Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/387720-5784-4e03-813c-13b290750fb9/1/h7eLMCHte9yG-YlFcanGWeY98cc.roa
File: h7eLMCHte9yG-YlFcanGWeY98cc.roa (raw, json)
Hash identifier: XK6lpwQoOO2MYAb/MpQPPdSt14GbrWEwi/jo8t+GYvc=
Subject key identifier: 87:B7:8B:30:21:ED:7B:DC:86:F9:89:45:71:A9:C6:59:E6:3D:F1:C7
Certificate issuer: /CN=a5e0b94f0b4e4c846ef9cf27cdc88110876b1cf3
Certificate serial: 019422FC4B5F61DF8458C2CAE5E621660BB8
Authority key identifier: A5:E0:B9:4F:0B:4E:4C:84:6E:F9:CF:27:CD:C8:81:10:87:6B:1C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/peC5TwtOTIRu-c8nzciBEIdrHPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/387720-5784-4e03-813c-13b290750fb9/1/h7eLMCHte9yG-YlFcanGWeY98cc.roa
Signing time: Wed 01 Jan 2025 17:49:07 +0000
ROA not before: Wed 01 Jan 2025 17:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30781
IP address blocks: 194.117.244.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4b:5f:61:df:84:58:c2:ca:e5:e6:21:66:0b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5e0b94f0b4e4c846ef9cf27cdc88110876b1cf3
Validity
Not Before: Jan 1 17:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87b78b3021ed7bdc86f9894571a9c659e63df1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c1:67:48:97:95:ba:50:02:72:14:85:af:6b:
88:9b:57:d8:c8:80:32:7d:7d:ae:6b:39:bc:45:cb:
b2:1d:59:68:2b:39:2b:84:9f:62:ef:ae:70:ac:e0:
0a:9e:40:04:ba:31:9a:e4:bf:f1:36:0e:e1:4b:91:
8d:89:eb:ab:5d:ed:c2:c4:03:e2:ad:13:9a:68:19:
94:98:48:56:d6:67:37:00:48:a1:ad:99:be:ba:1e:
06:b2:31:aa:6e:21:6b:e0:53:84:78:f1:6c:8a:3b:
55:dc:4b:40:a1:35:3e:42:ed:77:d1:f3:5f:7a:7d:
90:36:e4:52:e7:e3:8f:42:37:ce:0e:c2:ef:94:6a:
87:79:fe:87:0b:d2:d0:14:df:18:d8:62:dd:0d:4f:
65:40:d1:37:aa:8d:8f:6b:70:03:c1:1d:0d:79:d2:
89:7a:92:7c:3f:33:a9:0b:d8:c7:bd:88:1b:f7:04:
db:42:0c:37:0b:af:ce:99:55:d5:bf:4e:6a:dc:52:
b6:9d:ab:b1:33:b9:e4:e7:59:a8:18:2e:9d:19:76:
ec:d2:17:c8:a8:f7:c6:08:d7:84:07:3b:38:b0:24:
c0:a2:7c:c8:86:1a:06:23:73:1d:16:1b:f7:e1:fc:
01:66:d5:e0:20:3e:06:97:84:9c:1a:21:3b:7f:19:
d1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B7:8B:30:21:ED:7B:DC:86:F9:89:45:71:A9:C6:59:E6:3D:F1:C7
X509v3 Authority Key Identifier:
keyid:A5:E0:B9:4F:0B:4E:4C:84:6E:F9:CF:27:CD:C8:81:10:87:6B:1C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/peC5TwtOTIRu-c8nzciBEIdrHPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/387720-5784-4e03-813c-13b290750fb9/1/h7eLMCHte9yG-YlFcanGWeY98cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/387720-5784-4e03-813c-13b290750fb9/1/peC5TwtOTIRu-c8nzciBEIdrHPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.244.0/23
Signature Algorithm: sha256WithRSAEncryption
47:5c:ec:6a:b9:b7:d6:79:86:36:0a:8e:6a:d5:56:9e:1d:43:
24:36:f5:04:b0:b8:eb:2c:86:87:e3:50:4e:86:e9:70:63:95:
be:2b:fd:98:30:38:2a:da:07:f3:bb:5f:a0:f4:9c:5e:bd:16:
0f:57:e2:a7:62:e9:b1:13:f3:e4:1a:99:c8:15:98:39:4c:2a:
76:a7:6f:44:fd:14:f5:5d:74:a2:e9:f6:73:89:52:c4:f3:26:
10:75:cc:1b:04:f7:ba:a2:4f:fb:18:75:20:33:41:f8:2a:63:
4b:b0:fc:77:4e:55:ae:d2:f3:bb:91:a7:43:b6:bb:68:e4:27:
d8:91:24:d0:8c:eb:bf:68:d5:e8:ee:f5:b0:4f:e1:82:04:36:
84:12:ba:a8:55:d2:be:d0:4b:03:eb:3a:5b:c6:80:2a:26:9b:
7e:92:d0:1a:43:ba:66:8a:31:63:c2:81:c0:95:da:af:e7:f1:
36:19:aa:1b:bd:a3:cd:f4:ed:89:a6:30:32:97:34:0d:e5:ec:
21:5b:83:fd:d4:a1:c8:a8:a6:03:81:70:8d:8d:fd:89:6d:25:
8d:b9:8b:d7:db:49:85:8a:64:76:79:22:a8:e3:0b:ab:e3:7f:
82:ff:31:a5:21:02:ca:84:52:23:58:70:13:28:51:6e:6f:db:
8c:6a:d8:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/EtfYd+EWMLK5eYhZgu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZTBiOTRmMGI0ZTRjODQ2ZWY5Y2YyN2NkYzg4MTEwODc2
YjFjZjMwHhcNMjUwMTAxMTc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I3OGIzMDIxZWQ3YmRjODZmOTg5NDU3MWE5YzY1OWU2M2RmMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18FnSJeVulACchSFr2uIm1fYyIAy
fX2uazm8RcuyHVloKzkrhJ9i765wrOAKnkAEujGa5L/xNg7hS5GNieurXe3CxAPi
rROaaBmUmEhW1mc3AEihrZm+uh4GsjGqbiFr4FOEePFsijtV3EtAoTU+Qu130fNf
en2QNuRS5+OPQjfODsLvlGqHef6HC9LQFN8Y2GLdDU9lQNE3qo2Pa3ADwR0NedKJ
epJ8PzOpC9jHvYgb9wTbQgw3C6/OmVXVv05q3FK2nauxM7nk51moGC6dGXbs0hfI
qPfGCNeEBzs4sCTAonzIhhoGI3MdFhv34fwBZtXgID4Gl4ScGiE7fxnRIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe3izAh7XvchvmJRXGpxlnmPfHHMB8GA1UdIwQY
MBaAFKXguU8LTkyEbvnPJ83IgRCHaxzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGVDNVR3dE9USVJ1LWM4bnpjaUJFSWRySFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zODc3MjAtNTc4NC00ZTAzLTgxM2Mt
MTNiMjkwNzUwZmI5LzEvaDdlTE1DSHRlOXlHLVlsRmNhbkdXZVk5OGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zODc3MjAtNTc4NC00ZTAzLTgxM2MtMTNiMjkwNzUwZmI5
LzEvcGVDNVR3dE9USVJ1LWM4bnpjaUJFSWRySFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnX0MA0G
CSqGSIb3DQEBCwUAA4IBAQBHXOxqubfWeYY2Co5q1VaeHUMkNvUEsLjrLIaH41BO
hulwY5W+K/2YMDgq2gfzu1+g9JxevRYPV+KnYumxE/PkGpnIFZg5TCp2p29E/RT1
XXSi6fZziVLE8yYQdcwbBPe6ok/7GHUgM0H4KmNLsPx3TlWu0vO7kadDtrto5CfY
kSTQjOu/aNXo7vWwT+GCBDaEErqoVdK+0EsD6zpbxoAqJpt+ktAaQ7pmijFjwoHA
ldqv5/E2GaobvaPN9O2JpjAylzQN5ewhW4P91KHIqKYDgXCNjf2JbSWNuYvX20mF
imR2eSKo4wur43+C/zGlIQLKhFIjWHATKFFub9uMatj7
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:32:28 2025 by rpki-client