Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/7heC61NtQoMcpuhj_ZjE2RH5xUk.roa
File: 7heC61NtQoMcpuhj_ZjE2RH5xUk.roa (raw, json)
Hash identifier: 9n2osY0Zh0YOvne11Off7803igcpZJUc8/cMI8UdihQ=
Subject key identifier: EE:17:82:EB:53:6D:42:83:1C:A6:E8:63:FD:98:C4:D9:11:F9:C5:49
Certificate issuer: /CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Certificate serial: 01942444D18D56B064B5BFCECAF55430A6FE
Authority key identifier: 28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/7heC61NtQoMcpuhj_ZjE2RH5xUk.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3170
IP address blocks: 91.218.58.0/24 maxlen: 24
92.60.44.0/22 maxlen: 24
2a07:f1c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d1:8d:56:b0:64:b5:bf:ce:ca:f5:54:30:a6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee1782eb536d42831ca6e863fd98c4d911f9c549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:81:5d:85:c9:c2:d0:14:07:a4:f9:7b:59:55:
3e:ae:83:70:5b:d4:52:a8:d0:d7:af:c0:f5:78:17:
8f:39:17:67:4d:da:46:90:c4:58:3e:ae:0c:b1:69:
f4:54:75:5f:98:f7:f7:b0:c0:4f:a6:f1:4c:69:c1:
98:ce:0d:d4:d6:80:ae:8f:19:66:60:ba:ec:2d:5e:
06:83:91:52:f4:64:75:43:2b:b8:a7:d0:91:9e:f4:
29:f2:c1:a0:9e:c6:3c:ab:2e:13:84:bd:18:b9:8b:
ca:e7:66:ed:da:a7:7d:8d:5c:c6:ec:3a:e5:0e:51:
a5:70:2a:43:c8:a2:13:6e:2d:e5:94:69:ae:53:92:
cf:42:1a:67:36:e7:65:f3:39:cc:a5:1a:ec:e3:16:
d1:44:29:c1:55:70:1a:ce:ff:b0:a5:53:ed:01:df:
a2:07:c3:01:fe:cb:35:00:20:c7:cc:5d:47:45:38:
9b:3a:fa:c7:e4:ba:0a:9a:15:1e:7f:12:3d:5c:eb:
9c:b2:ac:dc:9f:3d:bb:46:36:cf:cf:63:0f:2f:2d:
15:47:5c:18:a8:72:80:b1:77:5e:36:e9:33:e7:d4:
63:98:f4:6a:d0:f5:18:18:24:a3:93:c0:d7:2e:12:
8f:02:77:a0:49:c9:da:6a:8a:78:ec:88:8e:dc:d8:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:17:82:EB:53:6D:42:83:1C:A6:E8:63:FD:98:C4:D9:11:F9:C5:49
X509v3 Authority Key Identifier:
keyid:28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/7heC61NtQoMcpuhj_ZjE2RH5xUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.58.0/24
92.60.44.0/22
IPv6:
2a07:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:ba:80:ff:70:75:f9:e6:76:81:a7:05:ec:0a:37:30:12:ab:
06:4f:d7:8a:66:3b:ca:ec:83:dc:9e:25:d5:14:c0:76:8f:3c:
be:86:2c:97:3f:6e:cb:8b:d9:12:f2:f3:43:b3:12:64:38:54:
56:0f:02:a8:91:09:a3:95:93:f3:75:61:0c:dc:3c:68:ce:a7:
17:9f:6d:0b:8d:cf:eb:45:70:bd:3c:b9:30:7e:aa:91:a4:c2:
a9:fa:4d:ca:80:46:87:81:b1:17:90:63:45:dc:17:a7:1a:bf:
a4:d7:e0:8c:6c:0b:ab:db:8c:91:14:41:f6:69:31:bf:b6:47:
a4:8b:08:7d:9f:da:e1:23:4b:90:a5:96:01:9f:9e:2f:cc:3f:
aa:3f:12:07:0e:84:bf:b4:c6:98:58:ca:ef:80:41:43:18:40:
3c:27:86:92:dc:da:f5:bd:f3:72:0f:95:85:a4:5e:b8:05:ee:
b8:4b:31:80:d9:9c:f1:37:2d:c4:98:d4:d1:35:fb:6b:bf:79:
3f:21:48:3d:17:05:eb:29:b0:56:d2:f8:1b:5d:bc:a2:dd:82:
31:fe:68:ff:79:ac:96:56:53:a5:4c:f8:04:9e:39:cc:2d:f3:
6a:fa:b0:cd:7e:94:ac:73:a0:c0:87:fe:d3:dc:d7:06:2c:6b:
ad:5f:95:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRNGNVrBktb/OyvVUMKb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWM5ZWRkMjQwYmZjNDUyMGNlMGJjOWIyNDU5NjNkMjRl
MmJmZTIwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE3ODJlYjUzNmQ0MjgzMWNhNmU4NjNmZDk4YzRkOTExZjljNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4FdhcnC0BQHpPl7WVU+roNwW9RS
qNDXr8D1eBePORdnTdpGkMRYPq4MsWn0VHVfmPf3sMBPpvFMacGYzg3U1oCujxlm
YLrsLV4Gg5FS9GR1Qyu4p9CRnvQp8sGgnsY8qy4ThL0YuYvK52bt2qd9jVzG7Drl
DlGlcCpDyKITbi3llGmuU5LPQhpnNudl8znMpRrs4xbRRCnBVXAazv+wpVPtAd+i
B8MB/ss1ACDHzF1HRTibOvrH5LoKmhUefxI9XOucsqzcnz27RjbPz2MPLy0VR1wY
qHKAsXdeNukz59RjmPRq0PUYGCSjk8DXLhKPAnegScnaaop47IiO3Nj+LwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO4XgutTbUKDHKboY/2YxNkR+cVJMB8GA1UdIwQY
MBaAFCisnt0kC/xFIM4LybJFlj0k4r/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUt
ODVhNTM0ZjE4MGZkLzEvN2hlQzYxTnRRb01jcHVoal9aakUyUkg1eFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUtODVhNTM0ZjE4MGZk
LzEvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9o6AwQC
XDwsMA0EAgACMAcDBQMqB/HAMA0GCSqGSIb3DQEBCwUAA4IBAQABuoD/cHX55naB
pwXsCjcwEqsGT9eKZjvK7IPcniXVFMB2jzy+hiyXP27Li9kS8vNDsxJkOFRWDwKo
kQmjlZPzdWEM3DxozqcXn20Ljc/rRXC9PLkwfqqRpMKp+k3KgEaHgbEXkGNF3Ben
Gr+k1+CMbAur24yRFEH2aTG/tkekiwh9n9rhI0uQpZYBn54vzD+qPxIHDoS/tMaY
WMrvgEFDGEA8J4aS3Nr1vfNyD5WFpF64Be64SzGA2ZzxNy3EmNTRNftrv3k/IUg9
FwXrKbBW0vgbXbyi3YIx/mj/eayWVlOlTPgEnjnMLfNq+rDNfpSsc6DAh/7T3NcG
LGutX5U/
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:56:58 2025 by rpki-client