Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/Af7ldhBV2BL59OVqpiSrlWnlICA.roa
File: Af7ldhBV2BL59OVqpiSrlWnlICA.roa (raw, json)
Hash identifier: 1mIJJ7fbXzy89gAn5BxF2IlNCi4unsLjHDC9FPqmXU8=
Subject key identifier: 01:FE:E5:76:10:55:D8:12:F9:F4:E5:6A:A6:24:AB:95:69:E5:20:20
Certificate issuer: /CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Certificate serial: 0194228D5483330592E5E6BD9765D60E9AB7
Authority key identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/Af7ldhBV2BL59OVqpiSrlWnlICA.roa
Signing time: Wed 01 Jan 2025 15:47:55 +0000
ROA not before: Wed 01 Jan 2025 15:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60976
IP address blocks: 91.232.73.0/24 maxlen: 24
185.222.120.0/22 maxlen: 22
185.222.120.0/24 maxlen: 24
185.222.121.0/24 maxlen: 24
185.222.122.0/24 maxlen: 24
185.222.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:54:83:33:05:92:e5:e6:bd:97:65:d6:0e:9a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Validity
Not Before: Jan 1 15:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01fee5761055d812f9f4e56aa624ab9569e52020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:dd:cb:9d:b3:6d:2c:c2:89:99:2a:c8:85:
a7:2b:e9:f8:0d:1c:d0:47:18:40:ac:5e:74:b1:7f:
d0:59:2b:df:74:5c:f4:7a:7f:80:f8:fd:6a:d6:68:
92:b1:58:80:22:14:e5:de:49:d9:24:32:69:0e:6d:
97:1a:db:51:31:ee:3b:15:ce:99:ea:c2:e6:a0:28:
4f:db:05:5a:de:50:c0:d5:4f:a0:5b:9c:3a:e7:19:
44:75:83:6f:47:b0:27:85:b4:b9:f0:4c:54:19:93:
ce:c6:b5:32:77:23:31:a5:79:e4:12:3a:9b:b4:33:
78:7e:f3:0d:51:16:f6:77:3f:13:4c:14:0b:0d:8c:
ea:6b:23:ac:8c:67:86:17:59:40:db:1c:73:81:3b:
c5:cf:d7:13:98:42:09:86:fe:6f:8e:03:84:a2:d0:
20:86:4d:82:97:04:9b:bc:bb:b8:39:a8:50:20:a2:
d4:77:94:1e:28:e1:a0:b4:ef:d1:0e:f5:49:3f:e3:
a9:39:79:27:ab:86:db:73:22:74:9e:20:3c:fc:be:
56:77:ad:18:18:0a:05:3f:a8:37:d0:09:06:b2:e5:
cb:e0:8b:2c:35:1c:87:7e:eb:10:f6:92:dd:3d:10:
56:da:a0:9f:36:23:66:03:2b:6a:15:52:4f:dd:a3:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FE:E5:76:10:55:D8:12:F9:F4:E5:6A:A6:24:AB:95:69:E5:20:20
X509v3 Authority Key Identifier:
keyid:BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/Af7ldhBV2BL59OVqpiSrlWnlICA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.73.0/24
185.222.120.0/22
Signature Algorithm: sha256WithRSAEncryption
de:01:a0:49:27:73:c8:05:54:92:68:1e:68:7b:fe:9c:1b:df:
28:59:99:8f:d5:c1:94:41:76:70:d0:fd:dd:9b:3c:dc:e4:01:
05:e7:73:de:b3:79:dd:9a:33:73:7d:d0:95:a9:c6:71:05:c6:
b2:64:a9:10:bc:13:63:f7:94:0d:1f:32:6a:8a:5e:60:a2:6d:
2e:be:a6:d7:ce:7d:d6:63:02:d7:80:27:48:6d:c2:f5:a6:ca:
ab:7d:8c:6d:b3:3d:13:83:f5:23:58:0c:1d:33:2f:9b:c9:cf:
42:19:57:5b:6a:92:43:18:d5:78:b4:3b:00:46:66:9e:05:a2:
d2:9b:d3:34:6d:7b:75:7e:f8:03:7b:f6:86:1c:27:09:89:53:
86:4f:21:dd:db:77:39:79:eb:0b:12:9c:16:79:d4:b8:68:6d:
ff:ca:98:82:0c:ab:af:6d:ae:e5:b6:39:a7:c3:76:7b:5a:9d:
60:7b:4b:47:aa:66:05:f6:3f:88:14:93:24:a2:28:e5:3d:bb:
fe:b0:b7:c9:5e:9d:97:d8:b3:06:3d:d7:90:02:d8:ab:7b:f1:
62:92:6d:2c:84:da:ee:e5:7e:32:c7:59:2c:c6:78:90:9b:61:
9a:7f:f8:a5:f1:fc:13:3b:96:92:a3:2f:f0:fe:67:ea:3a:7a:
b7:ff:53:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijVSDMwWS5ea9l2XWDpq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOWI1NmQ4ZDk2ZWJjYjVmY2Y4N2RlMmVjMmI1MmMxOTRj
Y2Y5ZjkwHhcNMjUwMTAxMTU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZlZTU3NjEwNTVkODEyZjlmNGU1NmFhNjI0YWI5NTY5ZTUyMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhfdy52zbSzCiZkqyIWnK+n4DRzQ
RxhArF50sX/QWSvfdFz0en+A+P1q1miSsViAIhTl3knZJDJpDm2XGttRMe47Fc6Z
6sLmoChP2wVa3lDA1U+gW5w65xlEdYNvR7AnhbS58ExUGZPOxrUydyMxpXnkEjqb
tDN4fvMNURb2dz8TTBQLDYzqayOsjGeGF1lA2xxzgTvFz9cTmEIJhv5vjgOEotAg
hk2ClwSbvLu4OahQIKLUd5QeKOGgtO/RDvVJP+OpOXknq4bbcyJ0niA8/L5Wd60Y
GAoFP6g30AkGsuXL4IssNRyHfusQ9pLdPRBW2qCfNiNmAytqFVJP3aML5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAH+5XYQVdgS+fTlaqYkq5Vp5SAgMB8GA1UdIwQY
MBaAFLubVtjZbry1/Ph94uwrUsGUzPn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmIt
NGY0ZmU4MDNiMDE1LzEvQWY3bGRoQlYyQkw1OU9WcXBpU3JsV25sSUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmItNGY0ZmU4MDNiMDE1
LzEvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+hJAwQC
ud54MA0GCSqGSIb3DQEBCwUAA4IBAQDeAaBJJ3PIBVSSaB5oe/6cG98oWZmP1cGU
QXZw0P3dmzzc5AEF53Pes3ndmjNzfdCVqcZxBcayZKkQvBNj95QNHzJqil5gom0u
vqbXzn3WYwLXgCdIbcL1psqrfYxtsz0Tg/UjWAwdMy+byc9CGVdbapJDGNV4tDsA
RmaeBaLSm9M0bXt1fvgDe/aGHCcJiVOGTyHd23c5eesLEpwWedS4aG3/ypiCDKuv
ba7ltjmnw3Z7Wp1ge0tHqmYF9j+IFJMkoijlPbv+sLfJXp2X2LMGPdeQAtire/Fi
km0shNru5X4yx1ksxniQm2Gaf/il8fwTO5aSoy/w/mfqOnq3/1Oj
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:02:42 2025 by rpki-client on console.sobornost.net