Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/1-nSqvJkTY-iEcaodIZX8AZ4YyPw.roa
File: 1-nSqvJkTY-iEcaodIZX8AZ4YyPw.roa (raw, json)
Hash identifier: vUjOaLlV53p/HwQqT7e/Jx/GmnYkrtPHXgpsZfhmCG4=
Subject key identifier: FA:74:AA:BC:99:13:63:E8:84:71:AA:1D:21:95:FC:01:9E:18:C8:FC
Certificate issuer: /CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Certificate serial: 019425FD9E7C1FCC0AB5F463FAFA4319AA44
Authority key identifier: CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/1-nSqvJkTY-iEcaodIZX8AZ4YyPw.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51553
IP address blocks: 85.91.49.0/24 maxlen: 24
85.91.50.0/24 maxlen: 24
85.91.51.0/24 maxlen: 24
85.91.52.0/24 maxlen: 24
85.91.53.0/24 maxlen: 24
85.91.54.0/24 maxlen: 24
85.91.55.0/24 maxlen: 24
85.91.56.0/24 maxlen: 24
85.91.57.0/24 maxlen: 24
91.217.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9e:7c:1f:cc:0a:b5:f4:63:fa:fa:43:19:aa:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa74aabc991363e88471aa1d2195fc019e18c8fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:21:27:a3:d6:7d:3f:df:c9:95:3f:b4:39:b7:
bd:d2:63:d8:21:63:17:36:34:fd:bd:bc:d2:6c:01:
dc:cd:e0:07:6b:23:6b:ee:08:bc:59:21:af:92:e4:
33:94:38:26:fa:a7:18:14:7b:a8:ab:06:f6:d7:9b:
ad:17:f9:ca:2b:dc:13:73:c2:b8:b6:63:10:74:ed:
0f:cd:15:b3:03:04:4d:89:a9:71:50:c5:1e:9e:12:
3e:b9:08:36:70:f5:38:2f:42:64:91:81:53:7c:ef:
6a:28:59:26:df:f2:5f:a8:77:e5:4a:bd:69:0b:a4:
af:a5:5b:83:3e:46:d4:cd:9c:fd:3a:7b:c7:84:dc:
44:f5:20:dc:29:97:6d:8f:78:f5:69:8d:d5:63:2a:
81:8f:4c:db:33:57:6b:8e:64:93:72:d9:e6:08:55:
4d:1b:1c:f1:10:9b:97:f6:d6:06:50:8f:4f:86:84:
d5:2a:f4:1e:43:0a:d6:d3:6b:25:78:a7:b4:45:dc:
b0:79:a9:85:35:33:56:b4:eb:7a:fe:6f:df:c0:8c:
cf:78:3c:32:25:cf:0c:72:1a:38:73:ee:18:36:c4:
80:45:01:4c:35:f1:de:3e:2d:a8:0b:cd:f0:27:14:
b9:61:70:da:0f:bb:e6:83:82:a7:32:73:3f:ee:79:
64:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:74:AA:BC:99:13:63:E8:84:71:AA:1D:21:95:FC:01:9E:18:C8:FC
X509v3 Authority Key Identifier:
keyid:CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/1-nSqvJkTY-iEcaodIZX8AZ4YyPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.49.0-85.91.57.255
91.217.237.0/24
Signature Algorithm: sha256WithRSAEncryption
11:46:06:5d:fd:a4:d8:68:c1:db:6f:e0:97:95:fb:b2:a9:05:
20:3c:5d:7e:38:4a:ed:b4:56:95:2b:b2:62:26:3e:dd:ea:18:
6c:b7:0e:fe:32:69:bc:ca:c6:14:66:8e:ef:47:e3:27:6a:cf:
2e:95:b1:1e:43:ee:eb:f2:8a:ac:5f:7f:2c:fb:7e:a4:6d:9d:
aa:97:63:95:e9:f4:6f:89:d5:9f:48:46:11:75:51:7f:78:ec:
8f:f1:9f:04:96:bc:ca:43:72:8c:73:f8:0c:23:47:47:40:a8:
c3:dd:25:4f:68:58:bb:7d:e0:30:2d:b4:49:8f:e8:05:54:6d:
e3:a6:bc:ad:93:2e:5f:15:4a:65:4a:98:79:fa:2e:82:6f:bd:
56:8c:e3:d2:93:53:8d:61:83:4b:01:c6:09:bd:3d:86:86:e2:
c4:99:82:a1:57:8f:dd:be:7a:92:d0:e7:48:0e:97:7a:73:40:
bf:86:c8:ed:32:3a:6b:c6:6e:31:7a:4c:97:95:4b:63:82:da:
4c:6a:53:8b:2c:cb:1f:21:04:50:50:a6:f4:a0:22:4e:c3:31:
23:12:e5:c6:45:1d:0f:78:e7:e8:31:2b:ba:1e:d0:38:20:de:
a7:52:5d:92:ba:c2:97:95:b2:fb:75:e1:25:fc:02:39:ee:74:
92:f0:fa:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/Z58H8wKtfRj+vpDGapEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODM3NWMzMjFkZWY5MjY1OTgzZTIxOTRkNDBiYTk3YWZl
N2YxY2MwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc0YWFiYzk5MTM2M2U4ODQ3MWFhMWQyMTk1ZmMwMTllMThjOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iEno9Z9P9/JlT+0Obe90mPYIWMX
NjT9vbzSbAHczeAHayNr7gi8WSGvkuQzlDgm+qcYFHuoqwb215utF/nKK9wTc8K4
tmMQdO0PzRWzAwRNialxUMUenhI+uQg2cPU4L0JkkYFTfO9qKFkm3/JfqHflSr1p
C6SvpVuDPkbUzZz9OnvHhNxE9SDcKZdtj3j1aY3VYyqBj0zbM1drjmSTctnmCFVN
GxzxEJuX9tYGUI9PhoTVKvQeQwrW02sleKe0RdyweamFNTNWtOt6/m/fwIzPeDwy
Jc8Mcho4c+4YNsSARQFMNfHePi2oC83wJxS5YXDaD7vmg4KnMnM/7nlk4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPp0qryZE2PohHGqHSGV/AGeGMj8MB8GA1UdIwQY
MBaAFM+DdcMh3vkmWYPiGU1Aupev5/HMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUt
ZTBjN2I5NmI1N2YyLzEvMS1uU3F2SmtUWS1pRWNhb2RJWlg4QVo0WXlQdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYTc2NWEzLWVkOTQtNGZlMC1iZjQ1LWUwYzdiOTZiNTdm
Mi8xL3o0TjF3eUhlLVNaWmctSVpUVUM2bDZfbjhjdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAVVsx
AwQBVVs4AwQAW9ntMA0GCSqGSIb3DQEBCwUAA4IBAQARRgZd/aTYaMHbb+CXlfuy
qQUgPF1+OErttFaVK7JiJj7d6hhstw7+Mmm8ysYUZo7vR+Mnas8ulbEeQ+7r8oqs
X38s+36kbZ2ql2OV6fRvidWfSEYRdVF/eOyP8Z8ElrzKQ3KMc/gMI0dHQKjD3SVP
aFi7feAwLbRJj+gFVG3jprytky5fFUplSph5+i6Cb71WjOPSk1ONYYNLAcYJvT2G
huLEmYKhV4/dvnqS0OdIDpd6c0C/hsjtMjprxm4xekyXlUtjgtpMalOLLMsfIQRQ
UKb0oCJOwzEjEuXGRR0PeOfoMSu6HtA4IN6nUl2SusKXlbL7deEl/AI57nSS8Prr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:29 2025 by rpki-client on console.sobornost.net