Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c33af6-36a9-47b0-83e7-8bbc3a9e4f43/1/PuzSFCpssVQvjZAtpt-uOtGr7hY.roa
File: PuzSFCpssVQvjZAtpt-uOtGr7hY.roa (raw, json)
Hash identifier: SPN1lNtFS0koIE09mFP53lEypWhv8lUH53A6TRYkysY=
Subject key identifier: 3E:EC:D2:14:2A:6C:B1:54:2F:8D:90:2D:A6:DF:AE:3A:D1:AB:EE:16
Certificate issuer: /CN=8a66ae400c2d681960e8553fcb31578b8d9cdfb6
Certificate serial: 0194F98D1E1A7D78DA31BF0203C969EB0F5F
Authority key identifier: 8A:66:AE:40:0C:2D:68:19:60:E8:55:3F:CB:31:57:8B:8D:9C:DF:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imauQAwtaBlg6FU_yzFXi42c37Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/c33af6-36a9-47b0-83e7-8bbc3a9e4f43/1/PuzSFCpssVQvjZAtpt-uOtGr7hY.roa
Signing time: Wed 12 Feb 2025 09:46:02 +0000
ROA not before: Wed 12 Feb 2025 09:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59511
IP address blocks: 91.212.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:8d:1e:1a:7d:78:da:31:bf:02:03:c9:69:eb:0f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a66ae400c2d681960e8553fcb31578b8d9cdfb6
Validity
Not Before: Feb 12 09:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3eecd2142a6cb1542f8d902da6dfae3ad1abee16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7a:0e:2d:70:c4:00:07:e6:7a:ec:53:4d:c4:
e1:9f:08:0e:ac:cb:6c:cb:21:6e:0c:4b:59:b4:53:
f5:8a:d8:03:c6:47:71:a5:f4:9c:b7:65:60:5b:f2:
00:04:1d:21:2d:05:70:3f:f4:66:e5:c9:22:57:87:
d5:43:e6:78:1e:a0:bb:2a:f7:54:44:20:f3:9e:0a:
ca:5e:50:f1:20:03:37:9b:78:b2:31:ce:14:db:11:
a5:96:cc:4f:2f:71:e3:a4:f3:4e:2c:72:54:25:c2:
cf:39:1c:5f:04:ee:0a:cc:69:e8:8d:67:3f:7b:43:
d6:3f:b2:59:b7:83:e9:a2:44:cd:e4:38:48:20:a4:
39:cb:1c:d3:cb:a2:de:01:cf:6f:d1:ae:42:1a:73:
e3:6f:9a:7a:b1:5e:ca:6b:c7:b4:66:76:20:e7:cc:
fe:3d:a2:0d:eb:2e:5f:ca:83:72:b5:56:2e:3c:0c:
0d:3d:da:64:50:61:4e:67:9c:c5:1e:37:e1:a1:45:
5e:cb:22:9c:30:d9:0b:dd:9c:f4:b6:43:30:b9:8c:
21:dc:f2:18:1c:9d:99:7a:e1:3d:96:39:5d:7c:83:
5c:78:22:a2:eb:7f:de:13:7a:89:bf:14:b6:a1:d3:
bc:16:d1:d1:c7:c2:d4:53:83:92:67:b7:f6:46:da:
92:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EC:D2:14:2A:6C:B1:54:2F:8D:90:2D:A6:DF:AE:3A:D1:AB:EE:16
X509v3 Authority Key Identifier:
keyid:8A:66:AE:40:0C:2D:68:19:60:E8:55:3F:CB:31:57:8B:8D:9C:DF:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imauQAwtaBlg6FU_yzFXi42c37Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c33af6-36a9-47b0-83e7-8bbc3a9e4f43/1/PuzSFCpssVQvjZAtpt-uOtGr7hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c33af6-36a9-47b0-83e7-8bbc3a9e4f43/1/imauQAwtaBlg6FU_yzFXi42c37Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.148.0/24
Signature Algorithm: sha256WithRSAEncryption
14:e1:7a:18:ad:26:5c:92:53:bb:e9:70:b9:6f:c5:b5:84:5f:
47:2b:42:54:5d:eb:4d:bf:cb:c9:71:a0:af:6f:76:07:a4:ec:
b4:c5:45:b0:1d:e1:0b:9a:bf:26:30:f0:10:66:c4:c8:b6:11:
68:99:19:7a:69:ce:bb:05:af:14:d2:f5:97:99:17:21:fe:d1:
cf:e6:54:c1:22:bb:c1:74:6c:f8:9b:56:8e:96:b3:64:c1:3c:
3c:6b:01:ca:ce:d5:36:b7:7a:9f:43:b2:5b:c1:3d:39:a4:73:
ba:ae:23:71:f7:1e:8d:a2:88:c4:8c:ab:5a:37:ea:f8:15:96:
25:8a:b5:4b:da:4c:8b:e8:92:a8:b4:6c:d4:70:c2:27:2f:7d:
7b:2a:af:fc:ff:0e:7d:3b:71:0a:09:a2:1c:78:1c:b2:3f:47:
c2:ff:d0:24:80:d7:3d:b8:70:fd:c6:6c:79:a6:b4:e5:d6:94:
57:5e:e6:8e:f6:62:3d:e3:79:32:38:e7:fe:c3:a1:f4:ed:1a:
a8:a7:e1:38:16:b4:6a:3f:df:4d:d2:82:7b:08:fd:6a:61:0a:
e4:e3:6d:b3:27:7e:57:4e:05:fa:21:52:3c:05:8e:eb:3e:31:
9c:07:06:59:6b:7a:32:d2:93:df:5b:e9:b3:97:ca:15:2a:3c:
aa:7c:ff:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT5jR4afXjaMb8CA8lp6w9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjZhZTQwMGMyZDY4MTk2MGU4NTUzZmNiMzE1NzhiOGQ5
Y2RmYjYwHhcNMjUwMjEyMDk0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWVjZDIxNDJhNmNiMTU0MmY4ZDkwMmRhNmRmYWUzYWQxYWJlZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXoOLXDEAAfmeuxTTcThnwgOrMts
yyFuDEtZtFP1itgDxkdxpfSct2VgW/IABB0hLQVwP/Rm5ckiV4fVQ+Z4HqC7KvdU
RCDzngrKXlDxIAM3m3iyMc4U2xGllsxPL3HjpPNOLHJUJcLPORxfBO4KzGnojWc/
e0PWP7JZt4PpokTN5DhIIKQ5yxzTy6LeAc9v0a5CGnPjb5p6sV7Ka8e0ZnYg58z+
PaIN6y5fyoNytVYuPAwNPdpkUGFOZ5zFHjfhoUVeyyKcMNkL3Zz0tkMwuYwh3PIY
HJ2ZeuE9ljldfINceCKi63/eE3qJvxS2odO8FtHRx8LUU4OSZ7f2RtqSbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7s0hQqbLFUL42QLabfrjrRq+4WMB8GA1UdIwQY
MBaAFIpmrkAMLWgZYOhVP8sxV4uNnN+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1hdVFBd3RhQmxnNkZVX3l6RlhpNDJjMzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jMzNhZjYtMzZhOS00N2IwLTgzZTct
OGJiYzNhOWU0ZjQzLzEvUHV6U0ZDcHNzVlF2alpBdHB0LXVPdEdyN2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jMzNhZjYtMzZhOS00N2IwLTgzZTctOGJiYzNhOWU0ZjQz
LzEvaW1hdVFBd3RhQmxnNkZVX3l6RlhpNDJjMzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9SUMA0G
CSqGSIb3DQEBCwUAA4IBAQAU4XoYrSZcklO76XC5b8W1hF9HK0JUXetNv8vJcaCv
b3YHpOy0xUWwHeELmr8mMPAQZsTIthFomRl6ac67Ba8U0vWXmRch/tHP5lTBIrvB
dGz4m1aOlrNkwTw8awHKztU2t3qfQ7JbwT05pHO6riNx9x6NoojEjKtaN+r4FZYl
irVL2kyL6JKotGzUcMInL317Kq/8/w59O3EKCaIceByyP0fC/9AkgNc9uHD9xmx5
prTl1pRXXuaO9mI943kyOOf+w6H07Rqop+E4FrRqP99N0oJ7CP1qYQrk422zJ35X
TgX6IVI8BY7rPjGcBwZZa3oy0pPfW+mzl8oVKjyqfP9w
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:09 2025 by rpki-client on console.sobornost.net