Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/ehG-SCGwvd8yBJatadELhp3bH6w.roa
File: ehG-SCGwvd8yBJatadELhp3bH6w.roa (raw, json)
Hash identifier: YkiZ4YuzwJ9yzU2pKOGO15cIT4PrhxRCvMLtPrdtwoE=
Subject key identifier: 7A:11:BE:48:21:B0:BD:DF:32:04:96:AD:69:D1:0B:86:9D:DB:1F:AC
Certificate issuer: /CN=a7f09ad8aad3b3354875bbeaed05b61a54a03704
Certificate serial: 019427B408A745375C359882B7EE932FF2BB
Authority key identifier: A7:F0:9A:D8:AA:D3:B3:35:48:75:BB:EA:ED:05:B6:1A:54:A0:37:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/ehG-SCGwvd8yBJatadELhp3bH6w.roa
Signing time: Thu 02 Jan 2025 15:48:17 +0000
ROA not before: Thu 02 Jan 2025 15:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198572
IP address blocks: 195.200.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:08:a7:45:37:5c:35:98:82:b7:ee:93:2f:f2:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f09ad8aad3b3354875bbeaed05b61a54a03704
Validity
Not Before: Jan 2 15:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a11be4821b0bddf320496ad69d10b869ddb1fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:10:5a:cc:10:9a:6d:86:3b:08:70:56:12:
72:42:ce:1c:5c:9c:3e:13:81:2a:e3:87:db:71:09:
5e:03:66:e5:38:b6:2c:98:18:24:57:e9:4a:2a:80:
66:f9:ec:12:1e:6d:e4:f7:a1:09:72:ed:17:47:f6:
06:78:cb:aa:32:6c:ff:6d:a9:bf:ff:ca:06:2d:e6:
ad:36:60:76:eb:3f:7b:e4:4b:73:ee:81:75:d8:bc:
2e:f9:ae:6a:90:ba:fa:59:25:84:ac:bb:15:de:f8:
38:e6:09:62:7f:74:37:14:63:ef:6a:06:76:27:92:
ec:30:6b:2b:da:06:53:8b:bc:2d:3f:d8:60:84:cb:
58:ad:01:44:5f:41:8a:d7:0f:6b:78:fb:f0:c0:92:
35:fd:a1:64:a0:08:59:3d:15:fa:32:72:be:9c:b9:
8c:87:de:d4:81:32:03:62:93:b4:1e:4f:4b:b8:10:
8d:af:f1:15:d4:33:f8:3a:b4:9b:38:79:4c:56:f5:
fc:f0:01:b1:1b:67:12:ee:90:d6:b7:a2:e5:ec:f0:
7d:9d:78:13:fc:b3:2c:c9:7a:0e:d6:e1:46:f9:94:
22:71:4a:71:bc:8c:2f:7c:24:ae:45:33:23:ca:c5:
e3:c0:e6:f5:0a:58:be:34:68:10:03:7e:58:d8:1d:
0b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:11:BE:48:21:B0:BD:DF:32:04:96:AD:69:D1:0B:86:9D:DB:1F:AC
X509v3 Authority Key Identifier:
keyid:A7:F0:9A:D8:AA:D3:B3:35:48:75:BB:EA:ED:05:B6:1A:54:A0:37:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/ehG-SCGwvd8yBJatadELhp3bH6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d56c2f-b999-40d1-adbf-9ebd2f1ab362/1/p_Ca2KrTszVIdbvq7QW2GlSgNwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:84:57:e0:ac:4a:6b:90:27:45:40:fe:57:bf:1d:cb:7c:75:
07:21:99:72:9c:c1:9c:4a:4d:32:f0:a0:52:5f:02:0d:e5:f5:
5e:c7:cc:7f:c4:12:a9:9f:d9:41:50:3f:6d:ff:04:a4:f9:ba:
19:3a:ac:60:27:eb:96:de:2a:62:4e:a7:d5:71:85:be:6c:2d:
15:40:40:eb:6f:f1:de:ef:27:cf:ac:97:c2:a5:6a:ca:54:14:
81:d2:da:bb:ec:bd:dd:cb:f4:d1:01:4e:86:04:1f:07:9a:b4:
58:fb:5a:b9:50:64:b2:4d:d2:e5:a3:ff:a8:cc:1d:c4:44:cf:
33:04:32:cf:85:76:22:93:f0:f8:63:53:6b:8a:dd:38:56:0c:
65:39:33:7b:dd:8a:24:ae:47:f4:c4:48:e2:29:43:3c:1b:f1:
d0:a1:5d:e9:2d:b3:99:e2:95:4b:e1:2e:e5:47:c0:84:4e:b7:
6d:16:0b:cc:63:55:c4:53:68:52:da:4b:3f:82:19:62:53:5c:
07:c6:54:5e:5f:24:34:35:74:99:99:af:57:ea:61:0d:79:1d:
f5:e2:a9:5c:57:83:39:0b:cb:b7:f6:ea:f6:41:70:ab:e8:fb:
41:51:ae:25:e3:97:ec:88:37:56:1c:d2:a1:eb:a9:4e:6a:c4:
bc:1b:27:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntAinRTdcNZiCt+6TL/K7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjA5YWQ4YWFkM2IzMzU0ODc1YmJlYWVkMDViNjFhNTRh
MDM3MDQwHhcNMjUwMTAyMTU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTExYmU0ODIxYjBiZGRmMzIwNDk2YWQ2OWQxMGI4NjlkZGIxZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7UQWswQmm2GOwhwVhJyQs4cXJw+
E4Eq44fbcQleA2blOLYsmBgkV+lKKoBm+ewSHm3k96EJcu0XR/YGeMuqMmz/bam/
/8oGLeatNmB26z975Etz7oF12Lwu+a5qkLr6WSWErLsV3vg45glif3Q3FGPvagZ2
J5LsMGsr2gZTi7wtP9hghMtYrQFEX0GK1w9rePvwwJI1/aFkoAhZPRX6MnK+nLmM
h97UgTIDYpO0Hk9LuBCNr/EV1DP4OrSbOHlMVvX88AGxG2cS7pDWt6Ll7PB9nXgT
/LMsyXoO1uFG+ZQicUpxvIwvfCSuRTMjysXjwOb1Cli+NGgQA35Y2B0L8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoRvkghsL3fMgSWrWnRC4ad2x+sMB8GA1UdIwQY
MBaAFKfwmtiq07M1SHW76u0FthpUoDcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9DYTJLclRzelZJZGJ2cTdRVzJHbFNnTndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9kNTZjMmYtYjk5OS00MGQxLWFkYmYt
OWViZDJmMWFiMzYyLzEvZWhHLVNDR3d2ZDh5QkphdGFkRUxocDNiSDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9kNTZjMmYtYjk5OS00MGQxLWFkYmYtOWViZDJmMWFiMzYy
LzEvcF9DYTJLclRzelZJZGJ2cTdRVzJHbFNnTndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8jIMA0G
CSqGSIb3DQEBCwUAA4IBAQBahFfgrEprkCdFQP5Xvx3LfHUHIZlynMGcSk0y8KBS
XwIN5fVex8x/xBKpn9lBUD9t/wSk+boZOqxgJ+uW3ipiTqfVcYW+bC0VQEDrb/He
7yfPrJfCpWrKVBSB0tq77L3dy/TRAU6GBB8HmrRY+1q5UGSyTdLlo/+ozB3ERM8z
BDLPhXYik/D4Y1Nrit04VgxlOTN73Yokrkf0xEjiKUM8G/HQoV3pLbOZ4pVL4S7l
R8CETrdtFgvMY1XEU2hS2ks/ghliU1wHxlReXyQ0NXSZma9X6mENeR314qlcV4M5
C8u39ur2QXCr6PtBUa4l45fsiDdWHNKh66lOasS8GyeB
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:15 2025 by rpki-client