Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/b4vNMGbRo2o67bz3u22uz2ItyKI.roa
File: b4vNMGbRo2o67bz3u22uz2ItyKI.roa (raw, json)
Hash identifier: F56Nx008CaMRp5Gdw8I8PExmWIZfZ1jjPIYQMLnTJ8s=
Subject key identifier: 6F:8B:CD:30:66:D1:A3:6A:3A:ED:BC:F7:BB:6D:AE:CF:62:2D:C8:A2
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 019421B24E9F7211ADB17E573710359173AB
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/b4vNMGbRo2o67bz3u22uz2ItyKI.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42084
IP address blocks: 91.189.0.0/21 maxlen: 21
176.107.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4e:9f:72:11:ad:b1:7e:57:37:10:35:91:73:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f8bcd3066d1a36a3aedbcf7bb6daecf622dc8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:aa:81:af:5c:61:f8:f1:c0:c8:31:35:13:
30:5e:0e:32:18:c8:be:dd:29:a7:59:ba:b2:30:e3:
e0:b0:63:03:e0:7b:e4:a1:2d:84:38:66:1a:0a:f0:
ac:90:ee:a5:af:83:e1:fa:88:d1:f0:c5:80:60:c6:
01:2d:eb:d7:49:48:61:f8:db:ec:f5:b2:c6:33:27:
af:36:a4:38:48:49:92:64:2f:e3:2e:26:46:98:3b:
d0:e7:9b:03:31:5b:dd:4e:c4:af:af:9c:a2:a0:e6:
5a:6a:b4:d2:36:d8:b9:5e:70:6f:bc:0d:34:e5:e2:
f8:fe:fa:77:0e:3e:13:99:72:93:2e:e0:3e:95:a9:
80:d4:01:ff:a0:05:3c:0d:b2:eb:4d:05:c8:d3:77:
fd:6d:0b:60:2c:48:e2:f6:54:16:d0:3a:d7:b0:a8:
c4:e5:42:83:5d:75:a0:ea:bf:d0:14:49:7d:0d:bc:
a4:cc:ec:65:96:02:36:4d:9d:26:f8:9a:0e:71:04:
7a:a9:e4:09:a7:df:c4:18:f2:a9:29:cd:f5:dd:26:
ad:6a:1a:3f:20:e3:0c:0b:37:59:58:aa:6b:cd:be:
42:65:e7:12:b7:91:73:65:b3:8e:eb:37:08:24:36:
a0:c5:5f:44:ba:57:1e:48:1c:9e:2b:32:64:c1:81:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:8B:CD:30:66:D1:A3:6A:3A:ED:BC:F7:BB:6D:AE:CF:62:2D:C8:A2
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/b4vNMGbRo2o67bz3u22uz2ItyKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.0.0/21
176.107.40.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:2e:4d:b0:6e:27:19:99:a1:8a:a3:41:0c:f6:13:4d:e7:87:
09:a7:8f:6d:76:3a:41:49:47:61:cf:97:3a:58:2a:0d:b7:a0:
c4:d4:4a:f5:f1:7e:5b:b1:b9:89:8e:3e:3c:5d:02:87:f5:db:
55:64:bc:3a:dd:c4:08:c4:74:4b:67:0f:2a:f8:f8:65:46:a0:
a3:8f:71:5e:8c:04:d8:99:97:31:f9:4e:99:cc:78:81:1e:97:
c0:1c:cb:71:a2:78:9f:02:9d:89:2f:fe:65:37:6b:08:21:39:
dd:a3:97:88:b0:c7:b0:e5:62:78:17:17:8e:b4:5e:d5:17:ff:
d9:9f:10:7e:37:7b:de:0d:22:d1:e1:1d:9a:22:94:ea:e6:a3:
1c:05:bd:69:d3:2b:68:ca:be:2a:03:a0:16:35:77:7e:50:10:
72:46:bb:e0:e3:5f:79:0b:22:91:18:51:a3:d7:61:26:c2:0c:
0e:53:8b:ae:87:42:69:f8:8e:12:00:d1:c6:6b:e9:b5:65:45:
31:c1:c9:05:e1:fa:ea:22:1f:b5:5a:fa:62:70:6d:84:09:a7:
01:76:e4:0a:21:3d:d2:c3:26:82:34:e8:17:a1:44:62:d3:f9:
3a:4f:78:7c:a3:d6:8d:33:97:f9:a9:b6:29:90:12:b5:09:84:
20:07:9c:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsk6fchGtsX5XNxA1kXOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjhiY2QzMDY2ZDFhMzZhM2FlZGJjZjdiYjZkYWVjZjYyMmRjOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD2qga9cYfjxwMgxNRMwXg4yGMi+
3SmnWbqyMOPgsGMD4HvkoS2EOGYaCvCskO6lr4Ph+ojR8MWAYMYBLevXSUhh+Nvs
9bLGMyevNqQ4SEmSZC/jLiZGmDvQ55sDMVvdTsSvr5yioOZaarTSNti5XnBvvA00
5eL4/vp3Dj4TmXKTLuA+lamA1AH/oAU8DbLrTQXI03f9bQtgLEji9lQW0DrXsKjE
5UKDXXWg6r/QFEl9DbykzOxllgI2TZ0m+JoOcQR6qeQJp9/EGPKpKc313Sataho/
IOMMCzdZWKprzb5CZecSt5FzZbOO6zcIJDagxV9EulceSByeKzJkwYEejwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG+LzTBm0aNqOu2897ttrs9iLciiMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvYjR2Tk1HYlJvMm82N2J6M3UyMnV6Mkl0eUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW70AAwQD
sGsoMA0GCSqGSIb3DQEBCwUAA4IBAQC9Lk2wbicZmaGKo0EM9hNN54cJp49tdjpB
SUdhz5c6WCoNt6DE1Er18X5bsbmJjj48XQKH9dtVZLw63cQIxHRLZw8q+PhlRqCj
j3FejATYmZcx+U6ZzHiBHpfAHMtxonifAp2JL/5lN2sIITndo5eIsMew5WJ4FxeO
tF7VF//ZnxB+N3veDSLR4R2aIpTq5qMcBb1p0ytoyr4qA6AWNXd+UBByRrvg4195
CyKRGFGj12EmwgwOU4uuh0Jp+I4SANHGa+m1ZUUxwckF4frqIh+1WvpicG2ECacB
duQKIT3SwyaCNOgXoURi0/k6T3h8o9aNM5f5qbYpkBK1CYQgB5xD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net