Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/DAWuOXIzShKngVeAXIk14zxR1_o.roa
File: DAWuOXIzShKngVeAXIk14zxR1_o.roa (raw, json)
Hash identifier: BRexZQjukSfkz0NX2Zg92MIjIVuvAgUDzsMd3Qrzxp0=
Subject key identifier: 0C:05:AE:39:72:33:4A:12:A7:81:57:80:5C:89:35:E3:3C:51:D7:FA
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 0194236A4A21109107A1DB14D6190589C0A7
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/DAWuOXIzShKngVeAXIk14zxR1_o.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60674
IP address blocks: 91.216.40.0/24 maxlen: 24
2a11:e480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4a:21:10:91:07:a1:db:14:d6:19:05:89:c0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c05ae3972334a12a78157805c8935e33c51d7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3d:c2:41:43:76:48:28:05:fe:7e:73:11:80:
30:5a:5c:64:50:06:31:d8:f6:6f:1b:22:1f:5f:d0:
45:7d:37:59:c6:3d:6b:c7:df:3b:bc:ce:b9:fd:d1:
c9:e4:47:5b:3b:7e:ef:7e:6e:6d:b3:ed:ac:7e:ed:
f9:84:49:1f:f5:eb:4e:8b:62:1b:99:58:77:4a:a6:
d7:4b:9a:0b:19:d1:d1:ef:e3:0a:13:1f:fb:b8:c3:
55:4d:80:2e:59:43:4b:c2:25:e8:2d:04:39:e9:99:
fe:4f:9b:f8:dc:34:7c:cb:dd:92:d9:5f:35:8f:c2:
11:a1:14:f9:f5:81:21:30:df:bb:88:f7:ba:ca:45:
12:de:65:ef:52:fa:5d:69:fb:04:ac:9c:ad:7c:62:
98:a4:6e:dc:ab:9a:ba:a5:74:c5:9b:1f:ab:5e:64:
f0:b8:c9:67:71:db:be:39:fa:2f:4d:40:c4:c1:00:
c5:7b:d7:46:0d:6e:33:74:b1:ed:df:aa:d8:6c:a3:
cd:be:67:46:be:d5:f9:ff:20:42:10:26:bb:7e:49:
e0:dc:41:69:25:84:35:ef:82:c5:af:ba:1e:bb:f1:
83:fa:5b:f5:98:9b:ba:80:e2:9c:36:8f:3c:20:c6:
f5:19:ec:40:56:8c:50:1b:2e:b7:9e:97:f2:4f:91:
39:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:05:AE:39:72:33:4A:12:A7:81:57:80:5C:89:35:E3:3C:51:D7:FA
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/DAWuOXIzShKngVeAXIk14zxR1_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.40.0/24
IPv6:
2a11:e480::/32
Signature Algorithm: sha256WithRSAEncryption
0e:69:6b:61:49:45:b1:d4:fd:22:c1:80:7e:a2:f9:a4:17:99:
64:fc:c8:8b:1d:4f:25:9f:c5:e4:57:d8:37:3a:83:01:e6:f8:
57:1a:3d:3b:d9:c8:88:10:f3:60:81:1b:f8:dd:a6:b9:84:5b:
08:16:70:23:1c:3d:e9:43:c5:b1:2a:1c:b6:42:00:19:d6:c1:
1f:0d:3f:d4:b2:30:97:59:89:64:1a:a7:fc:87:02:6b:ee:f2:
50:1d:3b:89:8d:dc:87:02:30:fd:f9:3a:6b:9b:1b:35:2d:83:
6d:3c:a4:ae:88:81:94:87:83:38:eb:23:a3:25:bc:a2:49:8b:
9c:01:1e:fc:47:5d:29:0d:30:5c:17:fb:54:59:a7:80:1c:36:
b3:bf:c3:3e:55:29:cd:39:0f:e3:46:db:9a:f9:d5:d6:bb:1b:
fa:10:f0:8a:58:1a:8a:97:56:f4:a0:b1:cb:a3:7f:02:db:9a:
98:2e:a1:e8:10:74:7b:51:11:3f:53:78:bb:8e:3a:2f:c3:b1:
19:09:27:55:e8:42:b1:cf:04:9e:ff:a2:ce:3d:a9:4d:9d:44:
f0:c6:b8:16:a2:31:41:2a:c0:af:cc:c5:66:9c:a4:55:0e:2d:
72:10:d6:6e:47:b1:46:a4:32:d9:15:10:74:43:10:6a:bc:cf:
74:e6:df:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjakohEJEHodsU1hkFicCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA1YWUzOTcyMzM0YTEyYTc4MTU3ODA1Yzg5MzVlMzNjNTFkN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz3CQUN2SCgF/n5zEYAwWlxkUAYx
2PZvGyIfX9BFfTdZxj1rx987vM65/dHJ5EdbO37vfm5ts+2sfu35hEkf9etOi2Ib
mVh3SqbXS5oLGdHR7+MKEx/7uMNVTYAuWUNLwiXoLQQ56Zn+T5v43DR8y92S2V81
j8IRoRT59YEhMN+7iPe6ykUS3mXvUvpdafsErJytfGKYpG7cq5q6pXTFmx+rXmTw
uMlncdu+OfovTUDEwQDFe9dGDW4zdLHt36rYbKPNvmdGvtX5/yBCECa7fkng3EFp
JYQ174LFr7oeu/GD+lv1mJu6gOKcNo88IMb1GexAVoxQGy63npfyT5E5yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAwFrjlyM0oSp4FXgFyJNeM8Udf6MB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvREFXdU9YSXpTaEtuZ1ZlQVhJazE0enhSMV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9goMA0E
AgACMAcDBQAqEeSAMA0GCSqGSIb3DQEBCwUAA4IBAQAOaWthSUWx1P0iwYB+ovmk
F5lk/MiLHU8ln8XkV9g3OoMB5vhXGj072ciIEPNggRv43aa5hFsIFnAjHD3pQ8Wx
Khy2QgAZ1sEfDT/UsjCXWYlkGqf8hwJr7vJQHTuJjdyHAjD9+Tprmxs1LYNtPKSu
iIGUh4M46yOjJbyiSYucAR78R10pDTBcF/tUWaeAHDazv8M+VSnNOQ/jRtua+dXW
uxv6EPCKWBqKl1b0oLHLo38C25qYLqHoEHR7URE/U3i7jjovw7EZCSdV6EKxzwSe
/6LOPalNnUTwxrgWojFBKsCvzMVmnKRVDi1yENZuR7FGpDLZFRB0QxBqvM905t98
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:51 2025 by rpki-client on console.sobornost.net