Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/p7GmbEEODMjXWeSDkqERQsdhAXQ.roa
File: p7GmbEEODMjXWeSDkqERQsdhAXQ.roa (raw, json)
Hash identifier: QQD/kFAdSVug9nVzr70pWbHppQMNw4QNc2pkl2QPoHE=
Subject key identifier: A7:B1:A6:6C:41:0E:0C:C8:D7:59:E4:83:92:A1:11:42:C7:61:01:74
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0187BCDB9B6A8E69437EB803601BA8ADE47B
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/p7GmbEEODMjXWeSDkqERQsdhAXQ.roa
Signing time: Wed 26 Apr 2023 09:18:41 +0000
ROA not before: Wed 26 Apr 2023 09:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 89.117.214.0/24 maxlen: 24
86.38.191.0/24 maxlen: 24
89.117.251.0/24 maxlen: 24
86.38.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:db:9b:6a:8e:69:43:7e:b8:03:60:1b:a8:ad:e4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Apr 26 09:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7b1a66c410e0cc8d759e48392a11142c7610174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:79:54:0f:60:65:6f:d0:bf:7f:c6:34:13:2d:
81:c0:3e:ba:a3:9c:b6:a0:36:45:39:11:64:eb:8c:
03:95:c1:83:d7:c1:18:88:93:33:1f:52:be:4c:bc:
a8:12:4d:ca:87:65:4a:06:b9:a2:5e:1c:71:24:1e:
bf:78:f4:0e:8b:c5:19:a9:3a:37:92:9b:0f:6e:83:
76:90:a3:7e:87:a8:d4:b6:19:7f:5f:2b:b4:c5:c0:
cc:04:9d:10:6a:65:c5:af:29:6d:72:4c:da:45:a2:
0b:cb:1b:b3:be:51:25:41:3e:97:29:f2:c8:c0:d5:
e7:4d:6b:7e:39:82:0a:35:3c:8f:32:f3:04:93:9d:
04:13:d4:bd:56:e3:5c:f0:5e:12:98:8c:86:b8:61:
ce:79:78:5f:a0:4f:0d:d0:28:c6:66:a4:81:a0:25:
4c:6c:8c:fe:cb:3e:ce:4b:c3:b6:cf:fc:4b:5b:e3:
6a:d8:dd:0d:d7:b7:98:6e:5d:84:26:75:f0:05:b5:
8d:90:22:0c:ec:ab:d3:9d:07:45:98:27:fe:75:0a:
58:36:24:f2:49:59:6a:73:1e:02:f6:8c:6b:99:b8:
ea:54:b1:94:08:cc:94:71:47:e3:3d:2b:62:68:db:
52:bb:86:3f:0f:8d:f3:46:5f:b1:ed:6e:fc:d9:a0:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B1:A6:6C:41:0E:0C:C8:D7:59:E4:83:92:A1:11:42:C7:61:01:74
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/p7GmbEEODMjXWeSDkqERQsdhAXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.191.0/24
86.38.224.0/24
89.117.214.0/24
89.117.251.0/24
Signature Algorithm: sha256WithRSAEncryption
39:ad:c8:24:69:e2:72:10:dd:53:15:8f:07:9d:08:bd:bd:7b:
33:1c:61:b9:3a:ef:1d:be:33:a3:97:6b:dc:3d:ce:00:c3:b2:
f9:9e:33:fb:d5:56:62:22:d4:f1:08:d5:85:70:e8:f8:ea:3e:
f2:88:2b:da:08:2d:dc:2b:59:49:d9:fb:a3:92:22:cd:dd:cc:
08:9b:2e:09:26:69:05:c8:9d:14:06:06:cf:b2:b8:0d:dd:d4:
7d:33:29:65:d1:49:d2:d0:c9:2b:4f:2c:ad:9d:ac:11:c7:1d:
2b:65:35:21:37:3b:ec:66:f9:63:c6:d2:05:0f:5a:1e:92:de:
e9:48:b6:5d:ec:ac:c0:f7:a3:8a:bd:38:78:59:af:03:e1:81:
f1:a4:cc:4d:3b:7f:91:f4:88:4c:67:f7:49:63:f3:4d:b2:e5:
df:4d:25:7f:79:29:a1:6b:2b:c4:99:45:47:e1:56:65:56:71:
e5:73:14:3e:2d:05:47:b4:77:01:7e:7c:ed:db:d5:4a:6f:58:
b4:ad:cd:c7:a0:12:bc:07:2f:78:b0:a9:ab:82:3d:ec:13:c1:
51:07:b7:13:4f:5e:5b:17:0a:27:a7:b0:e2:db:53:8c:78:5e:
89:d7:a4:3f:68:9b:c5:0c:57:23:50:ed:b1:e9:92:be:14:8e:
7c:ea:93:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe825tqjmlDfrgDYBuoreR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMwNDI2MDkxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2IxYTY2YzQxMGUwY2M4ZDc1OWU0ODM5MmExMTE0MmM3NjEwMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXlUD2Blb9C/f8Y0Ey2BwD66o5y2
oDZFORFk64wDlcGD18EYiJMzH1K+TLyoEk3Kh2VKBrmiXhxxJB6/ePQOi8UZqTo3
kpsPboN2kKN+h6jUthl/Xyu0xcDMBJ0QamXFryltckzaRaILyxuzvlElQT6XKfLI
wNXnTWt+OYIKNTyPMvMEk50EE9S9VuNc8F4SmIyGuGHOeXhfoE8N0CjGZqSBoCVM
bIz+yz7OS8O2z/xLW+Nq2N0N17eYbl2EJnXwBbWNkCIM7KvTnQdFmCf+dQpYNiTy
SVlqcx4C9oxrmbjqVLGUCMyUcUfjPStiaNtSu4Y/D43zRl+x7W782aBCDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKexpmxBDgzI11nkg5KhEULHYQF0MB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvcDdHbWJFRU9ETWpYV2VTRGtxRVJRc2RoQVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVia/AwQA
VibgAwQAWXXWAwQAWXX7MA0GCSqGSIb3DQEBCwUAA4IBAQA5rcgkaeJyEN1TFY8H
nQi9vXszHGG5Ou8dvjOjl2vcPc4Aw7L5njP71VZiItTxCNWFcOj46j7yiCvaCC3c
K1lJ2fujkiLN3cwImy4JJmkFyJ0UBgbPsrgN3dR9Myll0UnS0MkrTyytnawRxx0r
ZTUhNzvsZvljxtIFD1oekt7pSLZd7KzA96OKvTh4Wa8D4YHxpMxNO3+R9IhMZ/dJ
Y/NNsuXfTSV/eSmhayvEmUVH4VZlVnHlcxQ+LQVHtHcBfnzt29VKb1i0rc3HoBK8
By94sKmrgj3sE8FRB7cTT15bFwonp7Di21OMeF6J16Q/aJvFDFcjUO2x6ZK+FI58
6pM8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:35 2025 by rpki-client