Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/M-Lz3FCjDhBtf8lJAjoTZlL7SGA.roa
File: M-Lz3FCjDhBtf8lJAjoTZlL7SGA.roa (raw, json)
Hash identifier: zkL8K0BACxY6H8HDpNVgGyq7SYLZMemlKE7UDQfTAuo=
Subject key identifier: 33:E2:F3:DC:50:A3:0E:10:6D:7F:C9:49:02:3A:13:66:52:FB:48:60
Certificate issuer: /CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Certificate serial: 0194274875307C2C79FE20DDBA80DD819FF1
Authority key identifier: 90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/M-Lz3FCjDhBtf8lJAjoTZlL7SGA.roa
Signing time: Thu 02 Jan 2025 13:50:47 +0000
ROA not before: Thu 02 Jan 2025 13:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212073
IP address blocks: 91.209.16.0/24 maxlen: 24
2a0f:c440::/48 maxlen: 48
2a0f:c444::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:75:30:7c:2c:79:fe:20:dd:ba:80:dd:81:9f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0
Validity
Not Before: Jan 2 13:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33e2f3dc50a30e106d7fc949023a136652fb4860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:15:5d:bb:39:a4:f0:a4:b9:e1:db:f7:0f:6d:
5e:6e:43:e4:77:df:09:d6:b3:56:77:52:b4:b0:55:
87:46:55:d5:6f:db:cd:65:08:98:3d:c3:19:9e:14:
f0:bb:05:8c:56:18:11:fe:b3:1e:e8:2f:8e:ce:8e:
45:35:4c:11:4e:3d:58:ae:15:04:c9:96:17:c3:b1:
d8:ce:d3:a8:e6:a2:b7:66:7b:05:f2:e6:dc:f4:cd:
25:2f:c5:4e:1e:8b:66:42:61:f7:7e:6f:36:fe:39:
da:63:65:e5:57:fd:cf:11:d2:ae:c5:8b:cb:4c:51:
0b:52:3f:0a:d8:57:a3:c3:de:11:f6:f4:48:58:34:
2c:c1:7e:25:f3:c9:35:02:74:59:84:28:73:f4:35:
ef:4c:43:42:7e:96:7a:41:0e:d1:f7:bb:30:59:a7:
bb:0f:a9:63:dc:b9:30:13:25:63:14:63:5a:da:39:
27:18:0f:5a:33:17:23:a9:f0:f3:30:f3:95:56:b4:
38:67:5b:5b:28:40:9c:6e:32:db:5c:a4:84:c8:a4:
e1:ac:11:d7:20:9c:f7:aa:b1:71:82:3a:32:7a:cc:
6e:e6:97:ab:a3:c0:5e:d6:ad:01:eb:2c:02:8c:4b:
fa:e9:f1:1b:24:fc:0f:cd:56:00:6c:90:e9:64:dd:
c1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E2:F3:DC:50:A3:0E:10:6D:7F:C9:49:02:3A:13:66:52:FB:48:60
X509v3 Authority Key Identifier:
keyid:90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/M-Lz3FCjDhBtf8lJAjoTZlL7SGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.16.0/24
IPv6:
2a0f:c440::/48
2a0f:c444::/32
Signature Algorithm: sha256WithRSAEncryption
8c:c5:41:b8:6d:9b:a4:4a:d5:9f:f5:52:84:26:b8:b1:59:ea:
cd:05:93:b7:ee:2c:cb:95:a5:19:b8:28:44:8b:cd:fd:21:55:
3c:6f:fb:26:cd:8f:55:bb:0d:4f:ab:d5:0d:ba:dc:09:9e:68:
0a:23:82:f8:f6:84:91:39:c9:c9:4d:40:2c:02:84:0a:16:7f:
2e:26:68:72:32:53:b6:a4:48:18:9a:9d:4d:79:a0:ff:95:2f:
88:99:01:4a:3a:48:de:90:f2:f1:d1:46:c9:9f:3c:c4:76:a4:
91:ef:fb:2f:80:c8:04:05:b8:f6:45:82:03:c2:df:5e:ef:39:
3c:17:64:b0:11:2c:db:69:63:37:18:19:69:d3:8b:2e:24:3e:
7d:11:40:f6:05:70:df:1d:fe:0a:2f:34:b3:91:9c:fe:69:7d:
61:1a:1d:0e:3d:9a:31:48:ef:67:e3:47:b9:10:24:19:10:29:
61:3f:cd:cf:32:82:a6:8c:34:25:8d:1e:cc:55:1f:68:d1:6e:
ef:cb:2a:29:e1:fc:0e:c7:10:c2:61:56:f8:65:59:01:91:a8:
8d:ee:35:bc:3e:f9:6f:e7:49:78:b7:bc:92:2d:44:b8:42:d6:
16:27:d5:94:6d:27:64:58:d6:54:5f:1c:b1:07:77:5f:25:99:
35:06:6a:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnSHUwfCx5/iDduoDdgZ/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZmQ4YWFlMWI2ZTE1OWEyZmE4ZjAzZDdhMzE4OGExZTE4
MDcyYTAwHhcNMjUwMTAyMTM1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2UyZjNkYzUwYTMwZTEwNmQ3ZmM5NDkwMjNhMTM2NjUyZmI0ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBVduzmk8KS54dv3D21ebkPkd98J
1rNWd1K0sFWHRlXVb9vNZQiYPcMZnhTwuwWMVhgR/rMe6C+Ozo5FNUwRTj1YrhUE
yZYXw7HYztOo5qK3ZnsF8ubc9M0lL8VOHotmQmH3fm82/jnaY2XlV/3PEdKuxYvL
TFELUj8K2Fejw94R9vRIWDQswX4l88k1AnRZhChz9DXvTENCfpZ6QQ7R97swWae7
D6lj3LkwEyVjFGNa2jknGA9aMxcjqfDzMPOVVrQ4Z1tbKECcbjLbXKSEyKThrBHX
IJz3qrFxgjoyesxu5pero8Be1q0B6ywCjEv66fEbJPwPzVYAbJDpZN3BhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDPi89xQow4QbX/JSQI6E2ZS+0hgMB8GA1UdIwQY
MBaAFJD9iq4bbhWaL6jwPXoxiKHhgHKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDct
Nzk5MzU5MTExM2U0LzEvTS1MejNGQ2pEaEJ0ZjhsSkFqb1RabEw3U0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDctNzk5MzU5MTExM2U0
LzEva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9EQMBYE
AgACMBADBwAqD8RAAAADBQAqD8REMA0GCSqGSIb3DQEBCwUAA4IBAQCMxUG4bZuk
StWf9VKEJrixWerNBZO37izLlaUZuChEi839IVU8b/smzY9Vuw1Pq9UNutwJnmgK
I4L49oSROcnJTUAsAoQKFn8uJmhyMlO2pEgYmp1NeaD/lS+ImQFKOkjekPLx0UbJ
nzzEdqSR7/svgMgEBbj2RYIDwt9e7zk8F2SwESzbaWM3GBlp04suJD59EUD2BXDf
Hf4KLzSzkZz+aX1hGh0OPZoxSO9n40e5ECQZEClhP83PMoKmjDQljR7MVR9o0W7v
yyop4fwOxxDCYVb4ZVkBkaiN7jW8Pvlv50l4t7ySLUS4QtYWJ9WUbSdkWNZUXxyx
B3dfJZk1BmpB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net