Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/o7v3w6s-TtM4FqHNx2KIzrdDfyg.roa
File: o7v3w6s-TtM4FqHNx2KIzrdDfyg.roa (raw, json)
Hash identifier: E/bv9FlRfrfb8DUNG3s4m8ELhpH6SWFAZyVqbfxptQo=
Subject key identifier: A3:BB:F7:C3:AB:3E:4E:D3:38:16:A1:CD:C7:62:88:CE:B7:43:7F:28
Certificate issuer: /CN=408c96b92b6c698fd34fac7d581d4c0908dcce99
Certificate serial: 01941FF9FE86FFE358C9D65A7A12079C9BF5
Authority key identifier: 40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/o7v3w6s-TtM4FqHNx2KIzrdDfyg.roa
Signing time: Wed 01 Jan 2025 03:47:44 +0000
ROA not before: Wed 01 Jan 2025 03:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211892
IP address blocks: 91.196.232.0/22 maxlen: 22
91.196.232.0/23 maxlen: 23
91.196.234.0/23 maxlen: 23
185.116.61.0/24 maxlen: 24
2a04:6d00::/29 maxlen: 29
2a0c:8040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:f9:fe:86:ff:e3:58:c9:d6:5a:7a:12:07:9c:9b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408c96b92b6c698fd34fac7d581d4c0908dcce99
Validity
Not Before: Jan 1 03:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3bbf7c3ab3e4ed33816a1cdc76288ceb7437f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:86:29:75:e4:55:c0:d6:3c:4e:88:e7:a3:
1e:fa:ee:8a:a3:d3:dc:fd:12:43:e9:c3:67:1c:72:
b9:fc:cd:23:e0:5c:0d:6b:59:1f:1f:58:be:1c:b1:
b2:1a:cf:d8:9b:b1:bc:9a:2e:ca:f2:a2:b3:66:a5:
84:67:b5:ce:3d:a6:70:b3:dd:43:45:ac:c5:d1:da:
81:e4:d6:d7:28:7a:ab:27:25:45:c3:91:23:4f:72:
14:36:8d:3b:13:31:ce:32:80:4d:20:54:40:9a:b0:
c9:7f:fc:f6:c7:3a:8c:fd:7b:3a:cd:e2:2f:d7:8a:
af:a2:65:11:c1:86:e0:d6:fb:f2:49:a2:ed:73:8c:
25:73:f4:e4:38:eb:0a:d9:2b:45:84:43:0f:b3:91:
74:0c:a2:d1:3f:ad:bb:0a:08:b2:ce:5a:5c:43:28:
75:68:69:7b:bc:a8:38:ab:d4:f4:64:df:89:32:57:
9a:fb:7f:b1:dd:15:29:6b:0a:7e:c2:ed:4b:7a:0f:
80:f8:d9:83:2c:bd:50:d3:db:32:b9:3b:a1:41:15:
55:35:c2:ad:04:9d:e6:a0:e6:7f:cd:ae:6e:22:ba:
f5:1a:3c:04:15:b6:49:fb:59:bb:37:da:6b:e8:8c:
5e:4e:a4:c4:13:1c:82:17:b2:b5:b0:ce:06:c8:d8:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BB:F7:C3:AB:3E:4E:D3:38:16:A1:CD:C7:62:88:CE:B7:43:7F:28
X509v3 Authority Key Identifier:
keyid:40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/o7v3w6s-TtM4FqHNx2KIzrdDfyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.232.0/22
185.116.61.0/24
IPv6:
2a04:6d00::/29
2a0c:8040::/29
Signature Algorithm: sha256WithRSAEncryption
43:ce:ef:87:a8:cc:88:36:cf:33:f0:41:bb:6b:fe:3d:0e:3c:
10:d4:08:83:ec:bf:dd:03:83:16:76:21:ae:07:1d:03:62:74:
92:c3:70:47:66:a6:d5:06:77:e5:e3:63:24:98:69:e8:ad:40:
cc:7d:07:69:ad:e4:0b:eb:8b:74:34:6a:14:6c:69:b2:19:4e:
0f:3c:ea:89:c6:4c:0e:67:67:7d:90:55:12:ca:c0:d7:09:c0:
70:18:9b:94:7e:eb:31:cc:49:92:a3:51:1d:9f:98:1d:2e:a8:
c7:25:02:2d:a2:54:a8:29:c0:db:d6:08:d7:18:d7:79:04:e6:
6b:78:8d:bd:1f:0b:67:66:4b:e8:20:64:e7:2f:a4:91:d8:ca:
9a:d2:4b:02:c2:3b:d1:84:01:df:69:c3:69:d5:e3:5a:0a:66:
11:c7:f5:46:72:99:ac:b3:81:6e:c8:ee:d0:de:2f:6a:d5:ad:
f1:9b:ad:61:6a:54:3a:69:ca:4f:41:11:31:de:7c:16:cf:d3:
95:69:48:96:61:1f:3b:0b:57:8e:12:97:93:3f:7b:a6:54:f7:
79:8b:48:92:81:ea:3b:4b:be:d1:90:b5:eb:84:65:be:c1:b1:
7b:d8:05:aa:e9:c9:2e:2f:2f:d5:d5:e1:af:d8:ad:15:20:bf:
4c:ec:b0:f5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQf+f6G/+NYydZaehIHnJv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGM5NmI5MmI2YzY5OGZkMzRmYWM3ZDU4MWQ0YzA5MDhk
Y2NlOTkwHhcNMjUwMTAxMDM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2JiZjdjM2FiM2U0ZWQzMzgxNmExY2RjNzYyODhjZWI3NDM3ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT+GKXXkVcDWPE6I56Me+u6Ko9Pc
/RJD6cNnHHK5/M0j4FwNa1kfH1i+HLGyGs/Ym7G8mi7K8qKzZqWEZ7XOPaZws91D
RazF0dqB5NbXKHqrJyVFw5EjT3IUNo07EzHOMoBNIFRAmrDJf/z2xzqM/Xs6zeIv
14qvomURwYbg1vvySaLtc4wlc/TkOOsK2StFhEMPs5F0DKLRP627CgiyzlpcQyh1
aGl7vKg4q9T0ZN+JMlea+3+x3RUpawp+wu1Leg+A+NmDLL1Q09syuTuhQRVVNcKt
BJ3moOZ/za5uIrr1GjwEFbZJ+1m7N9pr6IxeTqTEExyCF7K1sM4GyNjZSQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKO798OrPk7TOBahzcdiiM63Q38oMB8GA1UdIwQY
MBaAFECMlrkrbGmP00+sfVgdTAkI3M6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzct
NTZiYmYwYmVhZjQ3LzEvbzd2M3c2cy1UdE00RnFITngyS0l6cmREZnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzctNTZiYmYwYmVhZjQ3
LzEvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW8ToAwQA
uXQ9MBQEAgACMA4DBQMqBG0AAwUDKgyAQDANBgkqhkiG9w0BAQsFAAOCAQEAQ87v
h6jMiDbPM/BBu2v+PQ48ENQIg+y/3QODFnYhrgcdA2J0ksNwR2am1QZ35eNjJJhp
6K1AzH0Haa3kC+uLdDRqFGxpshlODzzqicZMDmdnfZBVEsrA1wnAcBiblH7rMcxJ
kqNRHZ+YHS6oxyUCLaJUqCnA29YI1xjXeQTma3iNvR8LZ2ZL6CBk5y+kkdjKmtJL
AsI70YQB32nDadXjWgpmEcf1RnKZrLOBbsju0N4vatWt8ZutYWpUOmnKT0ERMd58
Fs/TlWlIlmEfOwtXjhKXkz97plT3eYtIkoHqO0u+0ZC164RlvsGxe9gFqunJLi8v
1dXhr9itFSC/TOyw9Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:02 2025 by rpki-client on console.sobornost.net