Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/24e3d0-b556-4888-9f6f-fbe68ff627b2/1/tn12oetbFUtIV37lIdsaPWeUQRk.roa
File: tn12oetbFUtIV37lIdsaPWeUQRk.roa (raw, json)
Hash identifier: KuzByL2k7xpTfJyyDM6ALSy0t3mxueG68kbWxsxCNnw=
Subject key identifier: B6:7D:76:A1:EB:5B:15:4B:48:57:7E:E5:21:DB:1A:3D:67:94:41:19
Certificate issuer: /CN=207e90d62de2c727cd4539a2f070c4e91df32bb4
Certificate serial: 0193EF9DDAE4732F90B10A75A22F38DC85A3
Authority key identifier: 20:7E:90:D6:2D:E2:C7:27:CD:45:39:A2:F0:70:C4:E9:1D:F3:2B:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IH6Q1i3ixyfNRTmi8HDE6R3zK7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/24e3d0-b556-4888-9f6f-fbe68ff627b2/1/tn12oetbFUtIV37lIdsaPWeUQRk.roa
Signing time: Sun 22 Dec 2024 18:25:19 +0000
ROA not before: Sun 22 Dec 2024 18:25:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50398
IP address blocks: 91.219.44.0/22 maxlen: 24
91.245.0.0/22 maxlen: 24
91.245.4.0/24 maxlen: 24
91.245.6.0/23 maxlen: 24
91.245.6.0/24 maxlen: 24
91.245.7.0/24 maxlen: 24
2001:67c:1260::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ef:9d:da:e4:73:2f:90:b1:0a:75:a2:2f:38:dc:85:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=207e90d62de2c727cd4539a2f070c4e91df32bb4
Validity
Not Before: Dec 22 18:25:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b67d76a1eb5b154b48577ee521db1a3d67944119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:c8:71:5a:f9:ca:fc:ca:30:33:86:db:ec:
ce:1e:2c:f7:71:ee:ef:11:99:7e:87:78:11:69:9c:
83:c9:b2:46:6e:56:ad:c7:5b:92:1a:d1:fc:1f:39:
38:bb:3d:38:7a:09:05:39:ca:43:95:76:ff:43:25:
88:f1:72:a5:e2:49:68:62:5d:b6:83:bc:9e:86:0a:
59:e0:76:51:13:25:cf:12:63:7c:53:51:ca:39:a3:
6a:5b:29:4c:e1:2d:3d:e5:c9:dc:3f:f6:3c:57:f9:
c0:c6:b6:b6:6b:aa:99:0a:da:44:28:ec:74:fd:66:
d0:16:76:9f:f5:95:38:a6:e3:71:38:87:53:d2:32:
fb:2c:5c:3c:4b:94:b3:56:b9:a9:0b:d5:1f:a2:df:
94:61:f7:bf:cd:5b:77:b1:d6:52:8d:18:f0:81:2e:
99:07:54:83:27:cb:3e:c2:0c:cb:b5:fd:32:46:87:
cb:51:dd:69:67:12:db:a8:12:55:45:6e:31:aa:7a:
1f:31:91:ba:d4:f4:d9:b7:94:2b:36:30:87:82:4e:
9c:78:a9:87:4d:a4:2f:6f:de:b4:c6:11:8f:a1:56:
90:87:62:20:6e:55:0d:70:aa:20:75:8b:99:d9:6e:
a9:0c:71:54:77:33:81:c2:2e:36:eb:fa:45:4b:09:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7D:76:A1:EB:5B:15:4B:48:57:7E:E5:21:DB:1A:3D:67:94:41:19
X509v3 Authority Key Identifier:
keyid:20:7E:90:D6:2D:E2:C7:27:CD:45:39:A2:F0:70:C4:E9:1D:F3:2B:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IH6Q1i3ixyfNRTmi8HDE6R3zK7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/24e3d0-b556-4888-9f6f-fbe68ff627b2/1/tn12oetbFUtIV37lIdsaPWeUQRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/24e3d0-b556-4888-9f6f-fbe68ff627b2/1/IH6Q1i3ixyfNRTmi8HDE6R3zK7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.44.0/22
91.245.0.0-91.245.4.255
91.245.6.0/23
IPv6:
2001:67c:1260::/48
Signature Algorithm: sha256WithRSAEncryption
b2:f5:f1:00:46:97:ae:49:af:f0:05:b7:82:fe:fc:9e:ed:05:
a1:f2:0a:8c:6b:3c:eb:4e:77:1f:e6:4f:70:0c:19:76:38:cb:
34:d3:78:56:5f:bf:97:b5:7d:39:14:d5:ea:c7:bb:b3:87:9e:
6e:c3:e0:6a:50:d6:f7:87:9d:0b:50:54:7c:f6:ab:7e:70:27:
aa:a6:3b:06:cc:57:5e:70:f4:e8:4d:77:35:87:c9:fc:9e:bd:
86:28:94:0a:f2:44:31:f7:85:6f:97:e0:66:29:1d:b5:e2:56:
37:77:53:41:a4:a4:35:5b:f6:4b:1b:aa:93:ce:cf:b9:25:ff:
00:84:b6:3c:1c:4c:bb:27:90:dc:46:46:07:53:4c:65:0b:cd:
c9:9d:c8:75:2c:66:dc:12:45:47:b5:97:9a:b4:d6:49:3a:58:
45:ee:c4:ff:03:aa:be:b6:0f:d2:8b:ae:5f:67:54:a1:1c:44:
82:3d:0b:60:7b:de:93:f9:0e:91:ca:a1:21:de:f2:16:10:f7:
21:3c:f7:53:73:62:bf:a9:c7:1b:49:1b:15:f2:c4:ef:e0:29:
e5:83:9b:a6:ce:59:d4:19:ec:34:3a:2c:a9:ec:b5:a3:c3:fc:
e5:38:31:7c:e9:ef:8d:75:a6:93:02:e9:90:fe:1b:fc:f2:c4:
1c:79:d0:56
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZPvndrkcy+QsQp1oi843IWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwN2U5MGQ2MmRlMmM3MjdjZDQ1MzlhMmYwNzBjNGU5MWRm
MzJiYjQwHhcNMjQxMjIyMTgyNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdkNzZhMWViNWIxNTRiNDg1NzdlZTUyMWRiMWEzZDY3OTQ0MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXbIcVr5yvzKMDOG2+zOHiz3ce7v
EZl+h3gRaZyDybJGblatx1uSGtH8Hzk4uz04egkFOcpDlXb/QyWI8XKl4kloYl22
g7yehgpZ4HZREyXPEmN8U1HKOaNqWylM4S095cncP/Y8V/nAxra2a6qZCtpEKOx0
/WbQFnaf9ZU4puNxOIdT0jL7LFw8S5SzVrmpC9Ufot+UYfe/zVt3sdZSjRjwgS6Z
B1SDJ8s+wgzLtf0yRofLUd1pZxLbqBJVRW4xqnofMZG61PTZt5QrNjCHgk6ceKmH
TaQvb960xhGPoVaQh2IgblUNcKogdYuZ2W6pDHFUdzOBwi426/pFSwmL1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLZ9dqHrWxVLSFd+5SHbGj1nlEEZMB8GA1UdIwQY
MBaAFCB+kNYt4scnzUU5ovBwxOkd8yu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUg2UTFpM2l4eWZOUlRtaThIREU2UjN6SzdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yNGUzZDAtYjU1Ni00ODg4LTlmNmYt
ZmJlNjhmZjYyN2IyLzEvdG4xMm9ldGJGVXRJVjM3bElkc2FQV2VVUVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yNGUzZDAtYjU1Ni00ODg4LTlmNmYtZmJlNjhmZjYyN2Iy
LzEvSUg2UTFpM2l4eWZOUlRtaThIREU2UjN6SzdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAfBAIAATAZAwQCW9ssMAsD
AwBb9QMEAFv1BAMEAVv1BjAPBAIAAjAJAwcAIAEGfBJgMA0GCSqGSIb3DQEBCwUA
A4IBAQCy9fEARpeuSa/wBbeC/vye7QWh8gqMazzrTncf5k9wDBl2OMs003hWX7+X
tX05FNXqx7uzh55uw+BqUNb3h50LUFR89qt+cCeqpjsGzFdecPToTXc1h8n8nr2G
KJQK8kQx94Vvl+BmKR214lY3d1NBpKQ1W/ZLG6qTzs+5Jf8AhLY8HEy7J5DcRkYH
U0xlC83Jnch1LGbcEkVHtZeatNZJOlhF7sT/A6q+tg/Si65fZ1ShHESCPQtge96T
+Q6RyqEh3vIWEPchPPdTc2K/qccbSRsV8sTv4Cnlg5umzlnUGew0Oiyp7LWjw/zl
ODF86e+NdaaTAumQ/hv88sQcedBW
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:02 2024 by rpki-client on console.sobornost.net