Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/MCaozM05EgQpOj9KWtfk_EMYWf0.roa
File: MCaozM05EgQpOj9KWtfk_EMYWf0.roa (raw, json)
Hash identifier: I6Y0DISsiTz+oGPxMCPt4OQoH1zQxzx22/aiFTgMNtU=
Subject key identifier: 30:26:A8:CC:CD:39:12:04:29:3A:3F:4A:5A:D7:E4:FC:43:18:59:FD
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 019420D6214F45BFC0F7876CFE02A68A606A
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/MCaozM05EgQpOj9KWtfk_EMYWf0.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6855
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:21:4f:45:bf:c0:f7:87:6c:fe:02:a6:8a:60:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3026a8cccd391204293a3f4a5ad7e4fc431859fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:d2:e2:ea:13:42:67:ca:d2:95:1e:b8:ba:
ab:38:d1:72:c1:fd:ae:90:c5:38:38:9e:b7:22:43:
7e:ba:de:38:86:29:f9:cd:39:2d:b9:fa:59:70:6f:
c2:7e:61:74:23:46:a1:01:47:63:ab:cd:e2:bc:9e:
1e:57:4b:f6:ee:fe:18:7f:69:02:99:29:9c:a1:9c:
d8:58:4c:d2:f2:24:73:b9:ce:81:89:05:8f:4b:6b:
c7:6c:32:21:db:42:3d:9b:75:53:c4:72:e0:b7:6c:
5b:f0:f8:10:73:ba:46:e2:5e:40:df:cb:48:19:1c:
aa:c7:cd:8b:d7:ed:34:8d:ee:a4:b0:91:0b:fe:b8:
71:c7:3c:b9:4b:8c:f1:8c:59:34:3b:fb:0c:74:15:
c3:d3:c3:7f:1d:30:c7:44:95:04:6e:5b:e6:eb:ca:
f8:9b:3d:69:f7:5c:15:8a:11:ca:21:46:9a:25:ed:
13:34:1e:c6:b2:79:04:a6:b8:1b:0b:d9:4b:39:26:
da:fe:44:00:68:f0:50:23:e5:0b:29:d4:96:7d:30:
4a:fb:75:7b:a4:06:09:9c:9e:0b:19:3d:7d:eb:40:
af:2f:4d:af:1a:1e:12:94:9a:48:ab:01:ba:b5:e9:
7c:bc:4c:ab:d4:9d:23:b8:06:74:7b:9d:bb:7d:71:
53:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:26:A8:CC:CD:39:12:04:29:3A:3F:4A:5A:D7:E4:FC:43:18:59:FD
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/MCaozM05EgQpOj9KWtfk_EMYWf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
23:5b:8a:54:8e:d3:8a:76:fe:e7:0e:10:ec:0c:3b:11:b6:c1:
13:18:b6:c3:94:bc:26:de:36:8e:42:e9:5e:9e:4f:95:66:e9:
d5:b0:2f:22:92:f7:ae:e9:21:2c:06:1e:57:cf:4d:79:6b:a7:
c2:1d:0a:c3:47:0a:a2:49:ca:ee:ea:3c:aa:64:6e:a4:4c:32:
69:bf:cf:ec:75:52:ae:95:51:48:2d:f7:50:80:e4:59:84:f9:
b1:17:fe:4e:a7:da:ce:de:ac:bf:00:de:df:14:1b:6d:93:60:
bb:eb:a7:a3:9b:f4:17:51:c2:9e:9a:76:e7:41:62:8f:f6:a9:
10:e2:c7:e3:9e:be:cf:14:db:00:af:b3:f3:be:d7:1e:31:ee:
ab:c8:92:52:a4:30:ab:a4:9d:74:32:a6:c1:a5:d8:23:3c:6e:
de:0b:23:8f:a1:92:e5:ad:73:0f:45:4f:08:a2:ca:b3:20:e2:
b9:25:91:c2:b6:0a:fa:34:f3:96:a2:4e:50:3b:13:13:52:ac:
44:dd:f5:f1:75:81:e1:05:7c:e5:12:17:4f:b9:77:9c:cb:91:
3c:61:ae:1b:00:ed:77:40:b5:c0:e4:c6:6b:45:7e:b9:ae:ad:
b9:3c:30:ac:40:9b:17:85:5e:18:02:61:b3:7d:63:fe:58:63:
6e:0e:c0:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1iFPRb/A94ds/gKmimBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI2YThjY2NkMzkxMjA0MjkzYTNmNGE1YWQ3ZTRmYzQzMTg1OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5rS4uoTQmfK0pUeuLqrONFywf2u
kMU4OJ63IkN+ut44hin5zTktufpZcG/CfmF0I0ahAUdjq83ivJ4eV0v27v4Yf2kC
mSmcoZzYWEzS8iRzuc6BiQWPS2vHbDIh20I9m3VTxHLgt2xb8PgQc7pG4l5A38tI
GRyqx82L1+00je6ksJEL/rhxxzy5S4zxjFk0O/sMdBXD08N/HTDHRJUEblvm68r4
mz1p91wVihHKIUaaJe0TNB7GsnkEprgbC9lLOSba/kQAaPBQI+ULKdSWfTBK+3V7
pAYJnJ4LGT1960CvL02vGh4SlJpIqwG6tel8vEyr1J0juAZ0e527fXFTWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDAmqMzNORIEKTo/SlrX5PxDGFn9MB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvTUNhb3pNMDVFZ1FwT2o5S1d0ZmtfRU1ZV2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW/UQMA0E
AgACMAcDBQAqAQX3MA0GCSqGSIb3DQEBCwUAA4IBAQAjW4pUjtOKdv7nDhDsDDsR
tsETGLbDlLwm3jaOQulenk+VZunVsC8ikveu6SEsBh5Xz015a6fCHQrDRwqiScru
6jyqZG6kTDJpv8/sdVKulVFILfdQgORZhPmxF/5Op9rO3qy/AN7fFBttk2C766ej
m/QXUcKemnbnQWKP9qkQ4sfjnr7PFNsAr7PzvtceMe6ryJJSpDCrpJ10MqbBpdgj
PG7eCyOPoZLlrXMPRU8IosqzIOK5JZHCtgr6NPOWok5QOxMTUqxE3fXxdYHhBXzl
EhdPuXecy5E8Ya4bAO13QLXA5MZrRX65rq25PDCsQJsXhV4YAmGzfWP+WGNuDsCd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net