Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MS7f7uAFrgsoqEC82oQcdxoTjbw.roa
File: MS7f7uAFrgsoqEC82oQcdxoTjbw.roa (raw, json)
Hash identifier: q7csoElnOVcDXyC+5AwwUXnv70b0boL5P5Uhy6UmF5c=
Subject key identifier: 31:2E:DF:EE:E0:05:AE:0B:28:A8:40:BC:DA:84:1C:77:1A:13:8D:BC
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 019425FDA9CFDC53E9DCBE2DA218E8E46BA4
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MS7f7uAFrgsoqEC82oQcdxoTjbw.roa
Signing time: Thu 02 Jan 2025 07:49:28 +0000
ROA not before: Thu 02 Jan 2025 07:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62014
IP address blocks: 91.108.16.0/22 maxlen: 22
91.108.56.0/23 maxlen: 23
149.154.168.0/22 maxlen: 22
2001:b28:f23f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a9:cf:dc:53:e9:dc:be:2d:a2:18:e8:e4:6b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 2 07:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=312edfeee005ae0b28a840bcda841c771a138dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f0:41:ca:3e:6f:91:1c:25:1c:af:03:c2:f9:
76:14:7d:bd:47:de:ee:6a:78:e5:4d:5a:d1:56:6e:
fa:08:66:b7:70:79:25:f1:70:bb:fe:26:9a:5b:ac:
4b:8e:c5:9b:84:fa:07:82:76:ff:cd:01:8e:d9:c2:
b2:24:37:97:4a:f4:de:7c:d9:4d:d4:53:23:9b:ce:
79:b0:3f:d1:9f:df:a6:5d:b6:c7:e6:aa:ea:be:ca:
53:19:a1:0c:b1:84:ed:6a:70:bb:4d:6d:20:e7:30:
7f:a1:21:cc:72:1c:5f:bd:c3:af:24:61:bb:0b:62:
46:16:ae:d4:bf:41:80:cf:00:f1:d1:19:76:cf:2c:
df:24:48:c2:0a:2b:26:f8:fd:c7:40:b7:dd:c3:19:
b1:b9:d9:d0:7d:ce:51:c8:6b:3e:24:82:6e:9f:c7:
ed:d0:ec:26:88:b8:aa:1e:c3:38:97:a0:1b:58:eb:
ab:c8:7f:5d:e4:86:36:11:66:3b:c6:bc:e3:b5:61:
2b:f4:f9:53:30:38:43:75:49:95:0b:68:1a:dd:3e:
c4:ea:91:b3:62:58:c2:1d:86:1d:10:ae:a7:ab:be:
bc:c1:fa:43:7b:f8:be:32:4e:94:c0:14:0e:a5:94:
f9:7b:e1:7a:ca:a7:d4:eb:17:48:8b:c3:f5:76:47:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2E:DF:EE:E0:05:AE:0B:28:A8:40:BC:DA:84:1C:77:1A:13:8D:BC
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/MS7f7uAFrgsoqEC82oQcdxoTjbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.16.0/22
91.108.56.0/23
149.154.168.0/22
IPv6:
2001:b28:f23f::/48
Signature Algorithm: sha256WithRSAEncryption
66:11:5f:38:33:70:38:2d:5c:41:e1:21:a3:d9:e8:a1:03:a2:
22:bb:e7:f7:29:e8:e7:71:32:02:41:d4:34:90:cd:26:51:3c:
e9:34:7f:5a:64:0a:ed:29:60:85:76:1c:af:59:23:e3:c1:a0:
fb:af:0c:f6:6a:33:70:63:de:80:ac:1b:85:84:58:f6:66:cc:
2c:40:20:45:50:ee:cc:ff:85:60:15:26:a8:41:79:c4:1b:54:
e7:32:e6:2b:25:e1:1d:d9:dc:aa:8c:0b:a9:e5:bb:eb:02:4b:
4e:62:f2:76:de:98:6e:6f:40:12:75:a5:1d:57:2a:ba:ff:51:
6d:11:b4:d1:c6:18:03:73:75:2d:f7:cd:fe:4e:d5:22:11:74:
44:35:21:c9:7c:55:1c:57:52:e2:5a:1e:2f:c4:90:9b:62:86:
00:85:88:d9:00:6b:69:58:ea:67:7d:d0:34:6d:f5:32:e0:df:
bc:a9:61:ab:20:8c:cf:c0:9e:00:e5:b2:ac:60:db:07:7c:8c:
f5:e2:b2:81:e8:e3:fe:aa:da:04:eb:56:e9:83:87:45:34:76:
d3:98:83:8c:89:0b:4e:1d:8a:16:54:5f:1b:10:02:94:fa:45:
ff:54:76:05:19:50:de:20:e9:64:ba:a2:d5:36:1a:c2:4b:e0:
57:b8:c6:2e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQl/anP3FPp3L4tohjo5GukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMTAyMDc0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJlZGZlZWUwMDVhZTBiMjhhODQwYmNkYTg0MWM3NzFhMTM4ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PBByj5vkRwlHK8Dwvl2FH29R97u
anjlTVrRVm76CGa3cHkl8XC7/iaaW6xLjsWbhPoHgnb/zQGO2cKyJDeXSvTefNlN
1FMjm855sD/Rn9+mXbbH5qrqvspTGaEMsYTtanC7TW0g5zB/oSHMchxfvcOvJGG7
C2JGFq7Uv0GAzwDx0Rl2zyzfJEjCCism+P3HQLfdwxmxudnQfc5RyGs+JIJun8ft
0OwmiLiqHsM4l6AbWOuryH9d5IY2EWY7xrzjtWEr9PlTMDhDdUmVC2ga3T7E6pGz
YljCHYYdEK6nq768wfpDe/i+Mk6UwBQOpZT5e+F6yqfU6xdIi8P1dkdCYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDEu3+7gBa4LKKhAvNqEHHcaE428MB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvTVM3Zjd1QUZyZ3NvcUVDODJvUWNkeG9UamJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW2wQAwQB
W2w4AwQClZqoMA8EAgACMAkDBwAgAQso8j8wDQYJKoZIhvcNAQELBQADggEBAGYR
XzgzcDgtXEHhIaPZ6KEDoiK75/cp6OdxMgJB1DSQzSZRPOk0f1pkCu0pYIV2HK9Z
I+PBoPuvDPZqM3Bj3oCsG4WEWPZmzCxAIEVQ7sz/hWAVJqhBecQbVOcy5isl4R3Z
3KqMC6nlu+sCS05i8nbemG5vQBJ1pR1XKrr/UW0RtNHGGANzdS33zf5O1SIRdEQ1
Icl8VRxXUuJaHi/EkJtihgCFiNkAa2lY6md90DRt9TLg37ypYasgjM/AngDlsqxg
2wd8jPXisoHo4/6q2gTrVumDh0U0dtOYg4yJC04dihZUXxsQApT6Rf9UdgUZUN4g
6WS6otU2GsJL4Fe4xi4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:51 2025 by rpki-client on console.sobornost.net