Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/h7iUVsathfWiZn6MUEREGc5Lrns.roa
File: h7iUVsathfWiZn6MUEREGc5Lrns.roa (raw, json)
Hash identifier: 6VmzPFIIIU0V6MlQJOV1H1bykzKrpknx8IQ1i3Vq0eM=
Subject key identifier: 87:B8:94:56:C6:AD:85:F5:A2:66:7E:8C:50:44:44:19:CE:4B:AE:7B
Certificate issuer: /CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Certificate serial: 0195468602F88A5ED4352121C8D6DA3C4A9B
Authority key identifier: AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/h7iUVsathfWiZn6MUEREGc5Lrns.roa
Signing time: Thu 27 Feb 2025 08:29:02 +0000
ROA not before: Thu 27 Feb 2025 08:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47810
IP address blocks: 91.208.144.0/24 maxlen: 24
91.212.213.0/24 maxlen: 24
91.239.206.0/23 maxlen: 23
185.163.201.0/24 maxlen: 24
185.163.202.0/23 maxlen: 23
195.54.178.0/23 maxlen: 23
2a0a:4400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:86:02:f8:8a:5e:d4:35:21:21:c8:d6:da:3c:4a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa679589c1c48897d09b2d4fed7a66044a876ea3
Validity
Not Before: Feb 27 08:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87b89456c6ad85f5a2667e8c50444419ce4bae7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:82:86:3e:3a:66:85:b4:97:2f:9d:25:7a:ca:
68:f9:05:8c:64:95:ca:7c:ff:96:70:7f:4c:d3:ef:
81:be:49:59:bb:ec:5e:e7:12:d5:8f:e7:64:36:9c:
c0:0d:3e:50:01:35:94:94:af:7e:91:5e:4e:d4:e7:
24:39:ba:18:69:15:e7:87:8b:70:b0:07:4f:1b:5e:
a6:ed:d2:51:fb:8f:1e:76:e2:1a:14:77:5c:8e:6e:
5d:6e:25:88:bf:2b:ad:8a:1f:e2:f8:62:13:82:5e:
37:ed:6c:2f:e4:4e:80:c0:fe:f2:70:6d:1e:1c:3e:
01:36:4a:4a:55:f2:ff:e5:05:6a:34:f6:89:0d:5f:
3b:e3:e1:4d:d1:1b:f3:78:7a:a6:18:5c:a9:08:83:
19:be:22:d7:5f:02:a3:a4:0c:12:98:b9:8f:d2:2e:
10:ad:d0:06:97:fc:f9:b1:cb:51:26:67:34:cb:37:
80:c7:6e:22:da:23:43:aa:b3:25:7f:91:58:34:a6:
00:08:65:3b:2a:df:1d:cf:5f:56:df:9a:93:b5:6d:
d7:52:47:51:f5:8c:55:ab:05:09:b7:84:47:7b:1e:
dc:fa:b1:7a:e8:39:1b:a6:1f:d2:86:e5:b0:ea:4d:
d0:bc:77:1a:11:81:62:88:ee:d8:57:04:3f:e5:a6:
a6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B8:94:56:C6:AD:85:F5:A2:66:7E:8C:50:44:44:19:CE:4B:AE:7B
X509v3 Authority Key Identifier:
keyid:AA:67:95:89:C1:C4:88:97:D0:9B:2D:4F:ED:7A:66:04:4A:87:6E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmeVicHEiJfQmy1P7XpmBEqHbqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/h7iUVsathfWiZn6MUEREGc5Lrns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/008f91-aee3-4408-8393-14b76b76f2bb/1/qmeVicHEiJfQmy1P7XpmBEqHbqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.144.0/24
91.212.213.0/24
91.239.206.0/23
185.163.201.0-185.163.203.255
195.54.178.0/23
IPv6:
2a0a:4400::/29
Signature Algorithm: sha256WithRSAEncryption
28:d0:cb:4e:8e:37:db:1d:01:d4:6f:8e:90:d6:80:87:4d:8b:
40:57:16:fc:8f:5e:ce:20:85:4c:b0:6a:a9:ac:c8:a7:a9:75:
3b:6e:0a:c8:02:b9:f0:9e:d8:29:b4:ca:1f:36:77:7c:95:b4:
67:3a:99:23:17:00:74:95:7a:18:51:9e:98:32:a5:43:94:9f:
00:35:63:bd:c8:97:eb:c0:3b:82:44:22:5c:a0:2c:91:e5:e9:
13:d1:d1:1f:11:ae:2f:8a:34:a2:43:0b:ee:4f:60:2c:87:28:
5d:85:55:1e:fd:69:05:18:05:62:94:f5:c5:45:62:29:e1:e4:
4d:53:9d:1d:e9:98:55:56:8b:fa:40:9f:07:e5:d0:bf:2d:04:
46:0e:25:75:d1:9a:65:25:27:21:de:1a:a6:28:24:3a:fd:32:
0d:dd:c8:6f:fc:a1:17:3c:18:19:c9:18:25:7f:59:bf:c3:32:
08:e0:c0:1c:7b:69:83:8f:13:59:f2:e6:b0:53:7e:8b:12:ff:
c4:10:2e:b0:ea:e6:a0:4c:05:16:56:e0:67:3d:30:3a:b0:f5:
3c:b2:4f:aa:12:97:73:77:75:59:46:5c:49:52:5b:56:52:e4:
7c:9f:a2:2a:91:5d:d8:c2:6b:54:c8:26:49:91:10:90:6c:a9:
c1:e4:d0:3c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZVGhgL4il7UNSEhyNbaPEqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNjc5NTg5YzFjNDg4OTdkMDliMmQ0ZmVkN2E2NjA0NGE4
NzZlYTMwHhcNMjUwMjI3MDgyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I4OTQ1NmM2YWQ4NWY1YTI2NjdlOGM1MDQ0NDQxOWNlNGJhZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoKGPjpmhbSXL50lespo+QWMZJXK
fP+WcH9M0++BvklZu+xe5xLVj+dkNpzADT5QATWUlK9+kV5O1OckOboYaRXnh4tw
sAdPG16m7dJR+48eduIaFHdcjm5dbiWIvyutih/i+GITgl437Wwv5E6AwP7ycG0e
HD4BNkpKVfL/5QVqNPaJDV874+FN0RvzeHqmGFypCIMZviLXXwKjpAwSmLmP0i4Q
rdAGl/z5sctRJmc0yzeAx24i2iNDqrMlf5FYNKYACGU7Kt8dz19W35qTtW3XUkdR
9YxVqwUJt4RHex7c+rF66Dkbph/ShuWw6k3QvHcaEYFiiO7YVwQ/5aam/QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIe4lFbGrYX1omZ+jFBERBnOS657MB8GA1UdIwQY
MBaAFKpnlYnBxIiX0JstT+16ZgRKh26jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMt
MTRiNzZiNzZmMmJiLzEvaDdpVVZzYXRoZldpWm42TVVFUkVHYzVMcm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wMDhmOTEtYWVlMy00NDA4LTgzOTMtMTRiNzZiNzZmMmJi
LzEvcW1lVmljSEVpSmZRbXkxUDdYcG1CRXFIYnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAW9CQAwQA
W9TVAwQBW+/OMAwDBAC5o8kDBAK5o8gDBAHDNrIwDQQCAAIwBwMFAyoKRAAwDQYJ
KoZIhvcNAQELBQADggEBACjQy06ON9sdAdRvjpDWgIdNi0BXFvyPXs4ghUywaqms
yKepdTtuCsgCufCe2Cm0yh82d3yVtGc6mSMXAHSVehhRnpgypUOUnwA1Y73Il+vA
O4JEIlygLJHl6RPR0R8Rri+KNKJDC+5PYCyHKF2FVR79aQUYBWKU9cVFYinh5E1T
nR3pmFVWi/pAnwfl0L8tBEYOJXXRmmUlJyHeGqYoJDr9Mg3dyG/8oRc8GBnJGCV/
Wb/DMgjgwBx7aYOPE1ny5rBTfosS/8QQLrDq5qBMBRZW4Gc9MDqw9TyyT6oSl3N3
dVlGXElSW1ZS5HyfoiqRXdjCa1TIJkmREJBsqcHk0Dw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:07 2025 by rpki-client