Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/B9-JyKOh9vcA8Yt248kp1OHsLjE.roa
File: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (raw, json)
Hash identifier: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=
Subject key identifier: 07:DF:89:C8:A3:A1:F6:F7:00:F1:8B:76:E3:C9:29:D4:E1:EC:2E:31
Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial: 019426D9E8E716C6E2134949778125501B6A
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/B9-JyKOh9vcA8Yt248kp1OHsLjE.roa
Signing time: Thu 02 Jan 2025 11:50:02 +0000
ROA not before: Thu 02 Jan 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39566
IP address blocks: 91.211.220.0/22 maxlen: 22
193.93.88.0/22 maxlen: 22
2001:678:63c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e8:e7:16:c6:e2:13:49:49:77:81:25:50:1b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Validity
Not Before: Jan 2 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07df89c8a3a1f6f700f18b76e3c929d4e1ec2e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ee:67:a0:88:1b:49:1d:3e:39:36:46:a4:1e:
c2:4f:c5:51:d2:4c:6b:27:24:4a:7a:ec:84:72:0a:
35:09:88:ca:b8:f4:9a:9e:28:0d:41:f1:6b:06:a4:
dc:84:fc:0a:a0:6d:68:84:04:4e:13:57:41:0a:50:
0a:46:e1:1f:d8:33:8e:ed:a2:a8:03:cc:78:81:99:
45:f9:92:55:8b:bf:13:a1:11:a6:e0:b5:5c:ad:1c:
2b:c6:e3:01:b1:51:77:3d:02:b5:c7:5a:2d:44:7e:
bd:ec:86:bb:99:10:c0:03:a2:a5:c3:e7:0a:c2:2f:
b6:7a:46:13:69:51:df:54:f6:fd:ee:61:2f:a9:ce:
f6:97:79:a1:d1:e1:7d:ff:3f:c8:9f:69:f7:a8:9d:
0b:c2:7a:75:c0:7d:1f:66:e3:cc:31:91:24:10:8c:
20:e6:64:1b:42:93:a8:d3:59:8c:4c:ad:9d:7d:b0:
35:a3:0c:75:3a:c2:3c:78:35:fd:45:45:8f:2a:66:
5b:ae:1c:1b:dc:cc:a1:61:97:a9:c9:68:14:83:eb:
0e:14:26:ed:0b:25:20:e1:50:62:3f:88:c3:24:a9:
b9:b9:72:52:61:d5:88:59:07:10:69:77:aa:ad:17:
a6:ea:ed:94:f7:07:74:24:dc:97:b1:eb:ba:1a:0f:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DF:89:C8:A3:A1:F6:F7:00:F1:8B:76:E3:C9:29:D4:E1:EC:2E:31
X509v3 Authority Key Identifier:
keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/B9-JyKOh9vcA8Yt248kp1OHsLjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.220.0/22
193.93.88.0/22
IPv6:
2001:678:63c::/48
Signature Algorithm: sha256WithRSAEncryption
1d:7c:55:57:27:31:60:a1:dc:14:0c:1b:61:ac:ba:77:68:0a:
c4:b8:17:31:d8:9d:1e:d6:81:06:ec:ef:62:ee:13:3a:09:df:
2c:2e:19:82:81:b3:38:91:f3:19:4d:1e:95:fe:ce:81:22:a0:
4a:c7:b5:50:ba:4c:30:d2:ab:20:50:5c:cd:b7:ee:46:11:21:
10:44:ae:40:a3:bf:7b:7c:59:7e:d1:79:7b:f2:d4:74:05:f6:
c9:62:a1:df:e1:a6:89:39:6f:86:b5:ef:c4:59:44:05:81:6f:
56:6c:20:3a:26:6d:07:ae:55:01:df:6d:55:1c:46:60:4e:f3:
eb:f1:35:fa:53:ee:e7:12:57:b8:0c:08:02:33:f0:8f:81:40:
e3:63:41:de:0d:e7:8b:52:76:c7:ab:46:8e:d8:cc:4f:e5:74:
d6:43:e3:bb:77:29:6c:46:b2:af:d2:28:1b:bf:3b:25:a9:47:
f5:4c:e3:9d:fc:c3:33:6e:36:19:32:d1:43:e1:de:db:65:b5:
e1:5f:c8:7f:56:e0:7d:de:b6:38:95:4a:d6:f8:35:79:27:a9:
f2:bd:d3:5a:39:fe:f7:2b:7f:02:e8:71:46:5e:e7:83:f9:05:
5f:1a:cd:11:e4:cd:c6:61:a8:5b:5d:82:4e:8a:76:df:d0:8a:
e2:99:f0:36
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQm2ejnFsbiE0lJd4ElUBtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjUwMTAyMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2RmODljOGEzYTFmNmY3MDBmMThiNzZlM2M5MjlkNGUxZWMyZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe5noIgbSR0+OTZGpB7CT8VR0kxr
JyRKeuyEcgo1CYjKuPSanigNQfFrBqTchPwKoG1ohAROE1dBClAKRuEf2DOO7aKo
A8x4gZlF+ZJVi78ToRGm4LVcrRwrxuMBsVF3PQK1x1otRH697Ia7mRDAA6Klw+cK
wi+2ekYTaVHfVPb97mEvqc72l3mh0eF9/z/In2n3qJ0Lwnp1wH0fZuPMMZEkEIwg
5mQbQpOo01mMTK2dfbA1owx1OsI8eDX9RUWPKmZbrhwb3MyhYZepyWgUg+sOFCbt
CyUg4VBiP4jDJKm5uXJSYdWIWQcQaXeqrRem6u2U9wd0JNyXseu6Gg9cEwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAfficijofb3APGLduPJKdTh7C4xMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvQjktSnlLT2g5dmNBOFl0MjQ4a3AxT0hzTGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9PcAwQC
wV1YMA8EAgACMAkDBwAgAQZ4BjwwDQYJKoZIhvcNAQELBQADggEBAB18VVcnMWCh
3BQMG2GsundoCsS4FzHYnR7WgQbs72LuEzoJ3ywuGYKBsziR8xlNHpX+zoEioErH
tVC6TDDSqyBQXM237kYRIRBErkCjv3t8WX7ReXvy1HQF9sliod/hpok5b4a178RZ
RAWBb1ZsIDombQeuVQHfbVUcRmBO8+vxNfpT7ucSV7gMCAIz8I+BQONjQd4N54tS
dserRo7YzE/ldNZD47t3KWxGsq/SKBu/OyWpR/VM4538wzNuNhky0UPh3ttlteFf
yH9W4H3etjiVStb4NXknqfK901o5/vcrfwLocUZe54P5BV8azRHkzcZhqFtdgk6K
dt/QiuKZ8DY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:36 2025 by rpki-client on console.sobornost.net