Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/dTRvsxL2APKWCpGceVS2hPx0HUQ.roa
File: dTRvsxL2APKWCpGceVS2hPx0HUQ.roa (raw, json)
Hash identifier: ckDUOzUXSrfuvc3RkTd1UBfCmEYB7nDoNopZ1OYU3es=
Subject key identifier: 75:34:6F:B3:12:F6:00:F2:96:0A:91:9C:79:54:B6:84:FC:74:1D:44
Certificate issuer: /CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702
Certificate serial: 01941FFA5638749FDF9B6B0B18CE884E4946
Authority key identifier: A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/dTRvsxL2APKWCpGceVS2hPx0HUQ.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25143
IP address blocks: 91.239.48.0/24 maxlen: 24
91.239.49.0/24 maxlen: 24
91.239.50.0/24 maxlen: 24
91.239.51.0/24 maxlen: 24
193.19.228.0/24 maxlen: 24
193.19.229.0/24 maxlen: 24
193.19.230.0/24 maxlen: 24
193.19.231.0/24 maxlen: 24
193.238.20.0/24 maxlen: 24
193.238.21.0/24 maxlen: 24
193.238.22.0/24 maxlen: 24
193.238.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:56:38:74:9f:df:9b:6b:0b:18:ce:88:4e:49:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2bcd88ac3e02cffad3c00de46b5da336bd64702
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75346fb312f600f2960a919c7954b684fc741d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:f8:6e:91:7a:8f:e5:2a:10:04:04:76:98:
94:d5:23:26:f1:ac:bc:c2:8e:1c:68:82:e8:78:c7:
79:4c:8f:c7:02:40:cf:5a:b0:42:99:d1:90:14:28:
f3:50:f0:c0:d2:3b:5e:d5:6c:16:36:93:d0:28:83:
6f:b3:eb:30:9a:34:70:a2:bd:d2:77:a4:ae:ec:c9:
7c:36:e9:0a:88:52:7b:40:f8:28:05:91:fc:40:93:
e2:be:16:0f:16:62:cb:76:7a:90:38:53:32:af:49:
42:84:55:e1:7d:e6:97:06:1d:33:ab:92:cf:eb:f1:
8f:53:48:40:f8:71:e0:d3:46:17:d4:5e:df:06:0e:
33:b7:48:38:49:78:b7:d1:9c:98:dd:a8:07:14:44:
ca:f9:b1:7e:ff:86:ae:50:dd:40:ad:eb:18:9c:e8:
1e:18:6a:7d:0d:c0:60:46:77:b1:a1:95:62:ba:79:
6b:05:15:e5:17:60:b8:62:a2:54:c4:d0:83:f5:47:
d8:86:6f:e4:dd:f3:d9:b1:eb:6b:c1:78:3b:11:aa:
7e:04:d1:25:43:c0:bc:83:16:6f:83:4c:8d:81:5c:
e0:7e:18:c5:90:42:fd:a8:2a:e0:51:1c:1c:26:58:
db:4d:9c:56:67:61:4e:ef:52:ab:ee:51:ab:08:f1:
9d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:34:6F:B3:12:F6:00:F2:96:0A:91:9C:79:54:B6:84:FC:74:1D:44
X509v3 Authority Key Identifier:
keyid:A2:BC:D8:8A:C3:E0:2C:FF:AD:3C:00:DE:46:B5:DA:33:6B:D6:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orzYisPgLP-tPADeRrXaM2vWRwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/dTRvsxL2APKWCpGceVS2hPx0HUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cf4db5-fb29-4b2a-a215-aab862861a09/1/orzYisPgLP-tPADeRrXaM2vWRwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.48.0/22
193.19.228.0/22
193.238.20.0/22
Signature Algorithm: sha256WithRSAEncryption
92:c3:94:a4:e7:74:cb:bb:1a:f2:5e:be:bd:96:12:26:c6:cb:
e0:c5:62:88:3b:de:fb:61:6f:6c:78:01:ff:13:20:92:cf:e9:
f7:d6:49:9a:ae:1e:f1:4c:26:50:37:45:ce:68:a3:41:5a:19:
97:bc:d9:14:ba:91:05:16:72:3f:1d:33:8a:31:09:20:86:3c:
3c:4b:ee:5d:8a:c8:e8:f8:84:db:e7:19:15:04:c9:76:78:f1:
9f:f7:95:a1:d3:0b:59:2c:6b:55:bc:3e:7d:5b:89:ab:24:d1:
2f:9f:2f:a0:da:88:69:62:dd:62:2f:b7:6d:bf:2e:ff:2a:fb:
f6:ca:f2:67:c6:0a:1d:f1:51:f4:3b:55:2a:d4:1c:1c:c0:d6:
d5:ff:76:0c:7c:c2:60:f0:1a:69:64:bf:25:97:81:13:66:72:
0d:c2:0a:ce:bd:99:55:d3:e3:f2:8f:eb:3c:7f:97:fb:f5:2f:
34:76:4d:d7:a3:6e:45:56:dd:7a:b3:e5:e9:35:c2:44:68:76:
c4:13:4c:de:38:03:b2:db:ab:07:2a:ae:24:b7:bd:08:f8:b8:
ce:32:28:78:6f:cf:85:75:20:1d:90:09:62:8c:8b:82:49:47:
3c:46:b1:2c:4c:f3:1e:fd:49:e1:03:81:c4:6c:46:e3:75:27:
ce:fc:ca:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+lY4dJ/fm2sLGM6ITklGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYmNkODhhYzNlMDJjZmZhZDNjMDBkZTQ2YjVkYTMzNmJk
NjQ3MDIwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM0NmZiMzEyZjYwMGYyOTYwYTkxOWM3OTU0YjY4NGZjNzQxZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugn4bpF6j+UqEAQEdpiU1SMm8ay8
wo4caILoeMd5TI/HAkDPWrBCmdGQFCjzUPDA0jte1WwWNpPQKINvs+swmjRwor3S
d6Su7Ml8NukKiFJ7QPgoBZH8QJPivhYPFmLLdnqQOFMyr0lChFXhfeaXBh0zq5LP
6/GPU0hA+HHg00YX1F7fBg4zt0g4SXi30ZyY3agHFETK+bF+/4auUN1AresYnOge
GGp9DcBgRnexoZViunlrBRXlF2C4YqJUxNCD9UfYhm/k3fPZsetrwXg7Eap+BNEl
Q8C8gxZvg0yNgVzgfhjFkEL9qCrgURwcJljbTZxWZ2FO71Kr7lGrCPGdjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHU0b7MS9gDylgqRnHlUtoT8dB1EMB8GA1UdIwQY
MBaAFKK82IrD4Cz/rTwA3ka12jNr1kcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUt
YWFiODYyODYxYTA5LzEvZFRSdnN4TDJBUEtXQ3BHY2VWUzJoUHgwSFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jZjRkYjUtZmIyOS00YjJhLWEyMTUtYWFiODYyODYxYTA5
LzEvb3J6WWlzUGdMUC10UEFEZVJyWGFNMnZXUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+8wAwQC
wRPkAwQCwe4UMA0GCSqGSIb3DQEBCwUAA4IBAQCSw5Sk53TLuxryXr69lhImxsvg
xWKIO977YW9seAH/EyCSz+n31kmarh7xTCZQN0XOaKNBWhmXvNkUupEFFnI/HTOK
MQkghjw8S+5disjo+ITb5xkVBMl2ePGf95Wh0wtZLGtVvD59W4mrJNEvny+g2ohp
Yt1iL7dtvy7/Kvv2yvJnxgod8VH0O1Uq1BwcwNbV/3YMfMJg8BppZL8ll4ETZnIN
wgrOvZlV0+Pyj+s8f5f79S80dk3Xo25FVt16s+XpNcJEaHbEE0zeOAOy26sHKq4k
t70I+LjOMih4b8+FdSAdkAlijIuCSUc8RrEsTPMe/UnhA4HEbEbjdSfO/MrJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net