Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/7gR2osXmygk9oNFo9DvbGt-WDmQ.roa
File: 7gR2osXmygk9oNFo9DvbGt-WDmQ.roa (raw, json)
Hash identifier: C2zBD+LyZH9uXxLoruxEMIAIBOxrHY6YR4x8LVKbd1s=
Subject key identifier: EE:04:76:A2:C5:E6:CA:09:3D:A0:D1:68:F4:3B:DB:1A:DF:96:0E:64
Certificate issuer: /CN=bac55ec7cff0ef5650725adf3aefe6051a10cb6a
Certificate serial: 01856FCB99D7D84989602BAB2F16871B5B1E
Authority key identifier: BA:C5:5E:C7:CF:F0:EF:56:50:72:5A:DF:3A:EF:E6:05:1A:10:CB:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/usVex8_w71ZQclrfOu_mBRoQy2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/7gR2osXmygk9oNFo9DvbGt-WDmQ.roa
Signing time: Mon 02 Jan 2023 00:04:52 +0000
ROA not before: Mon 02 Jan 2023 00:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196695
IP address blocks: 91.200.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:99:d7:d8:49:89:60:2b:ab:2f:16:87:1b:5b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bac55ec7cff0ef5650725adf3aefe6051a10cb6a
Validity
Not Before: Jan 2 00:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee0476a2c5e6ca093da0d168f43bdb1adf960e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b7:b8:41:8b:6f:fb:f9:a7:de:be:df:22:4d:
f5:dd:1b:ea:29:a0:1a:17:7f:61:2a:7e:71:98:f7:
5d:2d:6d:3b:88:23:44:66:69:a8:c4:32:9e:b2:08:
29:4f:a4:22:7a:d8:14:67:db:9b:37:fe:e6:02:e0:
2f:04:24:00:1a:90:fd:b5:68:55:c9:40:a4:0f:69:
e2:9b:c5:f7:af:16:17:12:fa:ca:28:57:50:86:8e:
fe:26:7c:e2:63:39:b4:15:13:ef:06:95:b5:c3:0b:
79:0c:31:90:ac:f1:24:16:83:5c:bd:b0:3c:5f:dc:
bf:df:7f:7b:8c:01:fc:4a:56:20:b9:bc:e0:66:eb:
c3:ee:24:52:6b:50:31:40:89:9f:cd:8f:35:39:72:
e7:de:1e:60:3f:a1:c6:77:c6:a0:54:97:07:47:a4:
c3:3b:97:24:1e:a5:57:c2:c1:a5:75:03:90:c1:bf:
ae:2a:01:91:09:07:c9:65:64:48:d4:00:83:9d:f7:
d9:12:6f:4a:cf:23:75:ca:73:f5:24:4a:e9:a8:d7:
2d:9a:60:d2:dc:81:ff:2d:58:47:e2:9f:63:07:c5:
78:20:da:47:54:f0:d8:dd:02:c3:0e:6e:44:3e:57:
6f:b9:9f:8c:ce:39:54:3d:18:76:48:35:7a:b2:43:
99:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:04:76:A2:C5:E6:CA:09:3D:A0:D1:68:F4:3B:DB:1A:DF:96:0E:64
X509v3 Authority Key Identifier:
keyid:BA:C5:5E:C7:CF:F0:EF:56:50:72:5A:DF:3A:EF:E6:05:1A:10:CB:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/usVex8_w71ZQclrfOu_mBRoQy2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/7gR2osXmygk9oNFo9DvbGt-WDmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dea778-09c8-4572-b3bb-c6059a3aa340/1/usVex8_w71ZQclrfOu_mBRoQy2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.146.0/24
Signature Algorithm: sha256WithRSAEncryption
68:bf:27:96:16:8a:a1:3c:ef:4e:a0:e9:43:c7:8b:88:6d:6a:
67:3d:0e:d0:7b:e6:56:0f:5f:64:96:93:76:5b:8a:11:07:bf:
a6:55:3e:38:cb:c3:22:b2:c3:c5:d4:41:5d:37:86:3f:11:5f:
48:76:3c:af:41:40:4b:07:10:9b:20:33:e6:9b:33:7d:aa:f1:
bf:0f:83:94:7d:be:5e:fb:9d:ee:93:5a:bd:e2:43:fc:6f:11:
bd:8a:98:d5:c8:7f:60:79:d0:4d:28:f9:e4:f6:c0:39:a4:da:
b1:ec:e5:a9:88:da:ab:0f:c3:77:64:bc:25:8d:24:bf:e1:70:
b9:f2:c1:1f:6f:a6:8b:65:c0:a7:de:00:82:91:02:c5:97:1f:
b2:9b:cc:ef:81:e5:32:d2:12:e4:8f:98:87:bd:a7:6d:7d:81:
1a:22:a8:39:8b:54:ac:61:46:4c:e6:dd:7c:64:55:84:a0:ef:
72:fb:43:9c:89:c0:75:a4:9e:de:66:64:2a:06:60:ed:57:9c:
03:a5:24:ec:1f:2e:07:5c:37:bb:b5:3a:f8:7e:5c:ad:76:27:
6d:d7:bd:a0:d3:8d:d0:fe:a2:ba:60:6f:af:f7:11:ea:c8:af:
f5:4f:30:e2:f0:c1:ac:62:63:4a:eb:5a:c7:61:9d:7c:17:1f:
87:19:3c:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5nX2EmJYCurLxaHG1seMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYzU1ZWM3Y2ZmMGVmNTY1MDcyNWFkZjNhZWZlNjA1MWEx
MGNiNmEwHhcNMjMwMTAyMDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTA0NzZhMmM1ZTZjYTA5M2RhMGQxNjhmNDNiZGIxYWRmOTYwZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbe4QYtv+/mn3r7fIk313RvqKaAa
F39hKn5xmPddLW07iCNEZmmoxDKesggpT6QietgUZ9ubN/7mAuAvBCQAGpD9tWhV
yUCkD2nim8X3rxYXEvrKKFdQho7+JnziYzm0FRPvBpW1wwt5DDGQrPEkFoNcvbA8
X9y/3397jAH8SlYgubzgZuvD7iRSa1AxQImfzY81OXLn3h5gP6HGd8agVJcHR6TD
O5ckHqVXwsGldQOQwb+uKgGRCQfJZWRI1ACDnffZEm9KzyN1ynP1JErpqNctmmDS
3IH/LVhH4p9jB8V4INpHVPDY3QLDDm5EPldvuZ+MzjlUPRh2SDV6skOZKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4EdqLF5soJPaDRaPQ72xrflg5kMB8GA1UdIwQY
MBaAFLrFXsfP8O9WUHJa3zrv5gUaEMtqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXNWZXg4X3c3MVpRY2xyZk91X21CUm9ReTJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZWE3NzgtMDljOC00NTcyLWIzYmIt
YzYwNTlhM2FhMzQwLzEvN2dSMm9zWG15Z2s5b05GbzlEdmJHdC1XRG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9kZWE3NzgtMDljOC00NTcyLWIzYmItYzYwNTlhM2FhMzQw
LzEvdXNWZXg4X3c3MVpRY2xyZk91X21CUm9ReTJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8iSMA0G
CSqGSIb3DQEBCwUAA4IBAQBovyeWFoqhPO9OoOlDx4uIbWpnPQ7Qe+ZWD19klpN2
W4oRB7+mVT44y8MissPF1EFdN4Y/EV9IdjyvQUBLBxCbIDPmmzN9qvG/D4OUfb5e
+53uk1q94kP8bxG9ipjVyH9gedBNKPnk9sA5pNqx7OWpiNqrD8N3ZLwljSS/4XC5
8sEfb6aLZcCn3gCCkQLFlx+ym8zvgeUy0hLkj5iHvadtfYEaIqg5i1SsYUZM5t18
ZFWEoO9y+0OcicB1pJ7eZmQqBmDtV5wDpSTsHy4HXDe7tTr4flytdidt172g043Q
/qK6YG+v9xHqyK/1TzDi8MGsYmNK61rHYZ18Fx+HGTxB
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:22:52 2025 by rpki-client