Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nmT81wvx-yTg9GH4m684w5fXqeE.roa
File: nmT81wvx-yTg9GH4m684w5fXqeE.roa (raw, json)
Hash identifier: HhIS1Nk34d3rWMjsVPRyr9xcyHWgFy7qSFWM4Tl9pLE=
Subject key identifier: 9E:64:FC:D7:0B:F1:FB:24:E0:F4:61:F8:9B:AF:38:C3:97:D7:A9:E1
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 0195FA9C1C8EB5EC872B6B54DEDDD1FA3E8A
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nmT81wvx-yTg9GH4m684w5fXqeE.roa
Signing time: Thu 03 Apr 2025 07:44:49 +0000
ROA not before: Thu 03 Apr 2025 07:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 91.193.164.0/22 maxlen: 22
94.45.128.0/19 maxlen: 24
94.45.128.0/24 maxlen: 24
94.45.130.0/24 maxlen: 24
94.45.143.0/24 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
195.191.214.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:9c:1c:8e:b5:ec:87:2b:6b:54:de:dd:d1:fa:3e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Apr 3 07:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e64fcd70bf1fb24e0f461f89baf38c397d7a9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:91:37:33:10:3a:6f:20:e5:11:dd:ad:78:
60:97:8d:9f:88:05:62:27:86:b0:e8:d9:ed:63:11:
b4:0e:e3:83:a2:1a:f7:b0:21:bc:ff:c3:ea:d2:c7:
0f:1a:f6:31:ec:01:50:ae:ad:d3:e9:64:17:dc:b0:
59:bd:ef:de:df:8b:0a:48:6e:5e:af:19:29:cf:85:
df:9e:19:bc:c7:16:f3:c9:e0:aa:66:2c:d1:69:c8:
6e:db:22:54:7c:92:64:4f:b0:31:f5:f6:c5:48:1c:
4f:73:1e:bd:56:4d:44:1e:36:bd:6f:1b:33:d3:f2:
c0:96:37:66:1d:78:ad:c0:9d:2f:db:1b:04:29:52:
7d:10:a3:e4:be:aa:a3:ca:b8:47:40:b3:48:d2:a5:
18:f0:3d:c9:f8:2c:f9:89:10:fd:2f:f3:7d:f7:ae:
72:36:cf:ed:98:f6:b4:0b:a1:92:e3:42:9f:3d:43:
51:f3:90:12:61:f0:20:58:ca:b4:d5:64:ec:91:8c:
0d:71:e0:40:bc:20:a3:ea:68:44:79:86:d4:7b:62:
76:86:f9:c5:ee:1a:03:c0:05:2d:e7:41:df:66:ab:
8b:c5:41:7d:9a:66:17:ba:92:aa:3a:e4:3c:e5:31:
22:1b:92:30:32:73:e9:71:6d:33:d8:3a:d0:62:91:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:64:FC:D7:0B:F1:FB:24:E0:F4:61:F8:9B:AF:38:C3:97:D7:A9:E1
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/nmT81wvx-yTg9GH4m684w5fXqeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/19
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:9f:db:0a:84:5d:be:46:03:f9:1b:91:55:5f:87:ec:af:d5:
df:03:09:c0:0c:a7:85:18:5c:26:32:71:12:bb:f6:9b:3e:19:
a5:3a:32:05:ce:09:d0:9c:59:8b:8a:2b:e3:47:1c:cd:9a:ba:
cd:b6:99:b3:a7:5d:13:b6:fa:be:38:e4:95:7e:24:fb:ba:4a:
49:ee:ed:7d:de:00:0a:a1:58:24:33:06:99:6e:e5:20:fc:4f:
7e:3d:79:bb:d7:bc:6f:c0:09:8c:8e:5c:74:21:36:f3:89:57:
39:19:30:ea:ed:d1:c0:4f:32:c0:06:9c:84:6a:97:d4:a3:a4:
cb:03:7a:61:cf:b0:6a:52:2a:d8:70:b4:8e:e4:83:5b:a4:bb:
e9:08:75:0f:22:f7:72:75:d3:de:bc:37:5b:f1:3a:f6:fd:70:
e6:80:db:7e:55:fb:b9:27:d5:9f:d8:25:4a:e8:68:4d:2c:60:
76:ac:93:91:35:0e:52:8a:b7:c0:2f:32:9f:1f:10:db:05:00:
0c:79:56:e2:52:c7:33:0b:b8:f4:58:b6:1f:85:40:91:c4:f3:
7f:5a:1e:09:53:92:8e:0a:d1:82:19:c9:05:16:33:1e:c5:c4:
69:6c:24:b3:86:09:0d:2c:a7:a4:06:33:81:e7:80:ab:74:22:
58:69:e9:8a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZX6nByOteyHK2tU3t3R+j6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwNDAzMDc0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY0ZmNkNzBiZjFmYjI0ZTBmNDYxZjg5YmFmMzhjMzk3ZDdhOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMiRNzMQOm8g5RHdrXhgl42fiAVi
J4aw6NntYxG0DuODohr3sCG8/8Pq0scPGvYx7AFQrq3T6WQX3LBZve/e34sKSG5e
rxkpz4Xfnhm8xxbzyeCqZizRachu2yJUfJJkT7Ax9fbFSBxPcx69Vk1EHja9bxsz
0/LAljdmHXitwJ0v2xsEKVJ9EKPkvqqjyrhHQLNI0qUY8D3J+Cz5iRD9L/N9965y
Ns/tmPa0C6GS40KfPUNR85ASYfAgWMq01WTskYwNceBAvCCj6mhEeYbUe2J2hvnF
7hoDwAUt50HfZquLxUF9mmYXupKqOuQ85TEiG5IwMnPpcW0z2DrQYpG5jwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ5k/NcL8fsk4PRh+JuvOMOX16nhMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvbm1UODF3dngteVRnOUdING02ODR3NWZYcWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8GkAwQF
Xi2AAwQCwrtsAwQBw4nKAwQBw7/WMA0GCSqGSIb3DQEBCwUAA4IBAQCtn9sKhF2+
RgP5G5FVX4fsr9XfAwnADKeFGFwmMnESu/abPhmlOjIFzgnQnFmLiivjRxzNmrrN
tpmzp10Ttvq+OOSVfiT7ukpJ7u193gAKoVgkMwaZbuUg/E9+PXm717xvwAmMjlx0
ITbziVc5GTDq7dHATzLABpyEapfUo6TLA3phz7BqUirYcLSO5INbpLvpCHUPIvdy
ddPevDdb8Tr2/XDmgNt+Vfu5J9Wf2CVK6GhNLGB2rJORNQ5SirfALzKfHxDbBQAM
eVbiUsczC7j0WLYfhUCRxPN/Wh4JU5KOCtGCGckFFjMexcRpbCSzhgkNLKekBjOB
54CrdCJYaemK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net