:15:14:85:7b:bb:
5c:1e:e4:61:dc:eb:96:43:fe:0e:14:25:c0:b1:33:
a3:bd:74:37:d1:82:7c:5c:e0:e3:4b:3d:e2:98:e7:
5d:09:e6:29:3a:d0:a5:d8:90:df:7d:0d:46:55:54:
0a:89:6a:01:bc:e9:2c:7c:6e:97:2f:30:2d:6e:e2:
c6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1F:7F:18:9B:3E:44:BD:04:AC:94:85:F8:B4:A1:DA:AB:D4:9E:81
X509v3 Authority Key Identifier:
keyid:88:5E:6E:65:E8:D7:41:82:03:96:34:56:6C:D1:FA:2B:2B:32:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iF5uZejXQYIDljRWbNH6KysyVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/7R9_GJs-RL0ErJSF-LSh2qvUnoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/b5e438-e292-4d22-a90e-ceebdfde01fc/1/iF5uZejXQYIDljRWbNH6KysyVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.200.0/21
193.104.83.0/24
IPv6:
2a14:bb00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:5e:7c:91:91:eb:f4:a9:31:59:01:46:47:7e:89:9a:3f:6b:
6a:73:08:71:3a:0c:4c:d9:89:cd:48:d0:f9:46:04:e6:b9:ec:
f7:58:e9:4e:b5:3b:d4:47:0e:20:52:b5:5f:98:0b:18:45:1e:
e7:08:2c:3d:61:ac:2d:c8:7d:fd:1a:1a:d5:c6:45:c7:3a:85:
1b:aa:1e:e8:a0:75:ee:1e:1d:14:b9:93:11:00:c7:c3:43:78:
a1:50:8a:52:a9:38:de:17:0d:8d:e4:d6:12:8e:bc:af:20:80:
95:a7:e9:96:7f:66:71:21:99:d4:d1:a8:38:f5:f1:c1:42:68:
5c:cd:f9:14:80:f0:e5:fa:90:b3:51:b5:36:c8:02:a9:7b:5e:
cd:34:f3:84:b4:a7:33:e3:ac:a5:f5:bf:b8:be:7a:4f:5f:ff:
72:a2:c5:66:75:97:2f:ff:a0:4c:47:d4:ae:d6:15:d3:45:e1:
ae:93:20:38:6c:3c:25:50:43:45:f3:db:bb:b2:e1:de:e3:0a:
b0:a6:cd:7d:98:66:c6:0c:3f:ef:e1:7a:8c:24:2e:f3:39:7c:
68:8e:dd:51:c0:38:19:99:6c:d2:d2:73:08:99:e8:7f:e8:ba:
f4:e9:86:d3:aa:61:6e:5b:34:f9:2c:34:9f:01:9a:3f:c3:64:
90:a6:69:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZTxYu92nuq+itceVWgi6bUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWU2ZTY1ZThkNzQxODIwMzk2MzQ1NjZjZDFmYTJiMmIz
MjU3MDIwHhcNMjUwMjEwMTk0MzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDFmN2YxODliM2U0NGJkMDRhYzk0ODVmOGI0YTFkYWFiZDQ5ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLbZeUOkhAipXyd8Oo+HaE5lGnWh
YP8JAGMGRXeb8L/N7NEzjR+XstBaBVSE9u63CE5/FuUGSl6A/PlkszcqyEEdiU3S
kNdHYgnMEAu6JQt13DNuLPHwApq6w1fZmj1FBDVOblarTh80ufTHE3GIRsms5I49
y3PooyuNuVThUevvvJx3xA5pUqjsiqdoj/yMZqjxtWXIemPOfoxe+MOvQb4s4Vt0
Cggt9N7jKUpxj2J826GvK+lTrXO+FzuWFRSFe7tcHuRh3OuWQ/4OFCXAsTOjvXQ3
0YJ8XODjSz3imOddCeYpOtCl2JDffQ1GVVQKiWoBvOksfG6XLzAtbuLGuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO0ffxibPkS9BKyUhfi0odqr1J6BMB8GA1UdIwQY
MBaAFIhebmXo10GCA5Y0VmzR+isrMlcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUY1dVplalhRWUlEbGpSV2JOSDZLeXN5VndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iNWU0MzgtZTI5Mi00ZDIyLWE5MGUt
Y2VlYmRmZGUwMWZjLzEvN1I5X0dKcy1STDBFckpTRi1MU2gycXZVbm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9iNWU0MzgtZTI5Mi00ZDIyLWE5MGUtY2VlYmRmZGUwMWZj
LzEvaUY1dVplalhRWUlEbGpSV2JOSDZLeXN5VndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW73IAwQA
wWhTMA0EAgACMAcDBQMqFLsAMA0GCSqGSIb3DQEBCwUAA4IBAQCLXnyRkev0qTFZ
AUZHfomaP2tqcwhxOgxM2YnNSND5RgTmuez3WOlOtTvURw4gUrVfmAsYRR7nCCw9
YawtyH39GhrVxkXHOoUbqh7ooHXuHh0UuZMRAMfDQ3ihUIpSqTjeFw2N5NYSjryv
IICVp+mWf2ZxIZnU0ag49fHBQmhczfkUgPDl+pCzUbU2yAKpe17NNPOEtKcz46yl
9b+4vnpPX/9yosVmdZcv/6BMR9Su1hXTReGukyA4bDwlUENF89u7suHe4wqwps19
mGbGDD/v4XqMJC7zOXxojt1RwDgZmWzS0nMImeh/6Lr06YbTqmFuWzT5LDSfAZo/
w2SQpml/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:57 2025 by rpki-client on console.sobornost.net