Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/2329f3-a28e-49de-98a3-9320a1c73b1d/1/7YhU_vK5G08AkR9W5LfWHGVyypQ.roa
File: 7YhU_vK5G08AkR9W5LfWHGVyypQ.roa (raw, json)
Hash identifier: RlhL4E2mBOXIjwSddZ4sZnexQ4dNTH+ubROkoPIYvn0=
Subject key identifier: ED:88:54:FE:F2:B9:1B:4F:00:91:1F:56:E4:B7:D6:1C:65:72:CA:94
Certificate issuer: /CN=d1988341d3607865f50f5bb02a9a3f5c2de58a92
Certificate serial: 01959EDE499D0B629E5D4D9FD3C88FB81BA5
Authority key identifier: D1:98:83:41:D3:60:78:65:F5:0F:5B:B0:2A:9A:3F:5C:2D:E5:8A:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ZiDQdNgeGX1D1uwKpo_XC3lipI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/2329f3-a28e-49de-98a3-9320a1c73b1d/1/7YhU_vK5G08AkR9W5LfWHGVyypQ.roa
Signing time: Sun 16 Mar 2025 12:12:02 +0000
ROA not before: Sun 16 Mar 2025 12:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34970
IP address blocks: 91.195.206.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9e:de:49:9d:0b:62:9e:5d:4d:9f:d3:c8:8f:b8:1b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1988341d3607865f50f5bb02a9a3f5c2de58a92
Validity
Not Before: Mar 16 12:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed8854fef2b91b4f00911f56e4b7d61c6572ca94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:b3:1f:65:53:3c:ba:03:c9:4e:d0:ca:c4:
1b:44:4f:60:f1:40:bd:d8:6c:ed:88:b0:62:27:4c:
64:52:35:3c:f1:fa:a0:3f:be:3d:08:17:71:73:42:
86:51:54:f6:59:25:59:24:bf:c8:65:ad:5d:4e:82:
c5:6b:d6:c6:a5:0c:85:1d:ba:e4:3a:f1:65:d3:b0:
a6:53:9e:2d:3a:31:cf:45:77:b7:ed:02:8f:ef:84:
65:6b:69:51:dd:e8:3a:3a:6e:ac:36:7c:1d:62:f1:
da:a9:5f:b7:64:c2:82:3b:13:1a:0b:30:17:27:2a:
44:76:21:87:5c:ee:74:3e:5b:2c:d7:da:20:74:08:
86:57:44:cb:6a:67:8b:86:fd:15:6c:7f:34:d1:8b:
67:1c:cf:6b:30:9d:ab:20:5d:78:49:7b:1b:d7:1c:
3b:e2:c8:22:03:94:14:92:c3:ca:31:5c:af:c7:61:
af:fb:8f:5c:dd:62:2e:47:dc:c5:20:85:d2:0e:d9:
a1:08:47:86:7b:95:00:1e:ab:d3:d2:70:8e:54:27:
17:bb:91:da:91:79:b8:28:ac:be:56:ef:8c:45:4a:
7c:c4:30:8e:5f:1d:4e:22:ea:c9:e0:e5:03:cd:bc:
7e:34:f3:ee:90:0d:78:e3:af:60:c4:2e:72:c0:d2:
25:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:88:54:FE:F2:B9:1B:4F:00:91:1F:56:E4:B7:D6:1C:65:72:CA:94
X509v3 Authority Key Identifier:
keyid:D1:98:83:41:D3:60:78:65:F5:0F:5B:B0:2A:9A:3F:5C:2D:E5:8A:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZiDQdNgeGX1D1uwKpo_XC3lipI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2329f3-a28e-49de-98a3-9320a1c73b1d/1/7YhU_vK5G08AkR9W5LfWHGVyypQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2329f3-a28e-49de-98a3-9320a1c73b1d/1/0ZiDQdNgeGX1D1uwKpo_XC3lipI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.206.0/23
Signature Algorithm: sha256WithRSAEncryption
79:a0:9b:5c:1d:57:7e:3a:f2:8a:4b:74:e0:9c:bf:12:b7:a3:
ae:11:b5:5e:d3:00:eb:da:b9:28:eb:19:0f:ae:10:f0:56:85:
53:be:5c:61:61:b1:15:7a:63:0d:8c:9d:9f:d9:80:b4:4e:80:
9a:3e:04:20:1b:98:48:88:c2:54:d6:45:40:11:cc:91:ce:b7:
f6:28:4a:f1:d6:46:84:3f:12:46:a9:72:c9:99:e9:56:da:56:
5c:22:bf:c8:62:10:af:62:1c:1a:53:da:3e:a8:a5:b3:34:cd:
c8:08:30:f0:65:07:6f:9a:e6:3c:94:90:0b:31:9a:d6:18:ad:
c3:24:d1:69:fe:ca:84:95:fd:63:d0:4e:f4:77:fd:14:f0:20:
8c:bf:38:3e:06:b2:71:d0:17:1b:75:91:98:e5:89:2a:c9:3b:
bd:ac:36:88:17:1c:c7:ae:48:dd:b6:1c:b9:c3:76:60:f3:77:
7e:5e:58:35:89:b9:12:26:d2:c8:5d:b9:91:ca:49:d7:36:3e:
b5:f6:9e:33:12:72:38:2b:4c:e9:fb:d4:46:a7:8e:8b:17:82:
80:1b:3d:3a:14:cd:7b:a5:38:5a:83:0b:a0:4c:4e:a4:aa:98:
dc:62:d5:f5:19:60:11:8f:de:3b:ba:31:84:26:83:7b:a0:97:
88:d1:49:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWe3kmdC2KeXU2f08iPuBulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTg4MzQxZDM2MDc4NjVmNTBmNWJiMDJhOWEzZjVjMmRl
NThhOTIwHhcNMjUwMzE2MTIxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDg4NTRmZWYyYjkxYjRmMDA5MTFmNTZlNGI3ZDYxYzY1NzJjYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxCzH2VTPLoDyU7QysQbRE9g8UC9
2GztiLBiJ0xkUjU88fqgP749CBdxc0KGUVT2WSVZJL/IZa1dToLFa9bGpQyFHbrk
OvFl07CmU54tOjHPRXe37QKP74Rla2lR3eg6Om6sNnwdYvHaqV+3ZMKCOxMaCzAX
JypEdiGHXO50Plss19ogdAiGV0TLameLhv0VbH800YtnHM9rMJ2rIF14SXsb1xw7
4sgiA5QUksPKMVyvx2Gv+49c3WIuR9zFIIXSDtmhCEeGe5UAHqvT0nCOVCcXu5Ha
kXm4KKy+Vu+MRUp8xDCOXx1OIurJ4OUDzbx+NPPukA14469gxC5ywNIlnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2IVP7yuRtPAJEfVuS31hxlcsqUMB8GA1UdIwQY
MBaAFNGYg0HTYHhl9Q9bsCqaP1wt5YqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFppRFFkTmdlR1gxRDF1d0twb19YQzNsaXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMzI5ZjMtYTI4ZS00OWRlLTk4YTMt
OTMyMGExYzczYjFkLzEvN1loVV92SzVHMDhBa1I5VzVMZldIR1Z5eXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMzI5ZjMtYTI4ZS00OWRlLTk4YTMtOTMyMGExYzczYjFk
LzEvMFppRFFkTmdlR1gxRDF1d0twb19YQzNsaXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8POMA0G
CSqGSIb3DQEBCwUAA4IBAQB5oJtcHVd+OvKKS3TgnL8St6OuEbVe0wDr2rko6xkP
rhDwVoVTvlxhYbEVemMNjJ2f2YC0ToCaPgQgG5hIiMJU1kVAEcyRzrf2KErx1kaE
PxJGqXLJmelW2lZcIr/IYhCvYhwaU9o+qKWzNM3ICDDwZQdvmuY8lJALMZrWGK3D
JNFp/sqElf1j0E70d/0U8CCMvzg+BrJx0BcbdZGY5YkqyTu9rDaIFxzHrkjdthy5
w3Zg83d+Xlg1ibkSJtLIXbmRyknXNj619p4zEnI4K0zp+9RGp46LF4KAGz06FM17
pThagwugTE6kqpjcYtX1GWARj947ujGEJoN7oJeI0UnN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net