Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/KbSVDODyeN3kHoikV78WDWGb18w.roa
File: KbSVDODyeN3kHoikV78WDWGb18w.roa (raw, json)
Hash identifier: oRCPK1YwXowGG8GKKm2eZqlzH0XvN6BREuS7mGHYkgI=
Subject key identifier: 29:B4:95:0C:E0:F2:78:DD:E4:1E:88:A4:57:BF:16:0D:61:9B:D7:CC
Certificate issuer: /CN=4d10e9d4f4afb8a4d1b919ec8593f46ba3bba7f7
Certificate serial: 01942067E57133F9BF04425C6559C02B2E7D
Authority key identifier: 4D:10:E9:D4:F4:AF:B8:A4:D1:B9:19:EC:85:93:F4:6B:A3:BB:A7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRDp1PSvuKTRuRnshZP0a6O7p_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/KbSVDODyeN3kHoikV78WDWGb18w.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198592
IP address blocks: 91.236.252.0/24 maxlen: 24
91.236.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e5:71:33:f9:bf:04:42:5c:65:59:c0:2b:2e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d10e9d4f4afb8a4d1b919ec8593f46ba3bba7f7
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29b4950ce0f278dde41e88a457bf160d619bd7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cc:7d:04:f5:c9:9c:86:36:fc:08:e7:c2:c3:
15:c7:40:71:3e:ec:bb:5d:e5:88:1d:88:49:44:6c:
a6:71:0c:9f:1f:d4:7f:bb:10:98:78:61:6c:21:56:
c0:60:44:15:49:a1:6d:35:4a:5e:cf:43:c5:c7:ee:
ed:91:ff:09:ea:e2:1c:e8:f5:9e:5b:d4:7f:e2:32:
6b:ed:a9:2d:1f:cb:ab:8f:6b:fe:4b:93:51:3b:ed:
c4:d8:66:6a:bb:f0:c0:dc:24:29:f4:d4:ab:61:1f:
25:c0:d7:64:16:5a:14:08:41:81:12:c4:6e:5d:3f:
87:87:cb:b5:da:5f:59:7a:22:2f:d7:41:6f:13:ca:
3d:ce:2a:db:85:45:4c:5a:98:7d:77:e1:8c:51:63:
f2:97:5c:09:38:21:0d:a1:99:2f:fc:4e:14:cb:8b:
9f:18:30:3f:a3:e3:e3:a3:a6:9e:d3:f6:a0:eb:b9:
2e:62:34:80:ab:d4:17:9d:21:6b:9b:f6:02:bb:a7:
d4:34:21:4f:d3:b4:60:83:52:26:68:60:bd:2e:55:
e3:73:51:ef:c6:09:a2:22:53:67:58:65:c7:7e:16:
f6:bc:3a:5b:7f:e0:52:87:f8:18:6f:32:7f:fc:a8:
9d:61:6f:6c:46:29:9b:d2:98:e7:7f:db:72:2f:40:
14:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B4:95:0C:E0:F2:78:DD:E4:1E:88:A4:57:BF:16:0D:61:9B:D7:CC
X509v3 Authority Key Identifier:
keyid:4D:10:E9:D4:F4:AF:B8:A4:D1:B9:19:EC:85:93:F4:6B:A3:BB:A7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRDp1PSvuKTRuRnshZP0a6O7p_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/KbSVDODyeN3kHoikV78WDWGb18w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/TRDp1PSvuKTRuRnshZP0a6O7p_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.252.0/23
Signature Algorithm: sha256WithRSAEncryption
23:0c:42:b2:4b:3a:96:e0:92:48:2b:f8:cf:0a:d4:7d:29:3b:
5d:08:c0:4c:de:76:d6:00:c8:b5:93:31:b7:9c:1a:53:ec:2d:
89:3c:c3:e3:5d:5a:e0:a7:42:68:82:82:5f:7a:f2:9f:50:d8:
a6:fc:00:b4:1f:47:19:bf:8f:2f:b1:b5:07:9b:0a:7b:4d:97:
b3:09:d1:a0:76:fb:00:3e:3f:3a:ee:16:15:c5:68:d0:8c:60:
df:93:1b:d1:9c:24:59:52:ed:87:cd:3a:0e:22:f3:16:d3:a9:
86:e4:a4:b4:4b:30:73:d3:2e:69:1a:bb:2c:3a:93:d5:a3:59:
ec:61:89:53:eb:c3:86:f1:9e:a9:33:f4:f8:dd:d2:82:a3:75:
af:16:c3:2f:c6:17:76:24:64:0c:82:e9:95:10:7d:c8:64:ea:
6f:c8:fd:4c:f4:bb:31:72:10:7c:36:67:b3:8d:01:a5:b6:08:
03:fd:86:3f:c6:13:42:aa:4c:06:89:9a:7f:1d:63:1c:31:38:
a7:19:e3:60:06:79:c6:4f:aa:66:71:4e:c5:35:a9:e2:58:e2:
68:42:74:f7:52:11:87:73:ee:ad:92:54:b8:17:0e:51:03:c1:
7e:cd:5f:b3:4a:eb:9d:01:62:7d:14:93:37:57:8a:96:33:b7:
c9:2f:93:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+VxM/m/BEJcZVnAKy59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTBlOWQ0ZjRhZmI4YTRkMWI5MTllYzg1OTNmNDZiYTNi
YmE3ZjcwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI0OTUwY2UwZjI3OGRkZTQxZTg4YTQ1N2JmMTYwZDYxOWJkN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sx9BPXJnIY2/AjnwsMVx0BxPuy7
XeWIHYhJRGymcQyfH9R/uxCYeGFsIVbAYEQVSaFtNUpez0PFx+7tkf8J6uIc6PWe
W9R/4jJr7aktH8urj2v+S5NRO+3E2GZqu/DA3CQp9NSrYR8lwNdkFloUCEGBEsRu
XT+Hh8u12l9ZeiIv10FvE8o9zirbhUVMWph9d+GMUWPyl1wJOCENoZkv/E4Uy4uf
GDA/o+Pjo6ae0/ag67kuYjSAq9QXnSFrm/YCu6fUNCFP07Rgg1ImaGC9LlXjc1Hv
xgmiIlNnWGXHfhb2vDpbf+BSh/gYbzJ//KidYW9sRimb0pjnf9tyL0AUjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm0lQzg8njd5B6IpFe/Fg1hm9fMMB8GA1UdIwQY
MBaAFE0Q6dT0r7ik0bkZ7IWT9Guju6f3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJEcDFQU3Z1S1RSdVJuc2haUDBhNk83cF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lM2Q4YjEtMTAxZi00MGU4LWJjZDMt
MTU1YWY5ZDgzMDM2LzEvS2JTVkRPRHllTjNrSG9pa1Y3OFdEV0diMTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lM2Q4YjEtMTAxZi00MGU4LWJjZDMtMTU1YWY5ZDgzMDM2
LzEvVFJEcDFQU3Z1S1RSdVJuc2haUDBhNk83cF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+z8MA0G
CSqGSIb3DQEBCwUAA4IBAQAjDEKySzqW4JJIK/jPCtR9KTtdCMBM3nbWAMi1kzG3
nBpT7C2JPMPjXVrgp0JogoJfevKfUNim/AC0H0cZv48vsbUHmwp7TZezCdGgdvsA
Pj867hYVxWjQjGDfkxvRnCRZUu2HzToOIvMW06mG5KS0SzBz0y5pGrssOpPVo1ns
YYlT68OG8Z6pM/T43dKCo3WvFsMvxhd2JGQMgumVEH3IZOpvyP1M9LsxchB8Nmez
jQGltggD/YY/xhNCqkwGiZp/HWMcMTinGeNgBnnGT6pmcU7FNaniWOJoQnT3UhGH
c+6tklS4Fw5RA8F+zV+zSuudAWJ9FJM3V4qWM7fJL5N3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:51 2025 by rpki-client on console.sobornost.net