Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa
File: fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa (raw, json)
Hash identifier: Kuo9lPYONUc1nk6pXtWGALeHz/jfanabaBDCbZ+GeWY=
Subject key identifier: 7E:5D:48:A8:9D:B6:39:90:FF:E5:63:5E:77:56:8E:A9:11:54:F9:D4
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 0194266BD376696DA7FB3FAD00C5F07E5A28
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa
Signing time: Thu 02 Jan 2025 09:49:48 +0000
ROA not before: Thu 02 Jan 2025 09:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205747
IP address blocks: 91.212.77.0/24 maxlen: 24
185.188.196.0/22 maxlen: 24
192.175.38.0/23 maxlen: 23
193.247.254.0/24 maxlen: 24
2a0b:d080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d3:76:69:6d:a7:fb:3f:ad:00:c5:f0:7e:5a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Jan 2 09:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e5d48a89db63990ffe5635e77568ea91154f9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8e:d9:32:93:25:f5:41:bf:e1:75:41:7b:6d:
26:e3:75:01:15:0e:d5:ad:b1:da:77:e0:c5:f2:57:
52:9b:e0:36:f8:df:cb:c8:aa:dd:c9:66:2a:0d:74:
31:e0:a7:71:52:93:04:ed:25:25:f2:35:ff:3f:db:
8d:1d:60:d3:23:14:33:00:aa:2f:73:df:0d:40:d8:
f2:a1:cf:70:ff:f4:d3:e1:7f:b7:36:14:c6:6c:f4:
6d:ff:20:01:3b:d2:31:55:90:74:c4:1c:45:8e:c0:
be:62:ac:11:6c:50:1a:a3:9e:5d:e6:aa:f9:d2:80:
f8:af:40:60:af:fc:68:6f:d8:4c:6e:91:79:38:2f:
de:4b:91:36:e9:3e:07:44:a6:55:d4:b7:77:9c:21:
d6:9e:e7:81:65:95:34:90:51:19:d9:c3:28:8f:9a:
b5:97:11:b4:fa:f3:d7:bd:a9:12:23:0b:43:36:8b:
57:74:9b:3d:d7:a2:4e:99:dc:47:71:bd:30:3b:0b:
2e:64:27:ff:62:1d:45:ae:2c:2f:b3:8b:e2:2f:20:
22:48:2f:94:8d:f4:ea:bb:ba:f9:a5:84:db:c6:4d:
4c:13:0b:b5:0d:cf:fb:d2:d2:e0:fa:a9:9b:ff:e2:
bf:69:b0:04:8e:2b:0f:02:1c:db:59:af:2d:59:c9:
3c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5D:48:A8:9D:B6:39:90:FF:E5:63:5E:77:56:8E:A9:11:54:F9:D4
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.77.0/24
185.188.196.0/22
192.175.38.0/23
193.247.254.0/24
IPv6:
2a0b:d080::/32
Signature Algorithm: sha256WithRSAEncryption
9e:17:b2:38:a0:40:af:64:be:3b:d9:1b:aa:ff:4c:01:95:73:
b6:4f:c7:ea:3c:56:88:79:c3:0f:9d:e1:2b:10:50:c2:cd:80:
32:27:21:f9:78:39:b0:e1:e2:15:ec:50:ce:5e:8a:61:f0:e8:
da:7d:97:62:88:12:6e:75:c5:05:2a:3a:71:3d:3e:c0:4d:3e:
0b:5d:ba:c3:47:0c:5f:d5:8f:91:0d:9f:5d:2e:06:be:74:01:
71:96:db:61:af:60:04:cb:da:f8:5e:27:db:ac:13:65:b7:d4:
ed:35:ff:65:4d:85:93:73:9d:68:f6:04:7f:5e:f8:6a:18:d1:
65:20:f3:dc:b3:5a:00:e1:03:d8:01:f5:74:d9:45:47:24:b4:
60:be:64:ca:41:53:72:49:f9:a9:68:25:dc:36:1f:da:6f:52:
9d:bc:83:64:13:63:bd:4f:7d:94:fc:01:4f:30:21:c1:08:36:
dd:d7:b9:bc:e2:d3:1d:23:19:38:b7:c7:64:4d:7e:e4:e5:df:
bf:b2:20:e0:e6:76:65:85:fa:01:62:59:a3:54:5f:1d:73:0e:
ad:7a:61:49:8f:bc:f0:ab:ae:00:ee:1c:8d:f0:3c:f2:29:ad:
be:7d:7a:19:c9:1b:3e:24:0f:b2:a5:c2:08:5a:f1:a8:56:04:
7c:05:7a:f1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma9N2aW2n+z+tAMXwflooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm
YzdkN2MwHhcNMjUwMTAyMDk0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTVkNDhhODlkYjYzOTkwZmZlNTYzNWU3NzU2OGVhOTExNTRmOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2o7ZMpMl9UG/4XVBe20m43UBFQ7V
rbHad+DF8ldSm+A2+N/LyKrdyWYqDXQx4KdxUpME7SUl8jX/P9uNHWDTIxQzAKov
c98NQNjyoc9w//TT4X+3NhTGbPRt/yABO9IxVZB0xBxFjsC+YqwRbFAao55d5qr5
0oD4r0Bgr/xob9hMbpF5OC/eS5E26T4HRKZV1Ld3nCHWnueBZZU0kFEZ2cMoj5q1
lxG0+vPXvakSIwtDNotXdJs916JOmdxHcb0wOwsuZCf/Yh1Friwvs4viLyAiSC+U
jfTqu7r5pYTbxk1MEwu1Dc/70tLg+qmb/+K/abAEjisPAhzbWa8tWck8OQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFH5dSKidtjmQ/+VjXndWjqkRVPnUMB8GA1UdIwQY
MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt
YWY0ZTUyNDFiZjIwLzEvZmwxSXFKMjJPWkRfNVdOZWQxYU9xUkZVLWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw
LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9RNAwQC
ubzEAwQBwK8mAwQAwff+MA0EAgACMAcDBQAqC9CAMA0GCSqGSIb3DQEBCwUAA4IB
AQCeF7I4oECvZL472Ruq/0wBlXO2T8fqPFaIecMPneErEFDCzYAyJyH5eDmw4eIV
7FDOXoph8OjafZdiiBJudcUFKjpxPT7ATT4LXbrDRwxf1Y+RDZ9dLga+dAFxltth
r2AEy9r4XifbrBNlt9TtNf9lTYWTc51o9gR/XvhqGNFlIPPcs1oA4QPYAfV02UVH
JLRgvmTKQVNySfmpaCXcNh/ab1KdvINkE2O9T32U/AFPMCHBCDbd17m84tMdIxk4
t8dkTX7k5d+/siDg5nZlhfoBYlmjVF8dcw6temFJj7zwq64A7hyN8DzyKa2+fXoZ
yRs+JA+ypcIIWvGoVgR8BXrx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:04 2025 by rpki-client on console.sobornost.net