Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/f91ea8-7eea-44fb-af27-5c086ddc9a26/1/9xuRyXwVaekffVcG8_NstMNBt-k.roa
File: 9xuRyXwVaekffVcG8_NstMNBt-k.roa (raw, json)
Hash identifier: M9/x2Ndgn+GMwlguZER0SDySKrmyfH7+TGAZyq7NYpw=
Subject key identifier: F7:1B:91:C9:7C:15:69:E9:1F:7D:57:06:F3:F3:6C:B4:C3:41:B7:E9
Certificate issuer: /CN=e3a74abcb1382c22b91ad407fd4339ab8ba81b82
Certificate serial: 01942143AC8FA65A2C849D8304458AC1E51C
Authority key identifier: E3:A7:4A:BC:B1:38:2C:22:B9:1A:D4:07:FD:43:39:AB:8B:A8:1B:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/46dKvLE4LCK5GtQH_UM5q4uoG4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/f91ea8-7eea-44fb-af27-5c086ddc9a26/1/9xuRyXwVaekffVcG8_NstMNBt-k.roa
Signing time: Wed 01 Jan 2025 09:47:50 +0000
ROA not before: Wed 01 Jan 2025 09:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59847
IP address blocks: 5.149.88.0/23 maxlen: 23
5.149.88.0/24 maxlen: 24
5.149.89.0/24 maxlen: 24
5.149.90.0/23 maxlen: 23
5.149.90.0/24 maxlen: 24
5.149.91.0/24 maxlen: 24
109.94.104.0/24 maxlen: 24
109.94.105.0/24 maxlen: 24
109.94.106.0/24 maxlen: 24
109.94.107.0/24 maxlen: 24
185.69.28.0/22 maxlen: 22
185.69.28.0/24 maxlen: 24
185.69.29.0/24 maxlen: 24
185.69.30.0/24 maxlen: 24
185.69.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ac:8f:a6:5a:2c:84:9d:83:04:45:8a:c1:e5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3a74abcb1382c22b91ad407fd4339ab8ba81b82
Validity
Not Before: Jan 1 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f71b91c97c1569e91f7d5706f3f36cb4c341b7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:d3:86:8e:0b:0c:4a:8c:00:01:13:5a:44:
9f:a7:77:ce:14:71:ff:43:93:c4:a1:c3:f4:c9:24:
7e:7a:7c:ed:c9:0a:bd:f8:5b:6e:0c:23:66:9d:6e:
a0:11:0f:5c:bb:03:34:a4:ba:bf:b3:f1:39:24:27:
18:72:76:be:6b:c5:76:89:f8:a0:87:61:4d:d0:a1:
4d:03:c9:16:24:e1:54:46:34:78:91:82:33:98:b1:
21:07:7b:0e:bc:5f:07:a4:45:cd:37:d3:ce:37:a5:
2e:f3:01:2a:6b:f5:d5:24:83:60:92:a3:17:b6:df:
35:b8:52:7c:cd:bb:17:ab:8a:e6:16:c3:a0:6d:83:
ff:14:78:49:ef:45:30:d9:32:30:e8:37:76:02:d7:
0b:87:85:5a:0c:d8:12:04:8d:60:db:2c:bb:f3:cf:
cf:c2:c7:02:2e:c9:67:9d:83:e2:1b:51:82:26:82:
38:2f:c9:ef:74:44:64:ca:03:6e:8a:0e:04:7b:60:
42:62:44:3d:26:9a:da:82:bb:05:55:de:b9:36:dc:
e8:f7:82:32:31:1f:51:be:48:19:42:79:59:06:6c:
63:e8:bf:30:b1:c6:be:51:6f:5f:d7:b8:54:0c:5b:
ef:90:77:d5:0a:aa:ca:85:be:17:b4:b6:a1:fe:ad:
f0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1B:91:C9:7C:15:69:E9:1F:7D:57:06:F3:F3:6C:B4:C3:41:B7:E9
X509v3 Authority Key Identifier:
keyid:E3:A7:4A:BC:B1:38:2C:22:B9:1A:D4:07:FD:43:39:AB:8B:A8:1B:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/46dKvLE4LCK5GtQH_UM5q4uoG4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f91ea8-7eea-44fb-af27-5c086ddc9a26/1/9xuRyXwVaekffVcG8_NstMNBt-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f91ea8-7eea-44fb-af27-5c086ddc9a26/1/46dKvLE4LCK5GtQH_UM5q4uoG4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.88.0/22
109.94.104.0/22
185.69.28.0/22
Signature Algorithm: sha256WithRSAEncryption
36:36:be:f7:cc:18:2d:65:c1:a0:9f:95:e2:f8:2f:11:58:38:
0f:42:ae:b9:3e:09:1e:d1:c7:8d:28:f6:22:a0:5d:91:de:1e:
9d:53:93:b6:6b:58:96:7f:67:49:86:ab:a3:54:aa:2c:97:f1:
fe:96:78:86:e3:2f:2f:18:3b:73:a9:20:78:bc:15:f6:c2:e2:
7b:f3:9b:15:68:4a:e9:3c:5e:68:01:32:94:01:01:b7:8c:a7:
3e:96:8b:99:44:09:4b:ba:1f:a7:e3:e3:a7:1e:ed:17:42:44:
b5:f3:3a:7b:4e:6e:76:2c:93:a5:bd:6d:17:6c:a1:e9:50:02:
79:97:32:46:a1:6f:84:62:2c:be:3c:16:6d:2b:26:a9:ad:55:
45:57:9c:16:c8:94:7d:22:3b:c4:73:a6:ae:1a:e5:87:47:7b:
a2:c7:cb:73:24:53:5c:9c:da:2a:b3:ec:b1:61:3b:8c:cb:f5:
5a:c1:06:bf:7c:cd:70:30:3d:be:21:09:c8:1a:cb:58:09:9b:
5f:1a:05:51:19:e4:15:12:f5:cf:23:6a:4b:bb:77:9c:af:79:
95:77:03:1b:1a:f0:c9:8a:fd:79:ad:e2:9a:ab:3f:d7:fb:84:
e0:ed:4e:34:5a:e5:63:e3:18:32:c3:cb:74:c7:5e:2d:22:64:
3c:78:7b:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ6yPploshJ2DBEWKweUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYTc0YWJjYjEzODJjMjJiOTFhZDQwN2ZkNDMzOWFiOGJh
ODFiODIwHhcNMjUwMTAxMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFiOTFjOTdjMTU2OWU5MWY3ZDU3MDZmM2YzNmNiNGMzNDFiN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIzTho4LDEqMAAETWkSfp3fOFHH/
Q5PEocP0ySR+enztyQq9+FtuDCNmnW6gEQ9cuwM0pLq/s/E5JCcYcna+a8V2ifig
h2FN0KFNA8kWJOFURjR4kYIzmLEhB3sOvF8HpEXNN9PON6Uu8wEqa/XVJINgkqMX
tt81uFJ8zbsXq4rmFsOgbYP/FHhJ70Uw2TIw6Dd2AtcLh4VaDNgSBI1g2yy788/P
wscCLslnnYPiG1GCJoI4L8nvdERkygNuig4Ee2BCYkQ9JpragrsFVd65Ntzo94Iy
MR9RvkgZQnlZBmxj6L8wsca+UW9f17hUDFvvkHfVCqrKhb4XtLah/q3w5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPcbkcl8FWnpH31XBvPzbLTDQbfpMB8GA1UdIwQY
MBaAFOOnSryxOCwiuRrUB/1DOauLqBuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDZkS3ZMRTRMQ0s1R3RRSF9VTTVxNHVvRzRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mOTFlYTgtN2VlYS00NGZiLWFmMjct
NWMwODZkZGM5YTI2LzEvOXh1UnlYd1ZhZWtmZlZjRzhfTnN0TU5CdC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mOTFlYTgtN2VlYS00NGZiLWFmMjctNWMwODZkZGM5YTI2
LzEvNDZkS3ZMRTRMQ0s1R3RRSF9VTTVxNHVvRzRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBZVYAwQC
bV5oAwQCuUUcMA0GCSqGSIb3DQEBCwUAA4IBAQA2Nr73zBgtZcGgn5Xi+C8RWDgP
Qq65Pgke0ceNKPYioF2R3h6dU5O2a1iWf2dJhqujVKosl/H+lniG4y8vGDtzqSB4
vBX2wuJ785sVaErpPF5oATKUAQG3jKc+louZRAlLuh+n4+OnHu0XQkS18zp7Tm52
LJOlvW0XbKHpUAJ5lzJGoW+EYiy+PBZtKyaprVVFV5wWyJR9IjvEc6auGuWHR3ui
x8tzJFNcnNoqs+yxYTuMy/VawQa/fM1wMD2+IQnIGstYCZtfGgVRGeQVEvXPI2pL
u3ecr3mVdwMbGvDJiv15reKaqz/X+4Tg7U40WuVj4xgyw8t0x14tImQ8eHvX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net