Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/1cgE3uMD9UQj0N9D1NwFutRDIfE.roa
File: 1cgE3uMD9UQj0N9D1NwFutRDIfE.roa (raw, json)
Hash identifier: sz+QlLmzVk2yB4VM7ft/t4trcbfch70ucXLho0/P3wo=
Subject key identifier: D5:C8:04:DE:E3:03:F5:44:23:D0:DF:43:D4:DC:05:BA:D4:43:21:F1
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 01942444A98AF4BA89828DA58FB60B61BCDB
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/1cgE3uMD9UQj0N9D1NwFutRDIfE.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50964
IP address blocks: 91.205.76.0/22 maxlen: 22
194.0.92.0/22 maxlen: 22
194.0.92.0/24 maxlen: 24
194.0.93.0/24 maxlen: 24
194.0.94.0/24 maxlen: 24
194.0.95.0/24 maxlen: 24
194.59.36.0/22 maxlen: 22
194.59.36.0/24 maxlen: 24
194.59.37.0/24 maxlen: 24
194.59.38.0/24 maxlen: 24
194.59.39.0/24 maxlen: 24
194.76.38.0/23 maxlen: 23
194.76.38.0/24 maxlen: 24
194.76.39.0/24 maxlen: 24
194.127.180.0/24 maxlen: 24
195.189.92.0/22 maxlen: 22
195.189.92.0/24 maxlen: 24
195.189.93.0/24 maxlen: 24
195.189.94.0/24 maxlen: 24
195.189.95.0/24 maxlen: 24
2001:67c:2da8::/48 maxlen: 48
2001:67c:2dac::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a9:8a:f4:ba:89:82:8d:a5:8f:b6:0b:61:bc:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5c804dee303f54423d0df43d4dc05bad44321f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:e8:8a:c9:b9:e5:33:4c:02:cd:07:f3:43:
9c:28:da:7e:19:f4:7a:13:2f:eb:a0:0b:30:0f:57:
a6:cf:ef:4c:3e:8d:0f:23:ea:34:44:10:d1:fd:9e:
89:31:26:bb:81:54:fe:e7:ae:31:b8:2b:45:2f:d9:
37:b8:92:14:f8:8b:60:70:c4:54:6b:20:1d:fe:70:
17:52:07:0e:37:eb:ea:f5:ff:87:b1:5e:4d:f8:5e:
02:9e:26:ee:c7:92:72:0f:91:c6:93:ba:f6:d3:a4:
0b:44:cd:0d:ad:de:66:54:66:46:c9:63:40:1e:dc:
e8:c5:b0:e1:ca:98:27:9d:f7:2b:80:86:7c:c8:df:
b2:83:22:ef:b3:79:72:66:bb:59:22:f1:5d:bf:80:
fc:fd:bc:07:0a:d4:bf:86:f8:33:44:66:07:48:f6:
6e:24:98:c8:20:06:21:4b:d0:47:74:f1:c6:46:a8:
f7:00:b7:9c:ba:f5:ad:29:d2:33:9f:1c:50:3a:a0:
16:98:71:b7:cb:c8:50:36:cb:79:29:83:0d:92:c7:
de:56:4f:b0:4c:e4:02:64:a9:f3:8f:b9:09:34:6c:
eb:96:7b:72:ec:21:87:72:d6:f6:f5:55:a0:d2:53:
31:72:39:c3:f2:e5:73:d6:9b:f5:c1:3a:35:3f:9e:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C8:04:DE:E3:03:F5:44:23:D0:DF:43:D4:DC:05:BA:D4:43:21:F1
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/1cgE3uMD9UQj0N9D1NwFutRDIfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.76.0/22
194.0.92.0/22
194.59.36.0/22
194.76.38.0/23
194.127.180.0/24
195.189.92.0/22
IPv6:
2001:67c:2da8::/48
2001:67c:2dac::/48
Signature Algorithm: sha256WithRSAEncryption
68:29:54:13:12:fa:b9:c4:29:54:d4:eb:a9:42:4b:80:ca:5c:
52:29:61:12:e7:1a:4b:de:fd:3b:57:f4:4a:c6:c2:a5:8a:d4:
63:c7:b6:cd:ea:ca:aa:10:88:f3:ed:82:98:b7:cf:8a:aa:87:
78:6e:95:29:fa:70:36:ba:9a:8f:c8:cf:73:57:76:8f:e0:a4:
25:90:cc:e2:13:cc:77:55:ba:5e:34:ec:38:19:e8:39:59:26:
48:2d:55:d2:60:63:2f:b8:ea:44:26:c6:cc:4e:fd:76:9d:a6:
8f:dd:4b:98:b4:fa:dd:fe:0c:35:22:f6:35:46:23:3a:ac:be:
79:b8:29:0f:48:4e:56:6f:bf:13:6b:65:0a:f2:bc:8e:ce:06:
b8:91:23:b9:32:4e:80:88:82:42:ef:d9:09:63:7e:18:ab:93:
57:d4:a7:ff:3f:9a:26:cf:ab:1f:01:c7:5f:fe:e9:cb:2c:b3:
e2:42:cf:1f:52:c6:93:43:e9:fd:9c:3d:39:25:a2:2b:5a:5d:
0d:8e:46:bc:92:00:c6:ac:c3:94:c9:24:ea:0a:7d:4d:50:04:
eb:2b:de:98:88:20:5a:0e:97:42:47:6f:ab:49:81:dc:2b:fb:
cc:e8:e9:64:d8:42:3f:8e:1f:37:31:30:76:c1:e9:45:1a:67:
96:bd:6c:be
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQkRKmK9LqJgo2lj7YLYbzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM4MDRkZWUzMDNmNTQ0MjNkMGRmNDNkNGRjMDViYWQ0NDMyMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG7oism55TNMAs0H80OcKNp+GfR6
Ey/roAswD1emz+9MPo0PI+o0RBDR/Z6JMSa7gVT+564xuCtFL9k3uJIU+ItgcMRU
ayAd/nAXUgcON+vq9f+HsV5N+F4Cnibux5JyD5HGk7r206QLRM0Nrd5mVGZGyWNA
HtzoxbDhypgnnfcrgIZ8yN+ygyLvs3lyZrtZIvFdv4D8/bwHCtS/hvgzRGYHSPZu
JJjIIAYhS9BHdPHGRqj3ALecuvWtKdIznxxQOqAWmHG3y8hQNst5KYMNksfeVk+w
TOQCZKnzj7kJNGzrlnty7CGHctb29VWg0lMxcjnD8uVz1pv1wTo1P55vTwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNXIBN7jA/VEI9DfQ9TcBbrUQyHxMB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvMWNnRTN1TUQ5VVFqME45RDFOd0Z1dFJESWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQCW81MAwQC
wgBcAwQCwjskAwQBwkwmAwQAwn+0AwQCw71cMBgEAgACMBIDBwAgAQZ8LagDBwAg
AQZ8LawwDQYJKoZIhvcNAQELBQADggEBAGgpVBMS+rnEKVTU66lCS4DKXFIpYRLn
Gkve/TtX9ErGwqWK1GPHts3qyqoQiPPtgpi3z4qqh3hulSn6cDa6mo/Iz3NXdo/g
pCWQzOITzHdVul407DgZ6DlZJkgtVdJgYy+46kQmxsxO/Xadpo/dS5i0+t3+DDUi
9jVGIzqsvnm4KQ9ITlZvvxNrZQryvI7OBriRI7kyToCIgkLv2Qljfhirk1fUp/8/
mibPqx8Bx1/+6csss+JCzx9SxpND6f2cPTkloitaXQ2ORrySAMasw5TJJOoKfU1Q
BOsr3piIIFoOl0JHb6tJgdwr+8zo6WTYQj+OHzcxMHbB6UUaZ5a9bL4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:30 2025 by rpki-client on console.sobornost.net