Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AHNZuURv07W7E7QVthMutP1UVA.roa
File: 7AHNZuURv07W7E7QVthMutP1UVA.roa (raw, json)
Hash identifier: 4NQ2y1sWp43I0/UPWCWcZsvfbq9E8FX5mTR12qKZ+ZA=
Subject key identifier: EC:01:CD:66:E5:11:BF:4E:D6:EC:4E:D0:56:D8:4C:BA:D3:F5:51:50
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942825069D3005A11C88C545B9584CB9A6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AHNZuURv07W7E7QVthMutP1UVA.roa
Signing time: Thu 02 Jan 2025 17:51:42 +0000
ROA not before: Thu 02 Jan 2025 17:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210546
IP address blocks: 194.87.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:06:9d:30:05:a1:1c:88:c5:45:b9:58:4c:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec01cd66e511bf4ed6ec4ed056d84cbad3f55150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6e:b1:5d:98:91:41:f5:15:8d:65:1a:fc:90:
3d:ec:4c:92:b7:cc:f3:cd:58:db:a5:fd:7f:f5:9c:
d7:84:2a:00:37:b5:1c:d2:6d:c3:02:49:a5:66:2a:
1d:b2:29:64:f0:13:00:37:fc:e8:44:3f:33:ca:e7:
39:a6:36:c5:73:5e:55:56:29:a7:41:f4:0f:91:59:
83:04:2f:8f:52:f5:59:56:cc:96:2b:8e:84:91:ee:
ae:c1:0f:aa:d8:7e:ce:cc:ce:da:26:99:f2:cf:d9:
34:e8:5e:3c:74:6d:93:ef:43:aa:05:b2:76:5f:99:
f8:19:43:51:5f:1c:31:49:4b:60:75:3a:a8:2e:fa:
09:9a:2e:cb:a5:36:a5:ce:b8:a4:b8:a0:06:a4:1d:
be:a1:e1:84:d9:e4:b9:71:f8:b9:f5:c0:58:6a:e2:
29:1c:f6:64:a5:a3:76:ed:f9:1a:77:1e:5f:3b:90:
ad:55:1f:08:87:13:44:0a:a5:44:ed:3d:cf:a4:96:
80:22:27:b4:82:b3:19:e3:5f:84:33:9a:94:0f:ae:
a9:3a:16:a6:31:00:11:f5:94:01:41:8d:80:49:37:
d4:d1:1b:2b:c8:1a:03:8d:c6:32:08:3b:21:46:98:
fd:d2:67:e1:86:c0:a9:3d:4b:f1:da:a9:4f:67:da:
65:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:01:CD:66:E5:11:BF:4E:D6:EC:4E:D0:56:D8:4C:BA:D3:F5:51:50
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7AHNZuURv07W7E7QVthMutP1UVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:82:30:ad:28:af:17:2f:fe:86:a3:17:5b:de:c9:a4:12:6b:
18:30:1d:b6:d7:7f:70:17:1e:49:ed:ab:1f:f7:d6:aa:99:0d:
71:6b:ec:6f:8e:15:c6:91:7a:c1:b2:12:34:f3:d5:15:35:00:
25:98:5e:a8:ed:e0:44:70:80:a4:3c:6a:f7:5e:f4:0c:d7:e7:
86:11:1f:02:57:e8:af:58:7d:ab:ef:83:ce:cc:41:99:49:54:
7c:69:50:6e:5a:47:8d:e0:fb:c2:c8:f3:17:d7:2e:4b:f5:5a:
a1:58:d0:86:8c:3e:b1:40:df:b0:0f:48:c5:e2:d1:fc:0e:f6:
48:d3:18:a9:a1:0e:d2:de:ea:1c:51:28:dc:8b:67:05:00:d9:
6b:ef:6a:89:58:04:0a:fc:a7:54:44:cf:ce:f1:33:3f:1f:b5:
51:10:a7:44:ed:da:13:20:c1:d8:fd:03:6b:e9:4e:81:de:32:
6f:8f:2b:13:fb:50:c3:2c:99:c4:6f:ac:f6:a0:f6:1d:c8:4b:
42:61:03:78:54:b2:b8:13:71:f4:a3:dd:54:7b:f8:81:9c:2e:
37:24:4a:f3:1b:35:79:80:12:52:e8:66:f6:f8:6b:ed:cc:93:
5f:af:93:4a:40:9f:52:e8:fb:ca:df:06:f3:30:9a:a6:97:ca:
dc:fe:bd:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJQadMAWhHIjFRblYTLmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzAxY2Q2NmU1MTFiZjRlZDZlYzRlZDA1NmQ4NGNiYWQzZjU1MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7W6xXZiRQfUVjWUa/JA97EySt8zz
zVjbpf1/9ZzXhCoAN7Uc0m3DAkmlZiodsilk8BMAN/zoRD8zyuc5pjbFc15VVimn
QfQPkVmDBC+PUvVZVsyWK46Eke6uwQ+q2H7OzM7aJpnyz9k06F48dG2T70OqBbJ2
X5n4GUNRXxwxSUtgdTqoLvoJmi7LpTalzrikuKAGpB2+oeGE2eS5cfi59cBYauIp
HPZkpaN27fkadx5fO5CtVR8IhxNECqVE7T3PpJaAIie0grMZ41+EM5qUD66pOham
MQAR9ZQBQY2ASTfU0RsryBoDjcYyCDshRpj90mfhhsCpPUvx2qlPZ9pl0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwBzWblEb9O1uxO0FbYTLrT9VFQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN0FITlp1VVJ2MDdXN0U3UVZ0aE11dFAxVVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfHMA0G
CSqGSIb3DQEBCwUAA4IBAQBPgjCtKK8XL/6Goxdb3smkEmsYMB22139wFx5J7asf
99aqmQ1xa+xvjhXGkXrBshI089UVNQAlmF6o7eBEcICkPGr3XvQM1+eGER8CV+iv
WH2r74POzEGZSVR8aVBuWkeN4PvCyPMX1y5L9VqhWNCGjD6xQN+wD0jF4tH8DvZI
0xipoQ7S3uocUSjci2cFANlr72qJWAQK/KdURM/O8TM/H7VREKdE7doTIMHY/QNr
6U6B3jJvjysT+1DDLJnEb6z2oPYdyEtCYQN4VLK4E3H0o91Ue/iBnC43JErzGzV5
gBJS6Gb2+GvtzJNfr5NKQJ9S6PvK3wbzMJqml8rc/r3N
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:18:40 2025 by rpki-client