Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/85a03d-87c3-4401-9a0d-ab2bafa1ae4d/1/hS4qE69cRzq1LeuTH9FbxF7EdCM.roa
File: hS4qE69cRzq1LeuTH9FbxF7EdCM.roa (raw, json)
Hash identifier: CNvb1FlCruFxVWACj7/lI66W2B3Fn96cjXQxKd7K6v8=
Subject key identifier: 85:2E:2A:13:AF:5C:47:3A:B5:2D:EB:93:1F:D1:5B:C4:5E:C4:74:23
Certificate issuer: /CN=37f4b91a3ffce9f97505a73cfd5e4ad4e35e042d
Certificate serial: 019423D7FE8E9E538D2D3AAA189F6FEB5219
Authority key identifier: 37:F4:B9:1A:3F:FC:E9:F9:75:05:A7:3C:FD:5E:4A:D4:E3:5E:04:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_S5Gj_86fl1Bac8_V5K1ONeBC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/85a03d-87c3-4401-9a0d-ab2bafa1ae4d/1/hS4qE69cRzq1LeuTH9FbxF7EdCM.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212059
IP address blocks: 91.235.182.0/24 maxlen: 24
2a10:c280::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fe:8e:9e:53:8d:2d:3a:aa:18:9f:6f:eb:52:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37f4b91a3ffce9f97505a73cfd5e4ad4e35e042d
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=852e2a13af5c473ab52deb931fd15bc45ec47423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a9:b6:e9:18:3f:2e:d7:7f:b0:85:d3:7a:8e:
f1:84:d0:d3:a2:73:5c:8b:5e:00:d5:58:0e:14:52:
fe:b8:a2:71:43:87:9c:11:76:9e:2d:0b:ad:36:f9:
23:2a:aa:7e:1d:83:b1:e1:1a:fc:1e:93:97:75:9c:
b6:8e:f0:0a:3a:11:5a:eb:1f:4a:ee:43:17:d2:13:
4b:92:85:d7:93:68:f8:33:ee:9e:46:cd:76:fc:6a:
d9:3b:2a:7d:94:80:c8:2c:ff:cc:1c:96:ee:46:14:
f6:0c:7b:2c:24:10:86:4e:ce:c8:36:12:83:34:8f:
86:e1:a2:fb:6b:ec:a6:5b:a6:17:77:f8:4a:4c:58:
f7:38:b4:57:2f:0d:27:1b:ba:cf:fb:9a:d3:2f:cc:
5a:de:82:5b:1f:f4:3a:b2:7f:fc:e5:1d:84:ae:7e:
0c:b6:d3:21:4f:17:22:78:78:90:c6:8a:a4:7a:09:
40:10:92:51:96:85:83:1e:1d:6b:05:7f:ce:cc:0d:
00:0b:e0:e3:ac:fe:0f:53:b4:ca:64:77:21:33:ed:
eb:4f:f7:85:19:3f:83:cb:06:35:b7:1d:06:ae:01:
b4:dc:33:ea:9d:da:da:f4:8b:2d:7a:9c:8a:b0:a0:
2e:a2:16:5a:44:ce:b1:61:0a:1c:f7:77:78:37:62:
3f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2E:2A:13:AF:5C:47:3A:B5:2D:EB:93:1F:D1:5B:C4:5E:C4:74:23
X509v3 Authority Key Identifier:
keyid:37:F4:B9:1A:3F:FC:E9:F9:75:05:A7:3C:FD:5E:4A:D4:E3:5E:04:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_S5Gj_86fl1Bac8_V5K1ONeBC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/85a03d-87c3-4401-9a0d-ab2bafa1ae4d/1/hS4qE69cRzq1LeuTH9FbxF7EdCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/85a03d-87c3-4401-9a0d-ab2bafa1ae4d/1/N_S5Gj_86fl1Bac8_V5K1ONeBC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.182.0/24
IPv6:
2a10:c280::/32
Signature Algorithm: sha256WithRSAEncryption
5d:fa:ed:fa:18:da:ca:80:2a:da:30:71:88:68:f6:ce:32:bf:
c9:bd:ff:da:8b:ae:84:e0:77:61:31:8a:49:91:9d:6d:88:8a:
c6:98:47:04:91:43:a0:d6:2b:5a:f3:63:89:09:22:36:b2:f7:
9c:91:86:30:25:0f:33:5a:70:93:c8:02:29:2b:18:7c:b4:19:
4f:dc:30:25:ae:37:32:98:92:6d:88:47:47:28:22:d1:e1:bc:
a5:94:3d:b0:15:35:32:57:4f:39:22:e0:52:cf:40:5c:10:59:
20:75:5f:3c:22:dd:2e:52:1a:28:b6:2d:1e:ce:bc:98:39:39:
7b:46:dc:97:e9:dc:0e:c2:e0:c5:88:9b:26:b7:9e:0c:03:ef:
a4:b8:d2:7a:ab:85:5d:53:0d:0e:05:61:7c:75:77:7f:62:f6:
5c:69:b9:e1:aa:87:a1:ae:35:fc:3b:b4:ac:c0:72:10:dc:e1:
66:b5:a8:03:9e:c0:80:90:42:04:3f:76:32:f1:6a:7a:ff:56:
db:49:32:80:5b:56:26:89:c2:e0:7e:f3:f6:91:e9:4d:e6:eb:
fc:19:eb:bc:76:82:8a:53:72:75:2e:cb:1d:28:3c:d1:10:87:
2a:46:cf:ef:79:3a:f5:fe:f8:39:b4:e0:ec:7f:64:10:62:0d:
bf:aa:91:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1/6OnlONLTqqGJ9v61IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZjRiOTFhM2ZmY2U5Zjk3NTA1YTczY2ZkNWU0YWQ0ZTM1
ZTA0MmQwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJlMmExM2FmNWM0NzNhYjUyZGViOTMxZmQxNWJjNDVlYzQ3NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qm26Rg/Ltd/sIXTeo7xhNDTonNc
i14A1VgOFFL+uKJxQ4ecEXaeLQutNvkjKqp+HYOx4Rr8HpOXdZy2jvAKOhFa6x9K
7kMX0hNLkoXXk2j4M+6eRs12/GrZOyp9lIDILP/MHJbuRhT2DHssJBCGTs7INhKD
NI+G4aL7a+ymW6YXd/hKTFj3OLRXLw0nG7rP+5rTL8xa3oJbH/Q6sn/85R2Ern4M
ttMhTxcieHiQxoqkeglAEJJRloWDHh1rBX/OzA0AC+DjrP4PU7TKZHchM+3rT/eF
GT+DywY1tx0GrgG03DPqndra9IstepyKsKAuohZaRM6xYQoc93d4N2I/xwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIUuKhOvXEc6tS3rkx/RW8RexHQjMB8GA1UdIwQY
MBaAFDf0uRo//On5dQWnPP1eStTjXgQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9TNUdqXzg2ZmwxQmFjOF9WNUsxT05lQkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS84NWEwM2QtODdjMy00NDAxLTlhMGQt
YWIyYmFmYTFhZTRkLzEvaFM0cUU2OWNSenExTGV1VEg5RmJ4RjdFZENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS84NWEwM2QtODdjMy00NDAxLTlhMGQtYWIyYmFmYTFhZTRk
LzEvTl9TNUdqXzg2ZmwxQmFjOF9WNUsxT05lQkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+u2MA0E
AgACMAcDBQAqEMKAMA0GCSqGSIb3DQEBCwUAA4IBAQBd+u36GNrKgCraMHGIaPbO
Mr/Jvf/ai66E4HdhMYpJkZ1tiIrGmEcEkUOg1ita82OJCSI2sveckYYwJQ8zWnCT
yAIpKxh8tBlP3DAlrjcymJJtiEdHKCLR4byllD2wFTUyV085IuBSz0BcEFkgdV88
It0uUhooti0ezryYOTl7RtyX6dwOwuDFiJsmt54MA++kuNJ6q4VdUw0OBWF8dXd/
YvZcabnhqoehrjX8O7SswHIQ3OFmtagDnsCAkEIEP3Yy8Wp6/1bbSTKAW1YmicLg
fvP2kelN5uv8Geu8doKKU3J1LssdKDzREIcqRs/veTr1/vg5tODsf2QQYg2/qpG7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net