Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/4gvK6UAte4i_DJjE1TPbFT1Ok98.roa
File: 4gvK6UAte4i_DJjE1TPbFT1Ok98.roa (raw, json)
Hash identifier: GoLsyVhZqQfvGCGN6U4GMh9d59SyLh07nIkIOiePbx8=
Subject key identifier: E2:0B:CA:E9:40:2D:7B:88:BF:0C:98:C4:D5:33:DB:15:3D:4E:93:DF
Certificate issuer: /CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Certificate serial: 019425FCB40D0FE680F662DD07F4C3008EBA
Authority key identifier: 87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/4gvK6UAte4i_DJjE1TPbFT1Ok98.roa
Signing time: Thu 02 Jan 2025 07:48:25 +0000
ROA not before: Thu 02 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210514
IP address blocks: 91.225.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b4:0d:0f:e6:80:f6:62:dd:07:f4:c3:00:8e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Validity
Not Before: Jan 2 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e20bcae9402d7b88bf0c98c4d533db153d4e93df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:2b:62:29:38:7a:2a:b1:0b:78:ea:b6:45:
13:d4:40:86:2c:ba:c1:65:80:fd:fb:57:20:59:82:
f5:6b:56:8b:61:80:6f:56:18:97:70:8b:65:98:ac:
0a:18:a4:00:41:ad:52:ed:78:1c:88:66:f3:28:e6:
cc:f5:2d:d2:31:6a:c8:d3:69:c8:b9:c0:5d:0f:9b:
ab:5d:df:6c:cc:3d:a6:e0:e0:8b:ef:b4:00:67:60:
e9:ce:b2:cf:36:0d:99:29:a4:d5:83:08:ed:1f:27:
d3:5c:28:1d:c0:6f:ae:c1:4a:09:b0:b5:98:ea:40:
58:16:ea:2b:6a:c4:e9:f2:19:1f:22:dc:fc:06:ba:
5e:2c:59:b9:7c:4a:98:ed:63:ff:7c:8a:1b:68:fb:
6e:78:44:0a:ef:86:b7:64:2d:26:b1:02:77:65:76:
36:94:32:0e:0d:52:db:ae:af:b1:f6:1a:83:94:8f:
1a:51:00:0e:67:01:bb:7c:cb:b8:74:5a:dd:ba:79:
22:fa:fa:3f:5a:b3:ea:48:6e:4a:bd:6e:2b:df:ad:
c9:55:b9:d6:c5:5b:e6:17:80:df:e3:9e:34:6f:6e:
50:ca:a1:83:f3:b1:67:a9:de:06:ac:7a:35:7e:92:
2b:1d:23:78:f0:40:68:25:9d:b3:6d:31:92:c5:4f:
04:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0B:CA:E9:40:2D:7B:88:BF:0C:98:C4:D5:33:DB:15:3D:4E:93:DF
X509v3 Authority Key Identifier:
keyid:87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/4gvK6UAte4i_DJjE1TPbFT1Ok98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.203.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:bc:64:ec:1a:4b:cb:4e:46:32:32:54:76:cf:3f:8d:e6:d1:
e3:3c:5f:dd:17:92:8d:6e:41:d7:24:f0:8f:fd:fb:7b:cd:bd:
86:3e:91:cb:29:71:1c:2a:ad:70:c1:ee:ee:1e:91:0d:75:91:
9e:fc:e4:ac:4b:68:79:85:4f:e0:df:cd:52:82:00:13:b7:b4:
19:2f:8f:66:51:a2:12:09:03:be:2f:ce:38:93:16:43:3a:17:
5a:49:ef:a2:15:4b:d3:60:80:e0:dc:f1:c1:ee:60:47:db:e7:
2b:b9:6e:89:b1:67:11:3f:19:c3:3e:eb:b8:9d:5f:1e:52:4d:
a8:91:29:45:42:9e:75:47:43:3b:e8:e8:a2:dc:6a:29:5d:cb:
8a:5c:a1:19:05:9a:3c:a3:1f:5a:33:58:97:f3:77:47:c1:fe:
99:26:55:fd:b0:16:d0:94:2b:71:bb:30:5e:e1:76:09:81:70:
0c:bf:f7:54:db:70:77:3e:cd:88:c4:03:c1:22:4a:eb:35:66:
9c:49:e2:7e:3e:61:e6:aa:e3:80:24:5d:bc:94:56:6a:9e:32:
f6:0c:a7:a5:e4:7a:c1:5c:fd:ea:26:e7:8b:be:29:09:fb:34:
b6:0d:4a:5a:31:d8:e0:fc:90:6a:c9:40:3a:62:e2:b3:50:67:
e7:42:bf:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/LQND+aA9mLdB/TDAI66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzcyNmIxN2IwMWJmMGI1NDQyNmQxODEwZjIzZGM0ZjU4
ZjZhN2IwHhcNMjUwMTAyMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjBiY2FlOTQwMmQ3Yjg4YmYwYzk4YzRkNTMzZGIxNTNkNGU5M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFgrYik4eiqxC3jqtkUT1ECGLLrB
ZYD9+1cgWYL1a1aLYYBvVhiXcItlmKwKGKQAQa1S7XgciGbzKObM9S3SMWrI02nI
ucBdD5urXd9szD2m4OCL77QAZ2DpzrLPNg2ZKaTVgwjtHyfTXCgdwG+uwUoJsLWY
6kBYFuorasTp8hkfItz8BrpeLFm5fEqY7WP/fIobaPtueEQK74a3ZC0msQJ3ZXY2
lDIODVLbrq+x9hqDlI8aUQAOZwG7fMu4dFrdunki+vo/WrPqSG5KvW4r363JVbnW
xVvmF4Df4540b25QyqGD87Fnqd4GrHo1fpIrHSN48EBoJZ2zbTGSxU8ELQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOILyulALXuIvwyYxNUz2xU9TpPfMB8GA1UdIwQY
MBaAFIc3JrF7Ab8LVEJtGBDyPcT1j2p7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQt
MmFlMzUxNzU3MTNjLzEvNGd2SzZVQXRlNGlfREpqRTFUUGJGVDFPazk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQtMmFlMzUxNzU3MTNj
LzEvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+HLMA0G
CSqGSIb3DQEBCwUAA4IBAQBNvGTsGkvLTkYyMlR2zz+N5tHjPF/dF5KNbkHXJPCP
/ft7zb2GPpHLKXEcKq1wwe7uHpENdZGe/OSsS2h5hU/g381SggATt7QZL49mUaIS
CQO+L844kxZDOhdaSe+iFUvTYIDg3PHB7mBH2+cruW6JsWcRPxnDPuu4nV8eUk2o
kSlFQp51R0M76Oii3GopXcuKXKEZBZo8ox9aM1iX83dHwf6ZJlX9sBbQlCtxuzBe
4XYJgXAMv/dU23B3Ps2IxAPBIkrrNWacSeJ+PmHmquOAJF28lFZqnjL2DKel5HrB
XP3qJueLvikJ+zS2DUpaMdjg/JBqyUA6YuKzUGfnQr+Z
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net