Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/nGtIZ1A0r3xiykXpIIhUDVqM2rM.roa
File: nGtIZ1A0r3xiykXpIIhUDVqM2rM.roa (raw, json)
Hash identifier: GlsG6Os9dw7nPxzZGJzrKgTYWqeKyXt9Ngu3pmbbKe4=
Subject key identifier: 9C:6B:48:67:50:34:AF:7C:62:CA:45:E9:20:88:54:0D:5A:8C:DA:B3
Certificate issuer: /CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
Certificate serial: 0194228D59BE2BBB2AE1D74143DB0867FF30
Authority key identifier: 7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/nGtIZ1A0r3xiykXpIIhUDVqM2rM.roa
Signing time: Wed 01 Jan 2025 15:47:56 +0000
ROA not before: Wed 01 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20853
IP address blocks: 91.224.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:59:be:2b:bb:2a:e1:d7:41:43:db:08:67:ff:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
Validity
Not Before: Jan 1 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c6b48675034af7c62ca45e92088540d5a8cdab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:74:3c:5a:d1:80:30:bc:42:ec:b3:b8:ab:dd:
6c:18:66:67:7c:18:19:27:44:3d:d3:09:8a:1f:fa:
0c:08:89:6d:91:1f:56:9b:31:cd:dd:3f:de:7f:49:
10:4b:cc:1f:58:53:fd:a6:19:b3:45:8a:5f:8d:53:
e2:b2:1b:e9:35:02:d1:2b:45:d1:14:d6:a6:23:20:
49:9e:38:c2:b1:2b:a9:a7:67:52:d4:ec:f6:96:76:
ad:19:0b:14:f9:9b:23:3f:9f:d6:7e:c7:66:c3:b2:
04:aa:06:12:40:c0:a2:d3:86:4f:88:25:06:60:5e:
92:d3:fc:ba:90:a5:57:ae:ce:6f:16:88:2d:ba:4c:
af:8f:af:e7:c5:aa:9d:c0:64:1d:bf:66:04:74:45:
2d:de:72:f2:02:0c:60:dc:42:3c:9d:d8:11:cf:cd:
99:34:ba:0b:15:2b:8a:d2:8f:9e:98:df:33:d1:a3:
f8:b1:d7:81:f2:16:2b:d7:94:50:6b:b4:1e:7e:cb:
4a:b0:c1:dc:8e:6d:0b:50:eb:5a:ed:6e:ed:bc:d9:
1d:72:f3:ff:4a:9d:3b:a0:71:15:be:b1:d8:54:06:
a0:07:85:8f:8a:f1:5f:aa:69:a8:96:9d:57:1c:2e:
35:90:fb:d8:26:0d:98:ce:cc:51:9c:48:74:20:03:
a5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6B:48:67:50:34:AF:7C:62:CA:45:E9:20:88:54:0D:5A:8C:DA:B3
X509v3 Authority Key Identifier:
keyid:7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/nGtIZ1A0r3xiykXpIIhUDVqM2rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e1:67:89:c8:77:6d:29:9b:d3:79:07:47:42:ca:e5:db:2b:
dc:40:81:c4:31:83:05:dc:9d:55:3e:36:bf:e4:5e:37:10:cc:
82:f8:cb:c6:e4:8f:c8:3c:0f:8a:23:3a:64:49:eb:05:fa:33:
d3:f3:77:74:07:a8:2d:ef:81:e8:0c:b5:e3:c8:d5:5e:2e:c0:
97:7f:27:0e:3b:1e:1a:b1:ea:af:b0:98:f3:98:35:be:a6:6a:
10:0f:fb:60:98:a3:88:89:dc:c6:44:3a:3e:81:74:aa:81:53:
ab:db:bd:cc:94:b4:7e:0d:01:a4:8e:36:80:35:a2:58:50:47:
bf:9f:2c:f7:cb:22:9a:a8:f8:4e:bf:3e:6d:e0:3f:e3:53:9e:
06:9c:d7:ad:1a:7f:81:8b:bd:4f:b6:70:f5:f0:f8:13:3b:5d:
f3:c1:81:f3:2d:7b:85:f8:e4:0b:89:9f:d9:e6:0a:04:50:e3:
f3:ab:1e:d7:f9:04:4c:f0:9c:ee:e3:94:3a:ca:5d:11:05:84:
d5:5c:7a:c5:f7:ac:93:14:63:00:52:0d:97:68:87:2d:ce:e2:
3e:93:8d:fe:83:1f:a3:8e:99:9b:4f:8c:55:88:e3:ad:3e:fe:
01:03:e5:f1:00:96:61:87:87:13:85:ac:65:73:f2:a9:d8:c0:
b7:35:45:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijVm+K7sq4ddBQ9sIZ/8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTBlZTIyODA3MzMyOGEyYzIwODFjYmIyYTk2Y2QxMjY0
ZGJlZjEwHhcNMjUwMTAxMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzZiNDg2NzUwMzRhZjdjNjJjYTQ1ZTkyMDg4NTQwZDVhOGNkYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Q8WtGAMLxC7LO4q91sGGZnfBgZ
J0Q90wmKH/oMCIltkR9WmzHN3T/ef0kQS8wfWFP9phmzRYpfjVPishvpNQLRK0XR
FNamIyBJnjjCsSupp2dS1Oz2lnatGQsU+ZsjP5/Wfsdmw7IEqgYSQMCi04ZPiCUG
YF6S0/y6kKVXrs5vFogtukyvj6/nxaqdwGQdv2YEdEUt3nLyAgxg3EI8ndgRz82Z
NLoLFSuK0o+emN8z0aP4sdeB8hYr15RQa7QefstKsMHcjm0LUOta7W7tvNkdcvP/
Sp07oHEVvrHYVAagB4WPivFfqmmolp1XHC41kPvYJg2YzsxRnEh0IAOloQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxrSGdQNK98YspF6SCIVA1ajNqzMB8GA1UdIwQY
MBaAFHoQ7iKAczKKLCCBy7KpbNEmTb7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMt
NzZlMDdhNTc3ZTRkLzEvbkd0SVoxQTByM3hpeWtYcElJaFVEVnFNMnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMtNzZlMDdhNTc3ZTRk
LzEvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+B1MA0G
CSqGSIb3DQEBCwUAA4IBAQB94WeJyHdtKZvTeQdHQsrl2yvcQIHEMYMF3J1VPja/
5F43EMyC+MvG5I/IPA+KIzpkSesF+jPT83d0B6gt74HoDLXjyNVeLsCXfycOOx4a
seqvsJjzmDW+pmoQD/tgmKOIidzGRDo+gXSqgVOr273MlLR+DQGkjjaANaJYUEe/
nyz3yyKaqPhOvz5t4D/jU54GnNetGn+Bi71PtnD18PgTO13zwYHzLXuF+OQLiZ/Z
5goEUOPzqx7X+QRM8Jzu45Q6yl0RBYTVXHrF96yTFGMAUg2XaIctzuI+k43+gx+j
jpmbT4xViOOtPv4BA+XxAJZhh4cThaxlc/Kp2MC3NUUI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:13 2025 by rpki-client