Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/5f5acc-3646-443d-9f7e-27e9beb3294b/1/4L2ftFdKTKASWvnNHU7j3JO420k.roa
File: 4L2ftFdKTKASWvnNHU7j3JO420k.roa (raw, json)
Hash identifier: 9wX3/hgGG8p+SICpTdmMYHRqU0aY/b1v3xs+2pZbrJI=
Subject key identifier: E0:BD:9F:B4:57:4A:4C:A0:12:5A:F9:CD:1D:4E:E3:DC:93:B8:DB:49
Certificate issuer: /CN=67c39d38f468d9c12d8ff50d5b9f9265a1e5a8d0
Certificate serial: 0194221FF9B38DD85DAFE1323B224A0C204E
Authority key identifier: 67:C3:9D:38:F4:68:D9:C1:2D:8F:F5:0D:5B:9F:92:65:A1:E5:A8:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8OdOPRo2cEtj_UNW5-SZaHlqNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/5f5acc-3646-443d-9f7e-27e9beb3294b/1/4L2ftFdKTKASWvnNHU7j3JO420k.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59622
IP address blocks: 91.207.178.0/24 maxlen: 24
91.207.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f9:b3:8d:d8:5d:af:e1:32:3b:22:4a:0c:20:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67c39d38f468d9c12d8ff50d5b9f9265a1e5a8d0
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0bd9fb4574a4ca0125af9cd1d4ee3dc93b8db49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:04:8b:1f:15:90:b9:72:dc:73:16:d4:95:
4a:f9:6c:64:15:b8:b7:9c:fa:19:fd:c2:48:d8:94:
33:12:70:30:f9:70:5f:0d:fe:ee:84:be:59:46:14:
39:11:f7:f9:79:cf:58:70:da:ba:b3:7b:5c:80:b6:
44:ac:29:09:1e:12:54:45:f8:98:98:7b:b9:6d:a5:
fc:c5:6d:e9:0e:5d:0d:9d:09:a1:56:e5:25:0a:91:
9c:d0:5e:5c:2d:9e:50:9f:28:44:a0:b3:93:46:98:
c1:13:76:f1:f4:57:56:83:29:4b:31:82:28:f2:eb:
0f:dc:d9:8e:74:19:8c:78:bb:7e:5b:55:32:ff:87:
d4:80:f8:57:b1:de:7d:7c:69:ff:8e:1f:41:53:81:
cb:e1:4c:26:58:cc:e2:a6:a2:f9:2d:70:2d:f1:b1:
f9:72:fd:4d:5c:82:ed:3a:36:47:20:ca:99:bc:62:
6a:3b:a5:db:c9:a1:68:91:7d:47:bd:cb:1e:b9:87:
77:e5:64:4d:ab:18:49:97:27:0a:5b:fa:02:b0:14:
72:70:63:a4:d2:76:d2:47:7b:ed:ff:30:89:60:bb:
37:04:06:2c:41:e4:fc:64:a6:04:18:05:38:d1:b6:
a1:b4:38:43:3f:d8:8a:fb:f1:3f:db:45:17:ca:82:
d5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BD:9F:B4:57:4A:4C:A0:12:5A:F9:CD:1D:4E:E3:DC:93:B8:DB:49
X509v3 Authority Key Identifier:
keyid:67:C3:9D:38:F4:68:D9:C1:2D:8F:F5:0D:5B:9F:92:65:A1:E5:A8:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8OdOPRo2cEtj_UNW5-SZaHlqNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/5f5acc-3646-443d-9f7e-27e9beb3294b/1/4L2ftFdKTKASWvnNHU7j3JO420k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/5f5acc-3646-443d-9f7e-27e9beb3294b/1/Z8OdOPRo2cEtj_UNW5-SZaHlqNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.178.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:63:b8:01:82:e9:04:ea:75:2c:5f:62:23:d0:03:f2:fd:b3:
f3:d3:2d:f4:8d:c0:7f:de:e2:5c:59:89:90:94:df:c0:be:de:
80:22:24:56:a3:86:92:25:82:e5:7f:a0:c2:b9:72:50:e6:d3:
f8:32:53:29:96:32:c7:13:31:de:4a:0b:23:71:4a:98:26:28:
73:c9:97:60:6a:a3:f6:04:42:d0:62:b7:10:6f:f5:05:79:ed:
ab:6a:06:c0:8c:d9:5b:5b:0d:8a:5b:f4:df:f6:5e:ca:ea:07:
13:de:62:bc:f3:0e:0e:0a:bf:97:d9:22:ac:84:9e:a0:12:96:
c8:25:5e:bd:50:36:67:cf:ff:3d:95:aa:ad:fa:e2:31:4b:1e:
a3:33:89:91:53:82:7d:27:ac:ba:7d:79:a1:f7:d0:25:71:f0:
76:c6:91:a2:ee:00:51:b8:28:bf:2c:cd:d7:6b:f4:53:78:17:
93:b0:7b:93:89:3d:f0:8b:b6:69:73:7b:d4:a7:57:22:de:79:
a9:f4:f6:62:76:4b:67:20:cb:e6:24:6a:6b:7e:27:2c:21:87:
fe:de:63:2f:c2:e5:19:fe:d1:b4:fd:58:c8:ff:7b:26:43:73:
fb:fd:6e:42:6a:ce:a7:93:25:0c:8e:ea:37:63:a2:d1:63:11:
f9:62:4a:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/mzjdhdr+EyOyJKDCBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzM5ZDM4ZjQ2OGQ5YzEyZDhmZjUwZDViOWY5MjY1YTFl
NWE4ZDAwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJkOWZiNDU3NGE0Y2EwMTI1YWY5Y2QxZDRlZTNkYzkzYjhkYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gIEix8VkLly3HMW1JVK+WxkFbi3
nPoZ/cJI2JQzEnAw+XBfDf7uhL5ZRhQ5Eff5ec9YcNq6s3tcgLZErCkJHhJURfiY
mHu5baX8xW3pDl0NnQmhVuUlCpGc0F5cLZ5QnyhEoLOTRpjBE3bx9FdWgylLMYIo
8usP3NmOdBmMeLt+W1Uy/4fUgPhXsd59fGn/jh9BU4HL4UwmWMzipqL5LXAt8bH5
cv1NXILtOjZHIMqZvGJqO6XbyaFokX1HvcseuYd35WRNqxhJlycKW/oCsBRycGOk
0nbSR3vt/zCJYLs3BAYsQeT8ZKYEGAU40bahtDhDP9iK+/E/20UXyoLVkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOC9n7RXSkygElr5zR1O49yTuNtJMB8GA1UdIwQY
MBaAFGfDnTj0aNnBLY/1DVufkmWh5ajQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhPZE9QUm8yY0V0al9VTlc1LVNaYUhscU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81ZjVhY2MtMzY0Ni00NDNkLTlmN2Ut
MjdlOWJlYjMyOTRiLzEvNEwyZnRGZEtUS0FTV3ZuTkhVN2ozSk80MjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81ZjVhY2MtMzY0Ni00NDNkLTlmN2UtMjdlOWJlYjMyOTRi
LzEvWjhPZE9QUm8yY0V0al9VTlc1LVNaYUhscU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8+yMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Y7gBgukE6nUsX2Ij0APy/bPz0y30jcB/3uJcWYmQ
lN/Avt6AIiRWo4aSJYLlf6DCuXJQ5tP4MlMpljLHEzHeSgsjcUqYJihzyZdgaqP2
BELQYrcQb/UFee2ragbAjNlbWw2KW/Tf9l7K6gcT3mK88w4OCr+X2SKshJ6gEpbI
JV69UDZnz/89laqt+uIxSx6jM4mRU4J9J6y6fXmh99AlcfB2xpGi7gBRuCi/LM3X
a/RTeBeTsHuTiT3wi7Zpc3vUp1ci3nmp9PZidktnIMvmJGprficsIYf+3mMvwuUZ
/tG0/VjI/3smQ3P7/W5Cas6nkyUMjuo3Y6LRYxH5Ykrq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net