Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c8fd07-d5c7-4ed3-8075-274f10a5e1e3/1/pMHjgJekdS1MaOx6NO05QRcLwkA.roa
File: pMHjgJekdS1MaOx6NO05QRcLwkA.roa (raw, json)
Hash identifier: 0cAR/UsqHx4Uoat+wXKZE3sY02i0A2U0Zxjt7/F3FS0=
Subject key identifier: A4:C1:E3:80:97:A4:75:2D:4C:68:EC:7A:34:ED:39:41:17:0B:C2:40
Certificate issuer: /CN=33f50a8de971f8547f5b56c97c36c287ef54bdb8
Certificate serial: 0194228DFBFDEEBFA25C20340083308D3590
Authority key identifier: 33:F5:0A:8D:E9:71:F8:54:7F:5B:56:C9:7C:36:C2:87:EF:54:BD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_UKjelx-FR_W1bJfDbCh-9Uvbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c8fd07-d5c7-4ed3-8075-274f10a5e1e3/1/pMHjgJekdS1MaOx6NO05QRcLwkA.roa
Signing time: Wed 01 Jan 2025 15:48:37 +0000
ROA not before: Wed 01 Jan 2025 15:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59526
IP address blocks: 91.242.44.0/24 maxlen: 24
91.242.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fb:fd:ee:bf:a2:5c:20:34:00:83:30:8d:35:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f50a8de971f8547f5b56c97c36c287ef54bdb8
Validity
Not Before: Jan 1 15:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4c1e38097a4752d4c68ec7a34ed3941170bc240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:44:9e:7a:b6:88:49:95:d3:71:a4:aa:fc:3e:
e1:37:80:94:07:f7:c4:ec:9d:79:c6:ef:6e:2d:1c:
a1:53:9c:4b:ff:7f:62:07:cb:64:2e:f3:8b:0d:c2:
4b:4e:6e:1d:97:09:44:50:69:f3:02:1b:91:19:6b:
7f:fc:4b:48:0f:6c:32:eb:68:b8:92:ad:fd:f2:42:
bf:88:07:db:27:04:0f:86:3f:05:ff:1e:6d:b6:c6:
ce:9a:ba:69:87:03:c3:5c:33:87:ed:b0:d7:e1:85:
6c:6c:d0:00:6d:5a:89:dd:f8:0b:d6:a4:52:ad:fb:
2a:b0:53:55:b9:d5:ab:c7:a9:6d:10:5a:a9:26:1a:
fa:8f:b1:25:cf:b0:d5:ee:1b:8c:eb:27:6a:bc:1d:
8a:7f:9c:87:6d:08:9b:9d:21:6f:ac:e8:47:5e:bc:
c7:0b:b4:5d:eb:48:2d:05:06:3e:e3:93:44:b0:94:
ed:5a:66:f9:9c:18:48:eb:85:d8:e3:aa:e6:05:20:
f5:74:f0:0b:3f:00:62:d3:b8:7b:7f:93:f4:59:99:
1c:aa:15:d2:b9:e2:6d:5f:16:bc:4e:ae:28:36:0c:
5e:28:a5:ce:01:e1:13:9d:1e:1d:34:d1:fa:f4:cf:
fc:ee:6f:4b:b9:bb:5f:ff:8b:05:a3:28:91:83:54:
dd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C1:E3:80:97:A4:75:2D:4C:68:EC:7A:34:ED:39:41:17:0B:C2:40
X509v3 Authority Key Identifier:
keyid:33:F5:0A:8D:E9:71:F8:54:7F:5B:56:C9:7C:36:C2:87:EF:54:BD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_UKjelx-FR_W1bJfDbCh-9Uvbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c8fd07-d5c7-4ed3-8075-274f10a5e1e3/1/pMHjgJekdS1MaOx6NO05QRcLwkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c8fd07-d5c7-4ed3-8075-274f10a5e1e3/1/M_UKjelx-FR_W1bJfDbCh-9Uvbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.44.0/23
Signature Algorithm: sha256WithRSAEncryption
51:17:1a:5d:e6:b0:82:96:c7:af:67:12:f9:80:4a:9a:ec:c6:
3c:61:71:a5:98:98:67:a5:95:95:9d:8d:ae:65:ae:dd:f9:f9:
bc:6f:37:95:40:00:a8:54:e9:1c:1d:c5:2c:58:44:e4:3a:87:
e3:9a:65:b3:53:8e:60:f5:69:7c:8a:0f:43:ba:75:e7:bc:ac:
8c:bb:c9:98:7e:71:74:a4:15:ab:0a:50:ff:59:f5:7d:97:ef:
19:08:08:db:fd:36:67:5c:1a:31:60:5b:d0:00:ea:dd:c4:5d:
e2:b0:71:61:e4:3c:04:c8:50:d0:5f:d8:aa:a1:0c:59:94:74:
be:3b:8b:eb:3f:f9:09:6c:d9:56:4c:77:f1:2c:8c:82:dd:06:
bc:be:67:83:99:6a:80:28:ba:21:c5:84:02:9b:11:d0:ac:7a:
76:40:6a:36:c8:60:f1:7b:92:e2:c9:8f:b8:e1:c1:6b:63:bc:
da:38:14:fa:b5:69:b7:15:6d:57:84:d3:06:7f:c3:86:9e:7d:
b4:2d:a0:75:c5:d9:d4:d3:11:ae:59:ab:ec:22:f2:8c:ef:dc:
88:43:38:bf:6a:ed:40:81:01:7c:f6:de:10:c3:3d:de:da:89:
ca:e1:98:f2:f6:20:e3:de:17:b1:af:9a:9a:f6:15:f4:8e:68:
d1:bd:d9:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfv97r+iXCA0AIMwjTWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjUwYThkZTk3MWY4NTQ3ZjViNTZjOTdjMzZjMjg3ZWY1
NGJkYjgwHhcNMjUwMTAxMTU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGMxZTM4MDk3YTQ3NTJkNGM2OGVjN2EzNGVkMzk0MTE3MGJjMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0SeeraISZXTcaSq/D7hN4CUB/fE
7J15xu9uLRyhU5xL/39iB8tkLvOLDcJLTm4dlwlEUGnzAhuRGWt//EtID2wy62i4
kq398kK/iAfbJwQPhj8F/x5ttsbOmrpphwPDXDOH7bDX4YVsbNAAbVqJ3fgL1qRS
rfsqsFNVudWrx6ltEFqpJhr6j7Elz7DV7huM6ydqvB2Kf5yHbQibnSFvrOhHXrzH
C7Rd60gtBQY+45NEsJTtWmb5nBhI64XY46rmBSD1dPALPwBi07h7f5P0WZkcqhXS
ueJtXxa8Tq4oNgxeKKXOAeETnR4dNNH69M/87m9Lubtf/4sFoyiRg1TdlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTB44CXpHUtTGjsejTtOUEXC8JAMB8GA1UdIwQY
MBaAFDP1Co3pcfhUf1tWyXw2wofvVL24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9VS2plbHgtRlJfVzFiSmZEYkNoLTlVdmJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOGZkMDctZDVjNy00ZWQzLTgwNzUt
Mjc0ZjEwYTVlMWUzLzEvcE1IamdKZWtkUzFNYU94Nk5PMDVRUmNMd2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOGZkMDctZDVjNy00ZWQzLTgwNzUtMjc0ZjEwYTVlMWUz
LzEvTV9VS2plbHgtRlJfVzFiSmZEYkNoLTlVdmJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/IsMA0G
CSqGSIb3DQEBCwUAA4IBAQBRFxpd5rCClsevZxL5gEqa7MY8YXGlmJhnpZWVnY2u
Za7d+fm8bzeVQACoVOkcHcUsWETkOofjmmWzU45g9Wl8ig9DunXnvKyMu8mYfnF0
pBWrClD/WfV9l+8ZCAjb/TZnXBoxYFvQAOrdxF3isHFh5DwEyFDQX9iqoQxZlHS+
O4vrP/kJbNlWTHfxLIyC3Qa8vmeDmWqAKLohxYQCmxHQrHp2QGo2yGDxe5LiyY+4
4cFrY7zaOBT6tWm3FW1XhNMGf8OGnn20LaB1xdnU0xGuWavsIvKM79yIQzi/au1A
gQF89t4Qwz3e2onK4Zjy9iDj3hexr5qa9hX0jmjRvdkX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:37 2025 by rpki-client on console.sobornost.net