Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/7lJrTTIO2zooVSl7zZp_UO3NA2A.roa
File: 7lJrTTIO2zooVSl7zZp_UO3NA2A.roa (raw, json)
Hash identifier: ob9QTWC/tQoW4XviSigFRT+IWVM+wZzBVH2/SY3oV7I=
Subject key identifier: EE:52:6B:4D:32:0E:DB:3A:28:55:29:7B:CD:9A:7F:50:ED:CD:03:60
Certificate issuer: /CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Certificate serial: 019423D7D5FCF33470BDF4377E5C79FC331F
Authority key identifier: 1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/7lJrTTIO2zooVSl7zZp_UO3NA2A.roa
Signing time: Wed 01 Jan 2025 21:48:55 +0000
ROA not before: Wed 01 Jan 2025 21:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34979
IP address blocks: 91.204.244.0/22 maxlen: 22
91.204.244.0/24 maxlen: 24
91.204.245.0/24 maxlen: 24
91.204.246.0/24 maxlen: 24
91.204.247.0/24 maxlen: 24
194.24.166.0/23 maxlen: 23
194.24.166.0/24 maxlen: 24
194.24.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d5:fc:f3:34:70:bd:f4:37:7e:5c:79:fc:33:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Validity
Not Before: Jan 1 21:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee526b4d320edb3a2855297bcd9a7f50edcd0360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d6:ef:d8:6b:ca:a9:9e:13:72:fa:8c:8f:06:
4e:70:4b:3e:8e:c4:cb:c4:f4:15:7a:d2:86:48:ac:
97:db:3d:b2:ec:d1:7f:25:38:d3:75:89:a5:de:23:
82:b6:20:75:d9:78:2d:f2:9e:84:79:e4:23:34:8b:
e9:75:b8:2f:3b:c7:30:f1:b2:7a:69:91:94:82:7c:
84:03:64:83:47:81:7c:9e:44:67:29:d8:61:b8:27:
3b:ba:68:89:57:84:8d:0f:d5:91:ea:e1:50:bc:85:
12:c9:ed:f3:cb:b7:35:07:cc:81:f5:04:22:6e:49:
8a:bc:6c:8f:21:c6:0a:53:fe:ac:74:a9:94:b8:63:
46:4a:89:6c:87:ba:8c:5d:53:0d:18:6b:7e:a4:a7:
b7:fb:25:cf:00:08:5f:5c:7b:fc:42:a4:21:bd:d1:
e8:73:14:22:99:4b:de:cc:9f:a0:e2:de:03:10:f3:
f1:d7:53:66:3f:a9:29:ae:66:4f:97:21:74:0c:95:
db:f9:10:8c:7f:2a:95:f6:92:dd:90:99:db:9c:9d:
39:ab:39:c0:75:00:49:dd:5d:86:66:2b:46:d8:44:
b6:72:e6:e0:b7:c8:93:6e:fe:da:b7:4d:1f:34:b6:
d3:41:f6:70:bf:da:9f:4c:cb:c8:46:fb:0e:fa:b2:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:52:6B:4D:32:0E:DB:3A:28:55:29:7B:CD:9A:7F:50:ED:CD:03:60
X509v3 Authority Key Identifier:
keyid:1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/7lJrTTIO2zooVSl7zZp_UO3NA2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/GtTMzv5VxeIjqbMgW5OKPRyehtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.244.0/22
194.24.166.0/23
Signature Algorithm: sha256WithRSAEncryption
46:b5:51:3f:e3:31:46:ca:87:34:f4:32:0d:ba:88:0c:93:57:
e3:18:7c:e4:6c:04:55:b9:a7:bc:48:21:6e:f2:ea:b2:cf:46:
4b:b6:66:29:02:46:0d:5e:97:3d:70:19:09:de:89:00:a5:78:
32:6c:7d:a5:58:73:fc:d3:36:45:cd:26:70:8e:91:c5:48:78:
00:ae:a3:04:30:56:0c:98:35:cc:44:b0:fe:d2:78:42:5d:02:
56:c8:67:e1:be:03:bf:63:3c:64:d1:94:28:10:37:ec:c2:2a:
0a:d3:af:ee:1e:79:ca:02:cc:78:f4:fe:77:65:66:2e:b7:be:
24:2d:be:b6:93:58:a5:83:89:9f:35:e6:71:9f:47:45:34:93:
5c:78:cb:7e:38:7f:c5:1c:5e:38:12:35:73:2c:a1:17:70:07:
cb:10:ef:80:6b:b4:53:2f:6b:4b:2f:d5:c1:a2:83:8d:06:da:
99:04:6b:de:80:8c:ff:c6:9b:3e:49:fc:c7:20:d4:9e:de:5d:
5a:88:fc:1f:8b:9f:c9:3f:b2:47:3e:08:ef:17:41:89:5d:99:
bc:3f:53:38:62:d2:34:1c:90:d6:a6:f9:6c:29:f5:d5:0f:fe:
02:0c:f4:5e:59:26:f7:83:1b:77:e1:2f:a0:04:ba:a2:19:ad:
29:1d:ef:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj19X88zRwvfQ3flx5/DMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDRjY2NlZmU1NWM1ZTIyM2E5YjMyMDViOTM4YTNkMWM5
ZTg2ZDUwHhcNMjUwMTAxMjE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTUyNmI0ZDMyMGVkYjNhMjg1NTI5N2JjZDlhN2Y1MGVkY2QwMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tbv2GvKqZ4TcvqMjwZOcEs+jsTL
xPQVetKGSKyX2z2y7NF/JTjTdYml3iOCtiB12Xgt8p6EeeQjNIvpdbgvO8cw8bJ6
aZGUgnyEA2SDR4F8nkRnKdhhuCc7umiJV4SND9WR6uFQvIUSye3zy7c1B8yB9QQi
bkmKvGyPIcYKU/6sdKmUuGNGSolsh7qMXVMNGGt+pKe3+yXPAAhfXHv8QqQhvdHo
cxQimUvezJ+g4t4DEPPx11NmP6kprmZPlyF0DJXb+RCMfyqV9pLdkJnbnJ05qznA
dQBJ3V2GZitG2ES2cubgt8iTbv7at00fNLbTQfZwv9qfTMvIRvsO+rKdOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO5Sa00yDts6KFUpe82af1DtzQNgMB8GA1UdIwQY
MBaAFBrUzM7+VcXiI6mzIFuTij0cnobVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RUTXp2NVZ4ZUlqcWJNZ1c1T0tQUnllaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMjM4NzAtNzRjNy00YTg0LTkwZWMt
YzMyMDM2NzUwZTM2LzEvN2xKclRUSU8yem9vVlNsN3pacF9VTzNOQTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMjM4NzAtNzRjNy00YTg0LTkwZWMtYzMyMDM2NzUwZTM2
LzEvR3RUTXp2NVZ4ZUlqcWJNZ1c1T0tQUnllaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8z0AwQB
whimMA0GCSqGSIb3DQEBCwUAA4IBAQBGtVE/4zFGyoc09DINuogMk1fjGHzkbARV
uae8SCFu8uqyz0ZLtmYpAkYNXpc9cBkJ3okApXgybH2lWHP80zZFzSZwjpHFSHgA
rqMEMFYMmDXMRLD+0nhCXQJWyGfhvgO/Yzxk0ZQoEDfswioK06/uHnnKAsx49P53
ZWYut74kLb62k1ilg4mfNeZxn0dFNJNceMt+OH/FHF44EjVzLKEXcAfLEO+Aa7RT
L2tLL9XBooONBtqZBGvegIz/xps+SfzHINSe3l1aiPwfi5/JP7JHPgjvF0GJXZm8
P1M4YtI0HJDWpvlsKfXVD/4CDPReWSb3gxt34S+gBLqiGa0pHe/n
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:58 2025 by rpki-client on console.sobornost.net