Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/fSqRfFQj3Q__dsTUhVMBI1HPSHg.roa
File: fSqRfFQj3Q__dsTUhVMBI1HPSHg.roa (raw, json)
Hash identifier: Y+WWgHfgxkTIhIEndSO+xaSkFkDz1wgH6w0m5aWvWfU=
Subject key identifier: 7D:2A:91:7C:54:23:DD:0F:FF:76:C4:D4:85:53:01:23:51:CF:48:78
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 01941FFA5A09E5B865E6E71801FE66C02E0A
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/fSqRfFQj3Q__dsTUhVMBI1HPSHg.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210315
IP address blocks: 91.231.200.0/24 maxlen: 24
91.231.201.0/24 maxlen: 24
91.231.202.0/23 maxlen: 23
195.88.254.0/24 maxlen: 24
195.88.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5a:09:e5:b8:65:e6:e7:18:01:fe:66:c0:2e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d2a917c5423dd0fff76c4d48553012351cf4878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:68:33:03:fa:d5:33:a8:bd:f3:7a:92:18:
b0:2d:61:29:f5:e0:6d:a2:a3:90:81:7d:21:5f:b3:
2d:8b:90:ad:b7:ce:8c:64:83:a1:b8:d6:f2:bb:fd:
74:6d:9c:00:2b:5e:80:9b:a3:89:49:2c:33:27:e8:
23:72:bc:de:0d:88:ea:52:18:4a:17:48:70:78:f2:
77:e3:71:c0:26:fc:7e:70:ee:6e:00:13:62:cc:ea:
47:35:c7:54:61:cc:00:0e:23:9d:e3:d9:ee:6a:47:
c6:26:32:ba:89:fc:e5:89:db:8c:7d:c5:19:88:46:
b8:da:28:31:bc:5e:81:45:2c:b0:ab:73:28:44:5f:
77:bf:c7:9d:27:24:0d:56:fd:03:05:f5:e7:e2:c3:
82:67:60:89:2f:e7:a0:68:aa:b0:30:56:27:fe:72:
09:42:72:0f:1a:ee:f0:2a:00:f3:4e:7e:68:39:e2:
fe:0a:26:49:2f:3a:73:b9:13:ce:71:ce:38:1d:d8:
7c:d8:04:81:0f:aa:7a:ad:b6:9c:83:27:c5:91:bc:
bb:7f:9d:e9:c5:7e:77:41:ea:a9:bf:e3:52:73:8c:
bd:6b:79:a2:7e:52:91:5e:c2:51:79:1b:96:49:ff:
2a:c1:61:1e:8f:83:2e:f1:82:c8:a4:02:e2:40:f9:
a5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2A:91:7C:54:23:DD:0F:FF:76:C4:D4:85:53:01:23:51:CF:48:78
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/fSqRfFQj3Q__dsTUhVMBI1HPSHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.200.0/22
195.88.254.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:87:61:32:85:1c:6d:79:ee:2d:fa:10:69:8c:8b:8d:a6:8f:
85:85:1c:61:c1:6c:64:0f:ed:26:03:b4:3a:89:64:07:66:ef:
ed:0d:9c:da:ab:e3:26:d4:f8:0e:27:29:e8:85:00:16:6d:c8:
13:9a:76:bc:31:61:c6:3a:f0:09:ef:46:c4:b2:f3:f5:99:4e:
98:ea:eb:22:ac:79:65:ab:1f:61:14:93:7f:e4:ad:df:45:dc:
dc:47:0d:05:cd:79:f1:f4:c3:95:4e:25:b1:a1:c6:cb:b6:de:
78:c3:b9:c4:d6:8f:b1:3b:ad:77:83:91:bf:1c:cf:db:5d:92:
88:88:a5:e3:01:27:27:e1:9f:9a:e6:3c:db:ad:57:0a:f9:b3:
40:c1:a8:90:1f:6a:27:fa:46:ab:21:2f:80:89:90:9d:66:20:
dd:86:4d:1d:dc:4f:00:8d:56:bd:6d:3e:0c:ee:dc:5c:45:23:
fe:03:73:45:36:11:d7:ed:2c:a2:c5:0b:a2:35:4c:d8:5c:ec:
9e:ef:c5:48:d8:c2:eb:14:9f:80:6e:e5:69:73:3b:21:77:fa:
ab:7e:c6:34:15:1a:8d:5d:b2:f0:73:8c:95:6f:31:64:aa:50:
42:62:24:b4:8f:7e:52:e4:34:02:f8:bb:0b:15:4c:01:0e:00:
57:ec:99:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+loJ5bhl5ucYAf5mwC4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJhOTE3YzU0MjNkZDBmZmY3NmM0ZDQ4NTUzMDEyMzUxY2Y0ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshtoMwP61TOovfN6khiwLWEp9eBt
oqOQgX0hX7Mti5Ctt86MZIOhuNbyu/10bZwAK16Am6OJSSwzJ+gjcrzeDYjqUhhK
F0hwePJ343HAJvx+cO5uABNizOpHNcdUYcwADiOd49nuakfGJjK6ifzliduMfcUZ
iEa42igxvF6BRSywq3MoRF93v8edJyQNVv0DBfXn4sOCZ2CJL+egaKqwMFYn/nIJ
QnIPGu7wKgDzTn5oOeL+CiZJLzpzuRPOcc44Hdh82ASBD6p6rbacgyfFkby7f53p
xX53Qeqpv+NSc4y9a3miflKRXsJReRuWSf8qwWEej4Mu8YLIpALiQPmliQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH0qkXxUI90P/3bE1IVTASNRz0h4MB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvZlNxUmZGUWozUV9fZHNUVWhWTUJJMUhQU0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+fIAwQB
w1j+MA0GCSqGSIb3DQEBCwUAA4IBAQArh2EyhRxtee4t+hBpjIuNpo+FhRxhwWxk
D+0mA7Q6iWQHZu/tDZzaq+Mm1PgOJynohQAWbcgTmna8MWHGOvAJ70bEsvP1mU6Y
6usirHllqx9hFJN/5K3fRdzcRw0FzXnx9MOVTiWxocbLtt54w7nE1o+xO613g5G/
HM/bXZKIiKXjAScn4Z+a5jzbrVcK+bNAwaiQH2on+karIS+AiZCdZiDdhk0d3E8A
jVa9bT4M7txcRSP+A3NFNhHX7SyixQuiNUzYXOye78VI2MLrFJ+AbuVpczshd/qr
fsY0FRqNXbLwc4yVbzFkqlBCYiS0j35S5DQC+LsLFUwBDgBX7JmT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:48 2025 by rpki-client on console.sobornost.net