Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/sKW5v2bg-eASuutBZh0CS6XvA0c.roa
File: sKW5v2bg-eASuutBZh0CS6XvA0c.roa (raw, json)
Hash identifier: RTFdNjg/wTloxfdOEoaa5K25++7OcHUzDE+24NBipvg=
Subject key identifier: B0:A5:B9:BF:66:E0:F9:E0:12:BA:EB:41:66:1D:02:4B:A5:EF:03:47
Certificate issuer: /CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Certificate serial: 019420D5E29E1D1BC84A6765B9F6E201DA25
Authority key identifier: C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/sKW5v2bg-eASuutBZh0CS6XvA0c.roa
Signing time: Wed 01 Jan 2025 07:47:55 +0000
ROA not before: Wed 01 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198725
IP address blocks: 91.220.201.0/24 maxlen: 24
185.21.196.0/22 maxlen: 22
2a02:c280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e2:9e:1d:1b:c8:4a:67:65:b9:f6:e2:01:da:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Validity
Not Before: Jan 1 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a5b9bf66e0f9e012baeb41661d024ba5ef0347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:a8:f3:82:84:90:32:80:48:05:33:4c:19:
c8:70:ea:e1:e3:1d:9b:72:75:dd:41:a9:37:90:be:
1c:fc:85:e4:f5:49:cd:77:ef:b3:09:7c:6d:06:8f:
76:d9:e3:21:25:8e:cd:a4:ec:7e:ef:11:f3:44:42:
8e:aa:94:b8:47:01:28:6d:d1:9b:77:9a:95:66:00:
ea:ab:00:5c:2f:6e:67:21:ff:2b:9a:0b:f0:c9:a6:
f9:1f:51:e4:1d:67:21:02:29:62:f2:20:b5:2c:6a:
6b:dc:f5:ec:82:0d:14:e9:08:cc:d0:79:44:33:ae:
44:84:e1:c2:92:11:d1:59:df:ec:8c:03:7d:48:3e:
a8:22:d6:7a:f4:1d:64:a8:6e:b5:51:60:ef:f6:f4:
34:1e:25:f2:df:1e:c6:8c:80:ca:de:3f:48:04:2c:
31:81:cc:06:bd:63:ed:bb:e1:96:0f:51:ae:a3:ef:
09:ec:68:ab:80:5d:71:e5:16:82:86:80:c5:a1:3d:
f3:96:be:98:5d:81:71:97:27:d2:f4:5d:48:f6:52:
b9:38:98:5d:24:21:c0:70:cd:d1:e9:ef:9b:dd:ea:
4a:1a:9a:1b:3b:70:0c:cd:04:10:72:2f:d7:ce:a7:
cb:3f:30:4b:f1:1e:05:e2:16:fb:1a:68:5e:7b:ed:
34:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A5:B9:BF:66:E0:F9:E0:12:BA:EB:41:66:1D:02:4B:A5:EF:03:47
X509v3 Authority Key Identifier:
keyid:C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/sKW5v2bg-eASuutBZh0CS6XvA0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.201.0/24
185.21.196.0/22
IPv6:
2a02:c280::/29
Signature Algorithm: sha256WithRSAEncryption
b7:5a:d4:3d:ed:27:72:87:01:bb:81:3f:de:42:f2:b8:20:46:
fd:44:39:5e:4d:d2:cb:7a:26:7a:a8:c0:9f:52:b8:5e:e4:bf:
c5:28:eb:0a:10:2a:5a:40:3b:07:45:d0:56:9d:d6:76:0d:34:
da:ce:2a:37:2b:8e:d5:e5:bd:9e:4a:b3:54:17:89:d1:0f:0d:
1f:95:e9:23:1a:88:5c:ce:27:ea:e3:4c:5b:64:54:23:4c:ee:
42:6a:61:61:59:7a:ca:93:6d:6c:a9:49:8e:ad:70:7e:63:79:
a9:34:6d:da:4d:ef:0e:bf:78:9a:28:56:3c:54:28:64:9e:e1:
51:48:a1:bd:8c:47:2f:e7:60:48:ac:90:4b:e1:5a:b5:6f:b1:
15:76:d6:de:e7:0c:f5:f6:98:fa:3b:3e:f2:c2:bf:9c:e2:1e:
75:85:59:8a:8c:7f:2a:a3:58:90:fe:1c:f5:40:af:13:a3:ba:
3b:38:10:09:f3:d5:2c:27:7d:d3:01:2a:b3:c8:1c:b3:f9:21:
03:da:11:2a:8a:fb:81:ce:d0:74:02:fd:c1:c7:78:31:c5:28:
eb:32:3c:da:17:13:4c:8e:c6:d5:0f:8b:ff:87:b0:eb:ba:4e:
9c:77:7e:17:f6:e5:46:b1:75:50:37:1b:82:23:8f:24:d9:ec:
c6:fb:57:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1eKeHRvISmdlufbiAdolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGQ0MjI0MzE5Nzg2NGJiNDgxNjQ2MWQ0ZDA2NTNhYjBi
YTMyYmEwHhcNMjUwMTAxMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE1YjliZjY2ZTBmOWUwMTJiYWViNDE2NjFkMDI0YmE1ZWYwMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr2o84KEkDKASAUzTBnIcOrh4x2b
cnXdQak3kL4c/IXk9UnNd++zCXxtBo922eMhJY7NpOx+7xHzREKOqpS4RwEobdGb
d5qVZgDqqwBcL25nIf8rmgvwyab5H1HkHWchAili8iC1LGpr3PXsgg0U6QjM0HlE
M65EhOHCkhHRWd/sjAN9SD6oItZ69B1kqG61UWDv9vQ0HiXy3x7GjIDK3j9IBCwx
gcwGvWPtu+GWD1Guo+8J7GirgF1x5RaChoDFoT3zlr6YXYFxlyfS9F1I9lK5OJhd
JCHAcM3R6e+b3epKGpobO3AMzQQQci/XzqfLPzBL8R4F4hb7Gmhee+00ywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLClub9m4PngErrrQWYdAkul7wNHMB8GA1UdIwQY
MBaAFMndQiQxl4ZLtIFkYdTQZTqwujK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWQxQ0pER1hoa3UwZ1dSaDFOQmxPckM2TXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZGExNWEtOTdhMC00YTc3LTliY2Et
NjRhNzE1YTVmNjliLzEvc0tXNXYyYmctZUFTdXV0QlpoMENTNlh2QTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZGExNWEtOTdhMC00YTc3LTliY2EtNjRhNzE1YTVmNjli
LzEveWQxQ0pER1hoa3UwZ1dSaDFOQmxPckM2TXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9zJAwQC
uRXEMA0EAgACMAcDBQMqAsKAMA0GCSqGSIb3DQEBCwUAA4IBAQC3WtQ97SdyhwG7
gT/eQvK4IEb9RDleTdLLeiZ6qMCfUrhe5L/FKOsKECpaQDsHRdBWndZ2DTTazio3
K47V5b2eSrNUF4nRDw0flekjGohczifq40xbZFQjTO5CamFhWXrKk21sqUmOrXB+
Y3mpNG3aTe8Ov3iaKFY8VChknuFRSKG9jEcv52BIrJBL4Vq1b7EVdtbe5wz19pj6
Oz7ywr+c4h51hVmKjH8qo1iQ/hz1QK8To7o7OBAJ89UsJ33TASqzyByz+SED2hEq
ivuBztB0Av3Bx3gxxSjrMjzaFxNMjsbVD4v/h7Druk6cd34X9uVGsXVQNxuCI48k
2ezG+1e/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net