Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/ei-lhbSyA6LHM30pnoTc676sVOk.roa
File: ei-lhbSyA6LHM30pnoTc676sVOk.roa (raw, json)
Hash identifier: BJvZcqOLIL3sVAhna5EPTZoiTPtvfxYPfeKNrqGIDHA=
Subject key identifier: 7A:2F:A5:85:B4:B2:03:A2:C7:33:7D:29:9E:84:DC:EB:BE:AC:54:E9
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 0194236A0764AD638E080B69B24D67C6708C
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/ei-lhbSyA6LHM30pnoTc676sVOk.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197317
IP address blocks: 91.219.152.0/22 maxlen: 24
2a07:ae40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:07:64:ad:63:8e:08:0b:69:b2:4d:67:c6:70:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a2fa585b4b203a2c7337d299e84dcebbeac54e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b7:d4:5d:c1:46:f5:d5:55:b9:49:bc:ea:ea:
ed:8a:06:60:b3:85:34:45:01:67:f0:ec:9c:98:f2:
2b:c7:53:93:3c:5f:18:30:73:ce:fd:a3:42:d7:59:
f2:c8:75:4c:d5:ab:15:06:0c:f8:f6:0f:95:34:34:
12:66:8e:14:9a:12:ac:7d:8a:51:ad:87:2d:f8:8a:
35:56:86:44:6f:7e:70:e3:ff:52:9c:1a:38:75:11:
cb:8d:19:02:e3:3e:ba:d3:db:bf:8e:91:19:bf:b3:
c5:1f:5e:d6:3c:33:4c:96:3b:40:fb:c7:ca:04:f3:
ec:ef:1b:8e:99:dd:d9:02:14:57:4e:a2:46:be:5a:
00:93:1f:0e:9c:8f:bc:b1:41:90:38:22:22:ac:36:
c1:d0:88:77:16:ec:2d:e7:19:53:bf:6f:38:72:c6:
1f:e3:d5:af:8e:29:64:4d:e5:b4:f6:1b:46:ce:92:
9c:f1:c4:2a:4c:b1:32:4c:31:33:a1:fc:ec:75:1e:
e6:b8:0e:e3:68:92:2b:99:38:21:c6:04:7e:6b:25:
22:82:c4:87:f1:01:92:37:a6:b2:9d:6a:61:af:86:
41:9e:ca:a5:22:8b:a0:45:a1:ae:e8:8b:8e:08:33:
5a:2a:cb:4b:0e:7b:3f:11:28:24:2a:9c:41:6a:53:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2F:A5:85:B4:B2:03:A2:C7:33:7D:29:9E:84:DC:EB:BE:AC:54:E9
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/ei-lhbSyA6LHM30pnoTc676sVOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.152.0/22
IPv6:
2a07:ae40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:c7:3b:40:ba:87:9c:f4:13:ec:e2:fc:f0:2c:dd:f2:e5:0d:
6e:76:13:ad:7a:41:de:c9:e9:d9:61:68:b7:29:fe:24:ae:6a:
eb:55:77:72:ae:48:d9:ec:c0:6c:c1:8e:37:81:63:42:e0:b1:
e5:1d:24:50:7d:16:8d:b9:f1:09:7d:9e:a3:41:11:94:f5:78:
ec:a3:fb:43:67:1e:cb:9b:b4:c6:74:9e:60:68:c2:7e:ec:b4:
e5:b2:e7:98:fb:79:5c:9b:f7:d4:3b:b0:c9:8e:07:48:0c:1c:
c7:65:04:f4:3f:b4:2a:c2:db:86:4a:8d:3d:cd:89:a4:2c:f0:
f6:05:57:31:ff:3e:6f:5e:63:a2:0d:7f:c3:ae:c6:44:8f:26:
02:59:f3:ee:3c:bb:e6:92:91:20:e9:5c:58:4f:35:43:62:de:
48:1c:fd:2d:02:1f:72:f2:36:86:b1:53:67:d8:28:ca:94:fd:
7a:07:3b:f8:f1:a6:0b:ce:b5:40:64:d5:3f:cb:8e:4c:5c:f2:
cc:db:55:cc:15:ac:c5:f5:6c:f3:7f:17:f3:4b:2a:24:08:6a:
09:72:5c:af:aa:79:a7:3b:86:57:b2:95:56:c5:0b:cd:bd:ed:
96:f8:64:b8:73:0a:6a:8f:38:1d:5f:e1:e1:19:10:ad:ef:e7:
33:c6:f9:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjagdkrWOOCAtpsk1nxnCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTJmYTU4NWI0YjIwM2EyYzczMzdkMjk5ZTg0ZGNlYmJlYWM1NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7fUXcFG9dVVuUm86urtigZgs4U0
RQFn8OycmPIrx1OTPF8YMHPO/aNC11nyyHVM1asVBgz49g+VNDQSZo4UmhKsfYpR
rYct+Io1VoZEb35w4/9SnBo4dRHLjRkC4z6609u/jpEZv7PFH17WPDNMljtA+8fK
BPPs7xuOmd3ZAhRXTqJGvloAkx8OnI+8sUGQOCIirDbB0Ih3Fuwt5xlTv284csYf
49WvjilkTeW09htGzpKc8cQqTLEyTDEzofzsdR7muA7jaJIrmTghxgR+ayUigsSH
8QGSN6aynWphr4ZBnsqlIougRaGu6IuOCDNaKstLDns/ESgkKpxBalPf9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHovpYW0sgOixzN9KZ6E3Ou+rFTpMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL2VpLWxoYlN5QTZMSE0zMHBub1RjNjc2c1ZPay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJb25gw
DQQCAAIwBwMFAyoHrkAwDQYJKoZIhvcNAQELBQADggEBAJ3HO0C6h5z0E+zi/PAs
3fLlDW52E616Qd7J6dlhaLcp/iSuautVd3KuSNnswGzBjjeBY0LgseUdJFB9Fo25
8Ql9nqNBEZT1eOyj+0NnHsubtMZ0nmBown7stOWy55j7eVyb99Q7sMmOB0gMHMdl
BPQ/tCrC24ZKjT3NiaQs8PYFVzH/Pm9eY6INf8OuxkSPJgJZ8+48u+aSkSDpXFhP
NUNi3kgc/S0CH3LyNoaxU2fYKMqU/XoHO/jxpgvOtUBk1T/Ljkxc8szbVcwVrMX1
bPN/F/NLKiQIaglyXK+qeac7hleylVbFC8297Zb4ZLhzCmqPOB1f4eEZEK3v5zPG
+QA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:27:38 2025 by rpki-client