Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/7QAi3hol-4GpeEk0vacoCeiMLE8.roa
File: 7QAi3hol-4GpeEk0vacoCeiMLE8.roa (raw, json)
Hash identifier: 41WAyyFZEfqE7fT5J+jGu94yYNN3Qp+eHjuNlnSVUDI=
Subject key identifier: ED:00:22:DE:1A:25:FB:81:A9:78:49:34:BD:A7:28:09:E8:8C:2C:4F
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 019427480CAA306D6532C08749BCF197F09E
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/7QAi3hol-4GpeEk0vacoCeiMLE8.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207186
IP address blocks: 91.207.154.0/24 maxlen: 24
91.207.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0c:aa:30:6d:65:32:c0:87:49:bc:f1:97:f0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed0022de1a25fb81a9784934bda72809e88c2c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a7:61:d1:3a:7d:d5:a2:34:d9:e3:10:ea:49:
fa:b6:06:9c:3e:61:09:3a:53:60:87:ea:2d:9a:f6:
0d:30:d6:19:c1:1d:7d:cf:9c:64:eb:8c:f5:41:82:
cc:82:e5:d8:90:28:5d:8e:99:27:76:57:d8:e3:fa:
ec:fd:8b:ba:e9:26:f9:d9:3a:50:7e:48:06:68:23:
5f:90:ad:70:6d:b7:1b:56:cb:75:b9:49:36:e7:d2:
98:9f:94:2f:ea:fa:6c:a6:38:8a:9c:84:ce:16:a9:
64:07:2a:b1:4e:95:b2:b7:c9:d4:80:84:e7:e0:22:
00:ac:5f:ea:20:d8:ce:5d:ad:40:04:b1:6d:42:5a:
6e:fc:64:3c:d2:21:e8:4b:b7:fb:6d:90:4b:18:3f:
51:31:2f:17:9a:5f:7a:cc:a3:9f:ec:5a:e7:21:da:
cb:bc:74:bb:f3:95:86:ad:58:e1:38:15:b1:33:be:
c9:2e:e5:22:17:1f:31:b7:52:4e:87:0e:bd:89:d2:
09:cd:3d:5f:3e:06:27:ce:ce:a6:ed:3d:49:65:b2:
9e:c9:ea:81:c1:93:19:a5:d3:07:d5:b7:e9:d1:ae:
c4:cd:d3:ce:b0:09:bc:54:7b:33:af:dd:f6:ff:c7:
53:95:9b:64:9d:02:2b:06:be:40:75:57:89:8d:2d:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:00:22:DE:1A:25:FB:81:A9:78:49:34:BD:A7:28:09:E8:8C:2C:4F
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/7QAi3hol-4GpeEk0vacoCeiMLE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.154.0/23
Signature Algorithm: sha256WithRSAEncryption
66:80:40:79:49:e0:6a:e9:27:9a:27:a4:9b:12:27:99:b2:0c:
95:50:8b:de:70:54:19:87:3b:42:59:1f:ff:16:75:f1:8c:a6:
98:24:7d:eb:75:03:7b:88:da:97:5f:93:d4:a2:06:a5:27:2e:
a7:06:ca:a1:73:68:a3:e8:f2:c7:24:3d:3d:3d:85:64:64:5c:
c7:c3:b3:b2:4c:c1:54:37:8f:34:de:31:9a:86:d7:7a:51:cc:
a5:69:5a:9e:4e:e5:da:2d:d9:39:7c:db:22:00:56:73:35:98:
fe:99:d2:81:90:b6:1f:02:6a:9a:1b:5e:35:21:29:5b:e2:46:
6b:8d:f5:e6:11:ae:61:ef:0e:c0:7a:f8:80:39:04:6b:d1:4c:
d1:8a:db:1b:9a:3e:6c:40:6e:a6:cc:9c:be:dd:b7:01:72:34:
f4:7a:07:a1:c7:62:64:03:54:b9:7c:f1:ef:fc:f5:69:4d:d0:
49:4e:0d:a1:d9:b3:71:43:1f:a8:19:ee:12:01:03:24:46:79:
dc:2a:3d:6d:ba:91:8f:a1:22:26:e3:fc:7b:6c:b4:08:7d:23:
65:1f:2d:3b:73:67:fe:75:c8:8f:f2:ee:09:2b:f6:53:0e:cb:
cc:e5:ab:d2:1b:77:d8:fe:de:31:a0:fc:7a:b3:5d:5e:28:2b:
8d:7b:9c:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSAyqMG1lMsCHSbzxl/CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDAwMjJkZTFhMjVmYjgxYTk3ODQ5MzRiZGE3MjgwOWU4OGMyYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiadh0Tp91aI02eMQ6kn6tgacPmEJ
OlNgh+otmvYNMNYZwR19z5xk64z1QYLMguXYkChdjpkndlfY4/rs/Yu66Sb52TpQ
fkgGaCNfkK1wbbcbVst1uUk259KYn5Qv6vpspjiKnITOFqlkByqxTpWyt8nUgITn
4CIArF/qINjOXa1ABLFtQlpu/GQ80iHoS7f7bZBLGD9RMS8Xml96zKOf7FrnIdrL
vHS785WGrVjhOBWxM77JLuUiFx8xt1JOhw69idIJzT1fPgYnzs6m7T1JZbKeyeqB
wZMZpdMH1bfp0a7EzdPOsAm8VHszr932/8dTlZtknQIrBr5AdVeJjS0YBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0AIt4aJfuBqXhJNL2nKAnojCxPMB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvN1FBaTNob2wtNEdwZUVrMHZhY29DZWlNTEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMtOWQxODVmNzM4MjEx
LzEvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8+aMA0G
CSqGSIb3DQEBCwUAA4IBAQBmgEB5SeBq6SeaJ6SbEieZsgyVUIvecFQZhztCWR//
FnXxjKaYJH3rdQN7iNqXX5PUogalJy6nBsqhc2ij6PLHJD09PYVkZFzHw7OyTMFU
N4803jGahtd6UcylaVqeTuXaLdk5fNsiAFZzNZj+mdKBkLYfAmqaG141ISlb4kZr
jfXmEa5h7w7AeviAOQRr0UzRitsbmj5sQG6mzJy+3bcBcjT0egehx2JkA1S5fPHv
/PVpTdBJTg2h2bNxQx+oGe4SAQMkRnncKj1tupGPoSIm4/x7bLQIfSNlHy07c2f+
dciP8u4JK/ZTDsvM5avSG3fY/t4xoPx6s11eKCuNe5x9
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:47:07 2025 by rpki-client