Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/e5b301-0c33-48b4-847b-e98ee2381146/1/7onO-XhdJCc_IRQIQVCJn8u-1wE.roa
File: 7onO-XhdJCc_IRQIQVCJn8u-1wE.roa (raw, json)
Hash identifier: sTU2wUb7RHNn6n+c6UyiV4vOHD7amsQkLEZ6q5B98dM=
Subject key identifier: EE:89:CE:F9:78:5D:24:27:3F:21:14:08:41:50:89:9F:CB:BE:D7:01
Certificate issuer: /CN=91cd4c6c1260fc9a7c894bf6abe77a6eecfec06e
Certificate serial: 0194266B2B6143D4B77F33F711CBE06658D2
Authority key identifier: 91:CD:4C:6C:12:60:FC:9A:7C:89:4B:F6:AB:E7:7A:6E:EC:FE:C0:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kc1MbBJg_Jp8iUv2q-d6buz-wG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/e5b301-0c33-48b4-847b-e98ee2381146/1/7onO-XhdJCc_IRQIQVCJn8u-1wE.roa
Signing time: Thu 02 Jan 2025 09:49:05 +0000
ROA not before: Thu 02 Jan 2025 09:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59740
IP address blocks: 185.58.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2b:61:43:d4:b7:7f:33:f7:11:cb:e0:66:58:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91cd4c6c1260fc9a7c894bf6abe77a6eecfec06e
Validity
Not Before: Jan 2 09:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee89cef9785d24273f2114084150899fcbbed701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:b2:27:07:70:84:cc:b5:86:70:f2:98:39:
9a:6d:91:53:98:73:c1:cd:35:8a:8a:7a:c2:6b:d6:
39:22:b2:31:13:f6:30:ac:c7:2e:99:fd:44:c6:92:
88:d6:4b:5c:43:82:62:31:4a:d1:2e:99:4a:02:3a:
d8:53:8c:af:3c:e1:c2:4f:08:b6:f4:31:fa:a1:78:
13:b1:6a:ad:9d:ce:98:15:63:a8:2f:37:66:1b:45:
2e:e4:ce:41:94:18:a4:c3:1c:10:e5:c2:cc:03:d1:
93:cb:d4:03:b7:4a:bf:ad:27:a8:d5:90:97:da:c0:
f3:97:e0:6c:77:f8:98:3d:e7:b0:e6:4d:76:0d:da:
0d:aa:ec:f4:05:06:01:c3:32:5a:f7:f3:34:cb:dc:
9c:f3:91:89:1b:0f:73:83:61:36:f7:3c:a3:ed:e0:
d8:07:ec:62:d0:0c:e4:d1:a9:9d:97:44:01:84:bd:
2c:61:d7:a1:b8:10:11:df:24:3d:56:4e:81:15:07:
e2:10:1b:1c:fc:2f:ce:c0:4a:20:9c:b6:d1:62:58:
86:9e:dd:4b:cd:ca:f1:f8:87:8b:ed:41:6b:fb:a7:
68:de:57:96:5a:fc:a8:5c:79:ad:d3:81:ee:b2:91:
43:8b:88:73:22:e3:b4:2d:5f:dc:e6:f4:0d:c4:f4:
10:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:89:CE:F9:78:5D:24:27:3F:21:14:08:41:50:89:9F:CB:BE:D7:01
X509v3 Authority Key Identifier:
keyid:91:CD:4C:6C:12:60:FC:9A:7C:89:4B:F6:AB:E7:7A:6E:EC:FE:C0:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kc1MbBJg_Jp8iUv2q-d6buz-wG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e5b301-0c33-48b4-847b-e98ee2381146/1/7onO-XhdJCc_IRQIQVCJn8u-1wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e5b301-0c33-48b4-847b-e98ee2381146/1/kc1MbBJg_Jp8iUv2q-d6buz-wG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.252.0/22
Signature Algorithm: sha256WithRSAEncryption
01:0e:d3:d2:3c:ae:27:c7:6f:15:61:14:36:b9:c3:e4:b6:a5:
8b:73:eb:ad:59:20:ba:44:c2:4e:51:c9:26:bb:0b:a4:4d:26:
45:51:cf:c8:b4:72:59:34:a3:c3:68:84:a6:62:0c:cc:f4:81:
27:4a:84:57:2a:81:12:b3:ac:d0:73:a2:c0:e5:12:9d:43:6d:
5e:2d:30:96:eb:84:68:1a:08:f0:26:c9:48:71:fa:9b:a1:47:
6d:05:e7:e5:54:5f:20:f7:5a:37:3e:97:2c:e5:bc:ac:f1:27:
06:48:92:52:6f:a5:d4:64:6f:18:fd:90:be:b7:61:3d:be:1a:
c6:89:06:d1:46:60:bf:3f:be:35:b5:d2:4a:4d:d0:55:eb:75:
ea:fd:cd:ef:7f:75:d1:bd:86:dc:51:8b:d3:c6:74:61:da:e2:
56:4b:46:30:31:47:6a:b8:6a:c8:41:8b:55:a0:3d:ef:97:96:
bc:2c:60:25:b4:4f:72:b4:c5:e5:cd:60:8f:cc:dd:01:9d:ed:
cb:2c:08:01:8c:19:57:4a:ed:82:c5:c4:c5:ad:49:6e:23:64:
a8:52:9b:b8:cd:b2:65:71:35:e7:1e:f6:c8:35:30:d0:94:78:
5a:72:b1:e6:b3:66:af:94:0d:0a:bc:53:fb:16:8b:2f:4a:cd:
69:f3:84:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaythQ9S3fzP3EcvgZljSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxY2Q0YzZjMTI2MGZjOWE3Yzg5NGJmNmFiZTc3YTZlZWNm
ZWMwNmUwHhcNMjUwMTAyMDk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg5Y2VmOTc4NWQyNDI3M2YyMTE0MDg0MTUwODk5ZmNiYmVkNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfSyJwdwhMy1hnDymDmabZFTmHPB
zTWKinrCa9Y5IrIxE/YwrMcumf1ExpKI1ktcQ4JiMUrRLplKAjrYU4yvPOHCTwi2
9DH6oXgTsWqtnc6YFWOoLzdmG0Uu5M5BlBikwxwQ5cLMA9GTy9QDt0q/rSeo1ZCX
2sDzl+Bsd/iYPeew5k12DdoNquz0BQYBwzJa9/M0y9yc85GJGw9zg2E29zyj7eDY
B+xi0Azk0amdl0QBhL0sYdehuBAR3yQ9Vk6BFQfiEBsc/C/OwEognLbRYliGnt1L
zcrx+IeL7UFr+6do3leWWvyoXHmt04HuspFDi4hzIuO0LV/c5vQNxPQQAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6Jzvl4XSQnPyEUCEFQiZ/LvtcBMB8GA1UdIwQY
MBaAFJHNTGwSYPyafIlL9qvnem7s/sBuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2MxTWJCSmdfSnA4aVV2MnEtZDZidXotd0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lNWIzMDEtMGMzMy00OGI0LTg0N2It
ZTk4ZWUyMzgxMTQ2LzEvN29uTy1YaGRKQ2NfSVJRSVFWQ0puOHUtMXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lNWIzMDEtMGMzMy00OGI0LTg0N2ItZTk4ZWUyMzgxMTQ2
LzEva2MxTWJCSmdfSnA4aVV2MnEtZDZidXotd0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTr8MA0G
CSqGSIb3DQEBCwUAA4IBAQABDtPSPK4nx28VYRQ2ucPktqWLc+utWSC6RMJOUckm
uwukTSZFUc/ItHJZNKPDaISmYgzM9IEnSoRXKoESs6zQc6LA5RKdQ21eLTCW64Ro
GgjwJslIcfqboUdtBeflVF8g91o3Ppcs5bys8ScGSJJSb6XUZG8Y/ZC+t2E9vhrG
iQbRRmC/P741tdJKTdBV63Xq/c3vf3XRvYbcUYvTxnRh2uJWS0YwMUdquGrIQYtV
oD3vl5a8LGAltE9ytMXlzWCPzN0Bne3LLAgBjBlXSu2CxcTFrUluI2SoUpu4zbJl
cTXnHvbINTDQlHhacrHms2avlA0KvFP7FosvSs1p84Ss
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:07:09 2025 by rpki-client