Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/GqXg2NC5IUxRI1mWcJNsyZxesng.roa
File: GqXg2NC5IUxRI1mWcJNsyZxesng.roa (raw, json)
Hash identifier: wIFPJcYLl1DLySOyYumJerZ6TcbUU8g29XL5Yzwhz2g=
Subject key identifier: 1A:A5:E0:D8:D0:B9:21:4C:51:23:59:96:70:93:6C:C9:9C:5E:B2:78
Certificate issuer: /CN=d1e5eb7536620b5857d1bf590183d650ca23227f
Certificate serial: 019420D6289FBD8C356010B4DFA1C208E324
Authority key identifier: D1:E5:EB:75:36:62:0B:58:57:D1:BF:59:01:83:D6:50:CA:23:22:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eXrdTZiC1hX0b9ZAYPWUMojIn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/GqXg2NC5IUxRI1mWcJNsyZxesng.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56869
IP address blocks: 91.228.136.0/22 maxlen: 22
193.168.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:28:9f:bd:8c:35:60:10:b4:df:a1:c2:08:e3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e5eb7536620b5857d1bf590183d650ca23227f
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1aa5e0d8d0b9214c5123599670936cc99c5eb278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:30:1c:4d:8d:b4:4a:33:5d:c4:4f:95:69:e8:
66:1b:25:c4:1f:62:0e:d6:66:4b:da:31:9e:6c:0d:
37:43:6c:fa:8b:64:2d:86:59:8b:2e:5c:5d:3d:78:
86:49:8f:9d:af:df:be:e1:11:3d:48:bf:f9:41:52:
01:17:61:46:c5:52:8f:a5:b2:b2:9b:d3:20:1e:b6:
cb:ed:57:89:5c:2a:cc:f5:97:7c:6f:cb:62:31:f0:
d1:85:02:f3:c6:d1:49:5e:21:c4:10:85:81:0d:37:
5a:f2:98:0c:cf:1a:be:0a:50:83:a0:71:07:db:c2:
d9:33:84:68:0b:84:b8:27:6d:10:aa:52:75:45:60:
7e:e2:17:93:d0:65:dc:53:0b:8b:69:45:49:93:77:
8c:d0:a8:30:ac:86:10:c5:26:04:ff:21:e2:e3:a0:
6a:eb:78:eb:44:f3:58:e6:b4:34:8a:0e:71:c1:4b:
2e:26:85:f1:c2:87:04:fe:96:c5:2d:80:e3:c0:7d:
0c:82:48:ff:b0:41:28:a1:ab:ae:8b:a2:2a:db:e4:
c2:74:be:04:55:09:bc:58:f8:e8:7d:b1:2b:54:8e:
f0:75:79:dd:f4:cf:1a:83:b1:11:a9:56:b2:43:be:
7e:8e:29:a3:d4:38:c5:03:6e:74:bb:e9:fd:e5:75:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A5:E0:D8:D0:B9:21:4C:51:23:59:96:70:93:6C:C9:9C:5E:B2:78
X509v3 Authority Key Identifier:
keyid:D1:E5:EB:75:36:62:0B:58:57:D1:BF:59:01:83:D6:50:CA:23:22:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eXrdTZiC1hX0b9ZAYPWUMojIn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/GqXg2NC5IUxRI1mWcJNsyZxesng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/0eXrdTZiC1hX0b9ZAYPWUMojIn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.136.0/22
193.168.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:c6:ee:03:b5:53:62:f8:d8:2a:c1:80:15:09:8a:5a:77:40:
ad:0d:0a:bd:38:c6:8a:10:d6:bf:c4:70:70:41:04:7a:e1:23:
ef:71:cf:b5:d6:71:34:8b:a1:d3:f3:4f:07:e5:8d:1a:52:ff:
fe:dc:28:93:35:79:fe:ee:2f:ee:1f:a5:16:1c:0c:89:54:7a:
2a:9a:4c:18:61:4c:25:85:f2:e3:1e:4c:e7:66:f5:cd:a3:c7:
1c:71:f5:cf:06:f1:bb:5b:5c:dc:99:ab:59:8a:6f:9a:83:a6:
dd:58:9c:f2:d0:d1:28:ab:1e:ac:f6:1a:70:43:e5:d4:3b:3a:
26:c9:e4:2a:79:e1:82:eb:ca:8e:f7:36:5e:e6:60:a5:6a:73:
d1:b4:cb:5d:5b:fc:e0:9f:38:58:e3:4e:db:33:59:c1:82:0c:
b1:50:d6:83:69:e6:a5:d4:e1:c5:10:74:6d:15:b2:84:2c:50:
db:d2:4c:c0:2b:5e:07:78:af:52:f7:53:b8:47:f4:f1:58:fe:
29:37:82:b5:2b:3c:cb:58:88:d6:47:e6:c4:3f:2e:35:7a:e2:
bf:f6:d2:53:91:f4:97:df:a0:64:7f:1c:01:84:25:88:1d:c9:
a2:7c:b5:d7:f5:0c:f8:4e:e8:b9:f9:a1:63:cb:f6:4a:c3:2b:
99:a3:56:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1iifvYw1YBC036HCCOMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTVlYjc1MzY2MjBiNTg1N2QxYmY1OTAxODNkNjUwY2Ey
MzIyN2YwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWE1ZTBkOGQwYjkyMTRjNTEyMzU5OTY3MDkzNmNjOTljNWViMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjAcTY20SjNdxE+VaehmGyXEH2IO
1mZL2jGebA03Q2z6i2QthlmLLlxdPXiGSY+dr9++4RE9SL/5QVIBF2FGxVKPpbKy
m9MgHrbL7VeJXCrM9Zd8b8tiMfDRhQLzxtFJXiHEEIWBDTda8pgMzxq+ClCDoHEH
28LZM4RoC4S4J20QqlJ1RWB+4heT0GXcUwuLaUVJk3eM0KgwrIYQxSYE/yHi46Bq
63jrRPNY5rQ0ig5xwUsuJoXxwocE/pbFLYDjwH0Mgkj/sEEooauui6Iq2+TCdL4E
VQm8WPjofbErVI7wdXnd9M8ag7ERqVayQ75+jimj1DjFA250u+n95XUtbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBql4NjQuSFMUSNZlnCTbMmcXrJ4MB8GA1UdIwQY
MBaAFNHl63U2YgtYV9G/WQGD1lDKIyJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVYcmRUWmlDMWhYMGI5WkFZUFdVTW9qSW44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82NWZhM2MtMDE3NS00Y2VlLTk5MzAt
NTljZmQ0NTNkZDE3LzEvR3FYZzJOQzVJVXhSSTFtV2NKTnN5Wnhlc25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82NWZhM2MtMDE3NS00Y2VlLTk5MzAtNTljZmQ0NTNkZDE3
LzEvMGVYcmRUWmlDMWhYMGI5WkFZUFdVTW9qSW44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+SIAwQC
wajwMA0GCSqGSIb3DQEBCwUAA4IBAQAsxu4DtVNi+NgqwYAVCYpad0CtDQq9OMaK
ENa/xHBwQQR64SPvcc+11nE0i6HT808H5Y0aUv/+3CiTNXn+7i/uH6UWHAyJVHoq
mkwYYUwlhfLjHkznZvXNo8cccfXPBvG7W1zcmatZim+ag6bdWJzy0NEoqx6s9hpw
Q+XUOzomyeQqeeGC68qO9zZe5mClanPRtMtdW/zgnzhY407bM1nBggyxUNaDaeal
1OHFEHRtFbKELFDb0kzAK14HeK9S91O4R/TxWP4pN4K1KzzLWIjWR+bEPy41euK/
9tJTkfSX36BkfxwBhCWIHcmifLXX9Qz4Tui5+aFjy/ZKwyuZo1Yw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net