Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7NEady21bCNKCIoFNy3mN-pavq8.roa
File: 7NEady21bCNKCIoFNy3mN-pavq8.roa (raw, json)
Hash identifier: bzzIlZVda2VK3W00DpRuW1cgRLtDIeh+eKTkmx0sAOU=
Subject key identifier: EC:D1:1A:77:2D:B5:6C:23:4A:08:8A:05:37:2D:E6:37:EA:5A:BE:AF
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6C80343CBA8F53A6781C90DF6BEEC
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7NEady21bCNKCIoFNy3mN-pavq8.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199707
IP address blocks: 89.34.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c8:03:43:cb:a8:f5:3a:67:81:c9:0d:f6:be:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecd11a772db56c234a088a05372de637ea5abeaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:33:5c:60:20:bd:08:5b:23:63:09:57:f3:55:
72:4d:c2:53:f3:20:5f:9b:a5:f6:c1:da:bd:cf:59:
46:87:f9:6a:67:7a:69:10:57:af:0b:5c:db:3a:7b:
b1:d9:f1:3e:b3:5a:34:ff:46:ab:0b:9a:e2:5e:3a:
79:07:78:9e:e2:e6:14:db:1d:ca:59:22:06:56:1e:
09:58:54:3d:57:28:2c:68:f9:f0:49:aa:e9:e6:3a:
25:c8:16:a2:95:7a:ea:f1:a2:a9:5e:2f:66:ae:79:
fd:08:84:59:ed:19:2b:22:af:e8:da:8c:bb:26:7c:
82:2b:40:74:2d:f0:18:97:92:bd:2c:89:04:0b:bd:
99:b4:30:5f:4b:4f:d5:44:ba:70:a9:74:ae:24:76:
44:90:c3:ba:a8:aa:1c:cb:6e:5d:87:5a:d5:47:4b:
fe:72:b5:d1:7e:b6:1d:41:9b:f0:79:d1:d7:27:88:
d2:be:d5:c7:09:e3:1e:53:d9:02:c6:b1:66:c4:2b:
3c:04:99:66:99:a9:e4:47:ab:de:dc:a6:ec:a7:37:
5f:50:66:99:77:da:20:3e:39:f9:05:83:55:2b:08:
18:0d:20:7b:e7:a3:94:57:e5:9a:cf:ca:61:f5:5a:
fb:46:db:e4:2d:d5:6f:95:ff:2f:8f:36:0e:fe:e8:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D1:1A:77:2D:B5:6C:23:4A:08:8A:05:37:2D:E6:37:EA:5A:BE:AF
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7NEady21bCNKCIoFNy3mN-pavq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.227.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:96:5b:30:b5:06:b0:36:b2:1a:37:5f:17:76:6e:98:b6:03:
3d:52:bc:76:8a:f9:c1:91:62:1d:57:bb:6b:eb:dc:30:f8:dc:
88:a7:5c:28:df:fe:d9:ed:8d:ca:0b:10:4e:0c:c4:63:d6:ae:
14:42:4b:e9:3e:e1:d9:f8:57:6b:0d:60:0a:1a:a9:8c:28:12:
9d:4d:8f:8b:30:92:66:6a:50:26:ac:81:f4:81:68:75:15:08:
7b:60:3c:e4:6a:f8:05:3f:ad:6c:b5:90:d2:a5:83:b6:ff:73:
6f:1e:bc:0b:a1:4e:d6:db:38:ab:1c:66:02:70:b9:62:ec:21:
7b:94:bd:fe:07:01:a1:94:f2:05:e9:62:0e:59:bd:57:e2:b8:
04:d5:96:dd:40:e6:86:08:ef:97:ae:8e:d5:77:37:83:0e:6a:
14:02:fd:49:89:bd:f9:d2:4a:30:77:e4:7c:4a:29:b2:5a:80:
93:4b:13:d6:15:05:89:12:7e:bc:fe:ff:5f:02:44:37:5f:c1:
13:83:cf:28:46:47:a1:25:ea:61:35:86:81:a6:e5:5c:12:56:
cb:36:43:01:c5:20:1e:6b:d1:f3:7d:ae:de:34:7b:0d:c1:4e:
cb:66:4d:f6:33:d9:55:29:36:c6:86:a4:be:2a:2e:70:c5:5c:
9e:80:3e:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sgDQ8uo9TpngckN9r7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2QxMWE3NzJkYjU2YzIzNGEwODhhMDUzNzJkZTYzN2VhNWFiZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDNcYCC9CFsjYwlX81VyTcJT8yBf
m6X2wdq9z1lGh/lqZ3ppEFevC1zbOnux2fE+s1o0/0arC5riXjp5B3ie4uYU2x3K
WSIGVh4JWFQ9VygsaPnwSarp5jolyBailXrq8aKpXi9mrnn9CIRZ7RkrIq/o2oy7
JnyCK0B0LfAYl5K9LIkEC72ZtDBfS0/VRLpwqXSuJHZEkMO6qKocy25dh1rVR0v+
crXRfrYdQZvwedHXJ4jSvtXHCeMeU9kCxrFmxCs8BJlmmankR6ve3KbspzdfUGaZ
d9ogPjn5BYNVKwgYDSB756OUV+Waz8ph9Vr7RtvkLdVvlf8vjzYO/uhR+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzRGncttWwjSgiKBTct5jfqWr6vMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvN05FYWR5MjFiQ05LQ0lvRk55M21OLXBhdnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSLjMA0G
CSqGSIb3DQEBCwUAA4IBAQBfllswtQawNrIaN18Xdm6YtgM9Urx2ivnBkWIdV7tr
69ww+NyIp1wo3/7Z7Y3KCxBODMRj1q4UQkvpPuHZ+FdrDWAKGqmMKBKdTY+LMJJm
alAmrIH0gWh1FQh7YDzkavgFP61stZDSpYO2/3NvHrwLoU7W2zirHGYCcLli7CF7
lL3+BwGhlPIF6WIOWb1X4rgE1ZbdQOaGCO+Xro7VdzeDDmoUAv1Jib350kowd+R8
SimyWoCTSxPWFQWJEn68/v9fAkQ3X8ETg88oRkehJephNYaBpuVcElbLNkMBxSAe
a9Hzfa7eNHsNwU7LZk32M9lVKTbGhqS+Ki5wxVyegD6v
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:25:59 2025 by rpki-client