Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/opZuDmDWQL5ca_7w2GLyUTRdL5E.roa
File: opZuDmDWQL5ca_7w2GLyUTRdL5E.roa (raw, json)
Hash identifier: icGuPqMDdyClVp/nHf/m0TN12+gflYp9hAwPQL0ezMk=
Subject key identifier: A2:96:6E:0E:60:D6:40:BE:5C:6B:FE:F0:D8:62:F2:51:34:5D:2F:91
Certificate issuer: /CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
Certificate serial: 01942826E297145F4864F71E535B746904B6
Authority key identifier: 57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/opZuDmDWQL5ca_7w2GLyUTRdL5E.roa
Signing time: Thu 02 Jan 2025 17:53:44 +0000
ROA not before: Thu 02 Jan 2025 17:53:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49883
IP address blocks: 91.213.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:e2:97:14:5f:48:64:f7:1e:53:5b:74:69:04:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c5a76f28b71ea8dbf999abaab7a659839ac182
Validity
Not Before: Jan 2 17:53:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2966e0e60d640be5c6bfef0d862f251345d2f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a9:48:e0:35:a1:fc:c4:66:c7:c7:ba:76:d1:
56:f4:79:76:c6:c0:60:49:ba:32:15:80:ea:7c:6f:
be:5b:fb:50:a2:03:4c:12:2e:2b:12:63:13:7c:10:
ea:c4:b9:9b:63:70:b4:db:89:19:a0:ca:a3:91:e9:
1d:7e:16:e3:42:66:f3:2a:b5:47:ec:16:95:f3:7f:
76:5d:51:f6:d2:f6:82:bb:e6:70:d7:89:f5:80:63:
34:c8:6b:73:67:1f:1b:3b:d0:ef:bc:29:ad:a7:10:
15:d6:42:11:6e:20:ce:9f:5a:1c:9b:4f:46:f9:ae:
91:c8:32:62:93:8f:d8:9a:1b:0e:e5:9f:d4:94:fe:
e1:d5:14:c4:d4:7d:94:d9:0d:d6:dc:ad:99:2a:1f:
f8:c9:24:31:1d:d0:76:04:37:ae:a2:b4:00:f4:41:
dd:a5:f7:e6:6a:32:1e:b1:d6:13:08:d2:a6:a7:d7:
de:58:a4:b5:1e:a7:07:2a:c6:45:44:99:17:df:9c:
29:fb:5d:a7:9d:eb:51:74:98:fc:ce:2e:7e:cf:f8:
11:4e:2f:36:b6:11:c7:05:9b:18:51:74:92:3a:65:
a1:85:de:2d:b4:aa:3c:8f:5a:ab:ab:d8:60:3c:75:
fc:63:af:ae:1a:fd:f4:c9:33:d5:c9:ae:fd:b9:22:
68:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:96:6E:0E:60:D6:40:BE:5C:6B:FE:F0:D8:62:F2:51:34:5D:2F:91
X509v3 Authority Key Identifier:
keyid:57:C5:A7:6F:28:B7:1E:A8:DB:F9:99:AB:AA:B7:A6:59:83:9A:C1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8Wnbyi3Hqjb-ZmrqremWYOawYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/opZuDmDWQL5ca_7w2GLyUTRdL5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c32b9d-8c7c-4441-bdb1-6a68251f1387/1/V8Wnbyi3Hqjb-ZmrqremWYOawYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.187.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6d:1b:9b:65:f8:21:8a:e3:f5:3b:8e:11:7d:50:db:9d:38:
ca:92:c3:88:b1:2a:25:b8:80:67:08:5b:fd:d8:a0:40:6e:1c:
92:64:ec:2b:55:6f:32:a8:0a:00:4b:f6:1e:19:75:b8:34:1c:
de:e1:4d:1c:3e:bb:7d:97:79:22:3b:61:88:fb:c3:8a:4b:50:
b5:52:8c:a9:8c:e0:d6:7f:57:d2:21:18:72:69:d5:49:8a:02:
89:d6:61:da:08:20:e7:e6:ff:2e:66:36:c3:8f:eb:a7:6a:0a:
2d:ba:21:bb:ce:f0:d4:10:75:b0:8a:28:fd:20:c3:18:0a:41:
bf:7d:36:74:b2:13:6e:b4:6b:d3:62:31:a9:b5:e4:db:66:f1:
ad:dd:15:3a:99:be:f2:a5:93:77:da:59:4c:b4:9f:71:b1:96:
8e:bc:78:e2:6f:a2:95:21:1b:4c:10:0f:58:20:c3:ea:ee:ff:
a7:40:35:a2:da:65:c7:fb:8e:5f:50:46:10:da:84:8c:03:70:
a3:c2:b4:dc:b1:4b:62:33:32:96:33:e7:ba:32:62:0c:ac:28:
63:ad:81:59:d1:8c:35:ed:f4:84:5d:ac:ff:4a:37:4c:43:5e:
c6:1d:75:df:2c:8e:99:64:f6:f6:54:46:f9:20:c6:17:8f:25:
6b:4f:13:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJuKXFF9IZPceU1t0aQS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzVhNzZmMjhiNzFlYThkYmY5OTlhYmFhYjdhNjU5ODM5
YWMxODIwHhcNMjUwMTAyMTc1MzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk2NmUwZTYwZDY0MGJlNWM2YmZlZjBkODYyZjI1MTM0NWQyZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqlI4DWh/MRmx8e6dtFW9Hl2xsBg
SboyFYDqfG++W/tQogNMEi4rEmMTfBDqxLmbY3C024kZoMqjkekdfhbjQmbzKrVH
7BaV8392XVH20vaCu+Zw14n1gGM0yGtzZx8bO9DvvCmtpxAV1kIRbiDOn1ocm09G
+a6RyDJik4/YmhsO5Z/UlP7h1RTE1H2U2Q3W3K2ZKh/4ySQxHdB2BDeuorQA9EHd
pffmajIesdYTCNKmp9feWKS1HqcHKsZFRJkX35wp+12nnetRdJj8zi5+z/gRTi82
thHHBZsYUXSSOmWhhd4ttKo8j1qrq9hgPHX8Y6+uGv30yTPVya79uSJo4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKWbg5g1kC+XGv+8Nhi8lE0XS+RMB8GA1UdIwQY
MBaAFFfFp28otx6o2/mZq6q3plmDmsGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEt
NmE2ODI1MWYxMzg3LzEvb3BadURtRFdRTDVjYV83dzJHTHlVVFJkTDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMzJiOWQtOGM3Yy00NDQxLWJkYjEtNmE2ODI1MWYxMzg3
LzEvVjhXbmJ5aTNIcWpiLVptcnFyZW1XWU9hd1lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9W7MA0G
CSqGSIb3DQEBCwUAA4IBAQBbbRubZfghiuP1O44RfVDbnTjKksOIsSoluIBnCFv9
2KBAbhySZOwrVW8yqAoAS/YeGXW4NBze4U0cPrt9l3kiO2GI+8OKS1C1UoypjODW
f1fSIRhyadVJigKJ1mHaCCDn5v8uZjbDj+unagotuiG7zvDUEHWwiij9IMMYCkG/
fTZ0shNutGvTYjGpteTbZvGt3RU6mb7ypZN32llMtJ9xsZaOvHjib6KVIRtMEA9Y
IMPq7v+nQDWi2mXH+45fUEYQ2oSMA3CjwrTcsUtiMzKWM+e6MmIMrChjrYFZ0Yw1
7fSEXaz/SjdMQ17GHXXfLI6ZZPb2VEb5IMYXjyVrTxOY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:45 2025 by rpki-client on console.sobornost.net