Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/7IU0huufqQxYxItg8zFZPOwzYRM.roa
File: 7IU0huufqQxYxItg8zFZPOwzYRM.roa (raw, json)
Hash identifier: I4C8M2jxvU1m60xK7AT2Uz7jOA8Cd0LrtZ3lmEnNBLc=
Subject key identifier: EC:85:34:86:EB:9F:A9:0C:58:C4:8B:60:F3:31:59:3C:EC:33:61:13
Certificate issuer: /CN=7d7856c97beb97c2b386fb958c2db122c57db36c
Certificate serial: 0194221FB41D149528E32CD95873A7B15849
Authority key identifier: 7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/7IU0huufqQxYxItg8zFZPOwzYRM.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215331
IP address blocks: 84.246.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b4:1d:14:95:28:e3:2c:d9:58:73:a7:b1:58:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7856c97beb97c2b386fb958c2db122c57db36c
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec853486eb9fa90c58c48b60f331593cec336113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:2b:f1:f3:71:a0:c9:bc:c8:ad:99:96:31:
6b:6d:06:db:76:a2:dd:52:90:8f:22:40:aa:7b:29:
cd:9d:32:2c:1f:b5:97:a6:db:c5:51:38:0a:8a:19:
58:3b:de:d7:76:22:24:46:20:ee:5b:8d:fb:2c:ce:
4c:4c:f0:3e:76:66:a3:24:e1:f9:aa:03:29:cc:37:
f2:24:a4:3c:e9:64:81:10:f0:f8:7e:0e:13:8e:69:
5c:53:31:d5:03:90:f1:0d:05:5f:9e:15:3a:fe:a7:
b3:91:3e:26:4a:92:b6:6b:d5:8c:38:e0:6e:53:83:
96:bd:61:c3:f7:bd:79:36:17:b1:d3:ae:51:48:cf:
f9:b7:22:8e:14:f7:a2:2e:98:95:59:30:b5:06:e1:
72:fc:1e:94:ce:47:48:de:c7:7d:5e:1b:2b:7e:87:
61:59:ed:bb:ee:82:e3:d6:53:22:df:67:61:f7:2f:
e4:9a:3b:86:77:4d:3a:37:c4:e5:f1:a4:76:f2:da:
b2:0a:25:0c:4f:48:a5:6b:9c:9e:fe:3d:e9:1d:84:
09:4a:3a:02:f6:30:fe:63:55:90:a4:ea:53:1d:54:
2e:7d:aa:00:ef:b1:b1:5f:ae:6b:c5:34:6b:da:71:
17:dc:65:57:ed:44:06:8e:0f:bc:67:52:5b:1c:fe:
29:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:85:34:86:EB:9F:A9:0C:58:C4:8B:60:F3:31:59:3C:EC:33:61:13
X509v3 Authority Key Identifier:
keyid:7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/7IU0huufqQxYxItg8zFZPOwzYRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.135.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b7:57:73:12:bc:ff:0d:b8:af:7b:6d:12:2e:37:a7:ee:d1:
1e:5b:57:21:58:5d:a7:0d:a0:0e:bc:62:20:91:80:ea:01:1f:
bc:e3:80:58:ea:81:8c:7c:23:7c:ca:92:c7:0a:7c:63:00:57:
18:c8:e8:de:05:0c:5f:9c:e7:43:07:3c:15:09:fb:0f:a5:fa:
53:db:6e:93:1c:e5:6a:42:32:8a:9b:cd:d6:b7:8c:35:34:f9:
20:5e:39:d7:dd:c7:fd:20:7d:21:ff:59:58:ad:96:ca:ff:20:
78:1f:4d:ca:0d:e8:63:9c:11:97:ae:9f:37:03:d3:6e:e2:1e:
f1:02:0d:9b:76:e7:1a:e5:6c:76:df:90:15:41:7f:74:ee:88:
6c:88:46:f7:e5:f2:ee:22:ab:78:7d:1f:90:79:69:7f:75:9d:
23:d7:89:90:2e:e1:d9:09:d0:18:e0:bc:99:32:14:98:41:cd:
b6:2c:24:75:07:af:ee:78:cd:2e:a8:90:8e:1d:df:41:84:ea:
36:82:c6:5b:f4:4e:78:b1:fd:80:a5:e5:ba:81:34:3d:0d:f1:
92:58:c4:38:78:2c:f6:50:e1:4e:d7:9e:0e:c0:0b:79:6b:11:
6d:91:5b:31:50:8c:38:db:5f:9b:81:41:80:e3:c9:1a:db:57:
84:31:56:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7QdFJUo4yzZWHOnsVhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNzg1NmM5N2JlYjk3YzJiMzg2ZmI5NThjMmRiMTIyYzU3
ZGIzNmMwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg1MzQ4NmViOWZhOTBjNThjNDhiNjBmMzMxNTkzY2VjMzM2MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKYr8fNxoMm8yK2ZljFrbQbbdqLd
UpCPIkCqeynNnTIsH7WXptvFUTgKihlYO97XdiIkRiDuW437LM5MTPA+dmajJOH5
qgMpzDfyJKQ86WSBEPD4fg4TjmlcUzHVA5DxDQVfnhU6/qezkT4mSpK2a9WMOOBu
U4OWvWHD9715Nhex065RSM/5tyKOFPeiLpiVWTC1BuFy/B6UzkdI3sd9Xhsrfodh
We277oLj1lMi32dh9y/kmjuGd006N8Tl8aR28tqyCiUMT0ila5ye/j3pHYQJSjoC
9jD+Y1WQpOpTHVQufaoA77GxX65rxTRr2nEX3GVX7UQGjg+8Z1JbHP4pLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyFNIbrn6kMWMSLYPMxWTzsM2ETMB8GA1UdIwQY
MBaAFH14Vsl765fCs4b7lYwtsSLFfbNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEt
M2M3Mzg1NDQ0ODJlLzEvN0lVMGh1dWZxUXhZeEl0Zzh6RlpQT3d6WVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEtM2M3Mzg1NDQ0ODJl
LzEvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPaHMA0G
CSqGSIb3DQEBCwUAA4IBAQAbt1dzErz/Dbive20SLjen7tEeW1chWF2nDaAOvGIg
kYDqAR+844BY6oGMfCN8ypLHCnxjAFcYyOjeBQxfnOdDBzwVCfsPpfpT226THOVq
QjKKm83Wt4w1NPkgXjnX3cf9IH0h/1lYrZbK/yB4H03KDehjnBGXrp83A9Nu4h7x
Ag2bduca5Wx235AVQX907ohsiEb35fLuIqt4fR+QeWl/dZ0j14mQLuHZCdAY4LyZ
MhSYQc22LCR1B6/ueM0uqJCOHd9BhOo2gsZb9E54sf2ApeW6gTQ9DfGSWMQ4eCz2
UOFO154OwAt5axFtkVsxUIw421+bgUGA48ka21eEMVb5
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:02 2025 by rpki-client