Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa
File: 7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa (raw, json)
Hash identifier: cTRZ7K6oUrn2Rqx5R/D6Zllm9PmQV/y/ARWXdG55cmE=
Subject key identifier: EF:E0:10:E8:E9:EF:67:8C:A2:04:8F:20:F2:26:5C:83:2E:77:2B:30
Certificate issuer: /CN=3befe50a40fb1732541e8a97450ab5de774771d8
Certificate serial: 019422FB8D0017B661779B13642FBEAAE842
Authority key identifier: 3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa
Signing time: Wed 01 Jan 2025 17:48:18 +0000
ROA not before: Wed 01 Jan 2025 17:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214293
IP address blocks: 91.238.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8d:00:17:b6:61:77:9b:13:64:2f:be:aa:e8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3befe50a40fb1732541e8a97450ab5de774771d8
Validity
Not Before: Jan 1 17:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efe010e8e9ef678ca2048f20f2265c832e772b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:2e:61:89:48:f3:90:f6:fb:fe:00:52:e9:
f0:d5:22:8b:6c:b4:0b:cd:85:64:b1:d7:dd:a8:15:
2c:d4:df:7a:ce:8c:f8:00:ed:d9:fa:e3:33:98:3b:
df:3e:41:01:85:16:0f:6e:b1:85:20:87:a0:3c:0a:
94:ad:e4:cf:bd:c3:26:67:34:a0:ae:f8:ec:6d:83:
c3:21:56:bd:56:9a:64:6f:e2:27:98:7d:2b:c9:e1:
a0:de:dd:72:79:0a:f9:43:f8:90:10:6a:10:f2:9b:
34:5e:d6:45:7d:4b:5f:f5:88:de:6c:a7:61:60:4c:
55:e2:16:92:e7:99:cb:4c:71:5f:92:dc:39:5c:a2:
dd:6c:d8:0c:cb:d5:61:07:ca:5e:6e:b2:fd:29:97:
21:eb:24:de:10:22:c4:1b:b8:b9:9d:fc:45:d5:10:
92:0f:32:f7:be:f5:27:dc:71:fa:8f:d8:dd:15:a0:
fc:91:5c:b5:84:21:2b:8c:25:fe:a4:49:67:5b:bf:
d4:43:fd:41:86:72:a8:78:cd:2f:54:73:2d:17:8b:
3e:6d:45:b9:3a:e0:5e:dd:7f:ea:5e:54:f6:8b:68:
2b:75:a5:ae:b5:5f:57:cb:7f:51:3c:a0:4d:3d:41:
23:67:fd:b0:57:0c:35:d1:1c:b9:55:34:da:3d:14:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E0:10:E8:E9:EF:67:8C:A2:04:8F:20:F2:26:5C:83:2E:77:2B:30
X509v3 Authority Key Identifier:
keyid:3B:EF:E5:0A:40:FB:17:32:54:1E:8A:97:45:0A:B5:DE:77:47:71:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-_lCkD7FzJUHoqXRQq13ndHcdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/7-AQ6OnvZ4yiBI8g8iZcgy53KzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8ef740-1052-49ec-a409-e615493117d2/1/O-_lCkD7FzJUHoqXRQq13ndHcdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.194.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:8e:d3:3f:fa:de:2a:d4:1c:30:f1:13:11:58:d4:f9:1a:85:
09:5c:07:9a:ae:8f:57:93:be:6d:ec:3e:c6:54:26:ca:c1:6c:
6b:58:ee:98:a0:41:4c:b3:e7:02:9c:01:bc:17:e5:f0:a7:98:
f2:6a:3a:c8:b4:64:a9:2b:0e:71:e1:bf:76:f9:a9:5f:41:35:
f6:64:8a:68:4d:c0:b0:87:65:26:13:94:33:b1:13:d8:54:ad:
7e:90:38:d5:13:e0:ed:9c:31:b4:8c:ac:c7:f7:1f:d5:0d:d0:
70:98:9f:63:72:c4:a7:9f:87:dd:6c:c0:45:fb:26:bb:65:22:
49:95:74:80:8c:85:45:3c:ef:ea:cb:a1:c4:51:b8:d3:d6:4e:
7e:e2:6e:a7:47:8c:c0:59:8d:af:6f:85:c8:94:a0:6b:59:20:
36:67:62:f7:66:90:48:a9:ec:b0:02:56:e0:28:a5:1c:29:4b:
6b:36:5b:6a:fc:9c:6d:41:a2:13:03:3d:64:9a:a3:f9:0a:56:
33:af:0c:b1:a1:5c:0c:2f:cf:20:52:05:e1:78:eb:ff:71:92:
c1:36:44:69:61:0d:59:78:10:51:de:8d:4f:a1:20:fe:e0:c4:
03:21:07:ed:b5:01:86:4e:b4:bd:16:8b:aa:39:ca:5d:3a:23:
2e:ea:50:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+40AF7Zhd5sTZC++quhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWZlNTBhNDBmYjE3MzI1NDFlOGE5NzQ1MGFiNWRlNzc0
NzcxZDgwHhcNMjUwMTAxMTc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmUwMTBlOGU5ZWY2NzhjYTIwNDhmMjBmMjI2NWM4MzJlNzcyYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5MuYYlI85D2+/4AUunw1SKLbLQL
zYVksdfdqBUs1N96zoz4AO3Z+uMzmDvfPkEBhRYPbrGFIIegPAqUreTPvcMmZzSg
rvjsbYPDIVa9Vppkb+InmH0ryeGg3t1yeQr5Q/iQEGoQ8ps0XtZFfUtf9YjebKdh
YExV4haS55nLTHFfktw5XKLdbNgMy9VhB8pebrL9KZch6yTeECLEG7i5nfxF1RCS
DzL3vvUn3HH6j9jdFaD8kVy1hCErjCX+pElnW7/UQ/1BhnKoeM0vVHMtF4s+bUW5
OuBe3X/qXlT2i2grdaWutV9Xy39RPKBNPUEjZ/2wVww10Ry5VTTaPRTiWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/gEOjp72eMogSPIPImXIMudyswMB8GA1UdIwQY
MBaAFDvv5QpA+xcyVB6Kl0UKtd53R3HYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDkt
ZTYxNTQ5MzExN2QyLzEvNy1BUTZPbnZaNHlpQkk4ZzhpWmNneTUzS3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84ZWY3NDAtMTA1Mi00OWVjLWE0MDktZTYxNTQ5MzExN2Qy
LzEvTy1fbENrRDdGekpVSG9xWFJRcTEzbmRIY2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7CMA0G
CSqGSIb3DQEBCwUAA4IBAQDjjtM/+t4q1Bww8RMRWNT5GoUJXAearo9Xk75t7D7G
VCbKwWxrWO6YoEFMs+cCnAG8F+Xwp5jyajrItGSpKw5x4b92+alfQTX2ZIpoTcCw
h2UmE5QzsRPYVK1+kDjVE+DtnDG0jKzH9x/VDdBwmJ9jcsSnn4fdbMBF+ya7ZSJJ
lXSAjIVFPO/qy6HEUbjT1k5+4m6nR4zAWY2vb4XIlKBrWSA2Z2L3ZpBIqeywAlbg
KKUcKUtrNltq/JxtQaITAz1kmqP5ClYzrwyxoVwML88gUgXheOv/cZLBNkRpYQ1Z
eBBR3o1PoSD+4MQDIQfttQGGTrS9FouqOcpdOiMu6lAe
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:03 2025 by rpki-client