Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/hSNRyfJ3PH2KGCseUOEvDGpfyK8.roa
File: hSNRyfJ3PH2KGCseUOEvDGpfyK8.roa (raw, json)
Hash identifier: XdLLCZX0/z3+SIY+d7BWzoDcMrU0AuJsTdPOrDQnlMU=
Subject key identifier: 85:23:51:C9:F2:77:3C:7D:8A:18:2B:1E:50:E1:2F:0C:6A:5F:C8:AF
Certificate issuer: /CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Certificate serial: 019421B1E7AA3EE12DE675C2DC093872671D
Authority key identifier: EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/hSNRyfJ3PH2KGCseUOEvDGpfyK8.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2613
IP address blocks: 91.218.38.0/24 maxlen: 24
193.135.150.0/24 maxlen: 24
2001:678:294::/48 maxlen: 48
2001:678:298::/48 maxlen: 48
2a07:e640::/29 maxlen: 29
2a07:e640:666::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e7:aa:3e:e1:2d:e6:75:c2:dc:09:38:72:67:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=852351c9f2773c7d8a182b1e50e12f0c6a5fc8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:38:6d:d5:64:fe:4a:c0:0b:ec:f3:ec:ed:
7a:74:1f:48:8b:5c:9a:d0:65:08:ef:d9:a2:a6:81:
f0:97:fe:bb:02:4a:95:15:e9:6d:90:68:0b:12:f2:
cb:50:ad:b0:36:30:4c:83:b9:0d:e9:18:5a:32:0b:
8c:fb:42:ce:ef:49:92:bb:1b:94:cc:31:6e:6e:af:
e2:d9:51:39:0f:cc:f5:67:e2:0d:95:7a:90:99:18:
c8:83:de:9b:ab:6c:74:9a:df:3c:99:e2:fe:2d:4c:
d4:62:8e:9f:ac:e0:d4:68:ba:45:95:e8:f5:06:ca:
7f:c4:14:b4:fb:2b:5e:54:b5:86:bb:98:2b:0d:21:
28:da:9a:d9:18:3a:b8:0e:9c:0a:fa:04:2f:a7:fa:
6f:55:ed:98:0e:3d:63:6e:ee:27:0d:cb:f5:b8:fb:
d5:b4:d1:1d:2f:c1:34:63:ce:c3:5a:e3:1e:b5:1e:
8d:be:6d:c5:c0:dc:3e:3a:02:3e:86:c6:7e:8c:79:
33:2f:cf:2a:f0:d7:6c:0c:bf:f3:32:22:5c:0d:97:
1f:b5:bc:c4:68:ff:dc:6d:f2:37:2a:fe:54:ac:36:
a4:73:ea:af:69:79:22:fa:9c:f3:dd:92:cb:33:e0:
04:37:6b:7b:74:f0:c3:51:a0:b1:0e:13:a5:e4:e7:
63:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:23:51:C9:F2:77:3C:7D:8A:18:2B:1E:50:E1:2F:0C:6A:5F:C8:AF
X509v3 Authority Key Identifier:
keyid:EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/hSNRyfJ3PH2KGCseUOEvDGpfyK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.38.0/24
193.135.150.0/24
IPv6:
2001:678:294::/48
2001:678:298::/48
2a07:e640::/29
Signature Algorithm: sha256WithRSAEncryption
6b:1b:7b:89:74:49:c7:91:ae:18:f2:a0:68:e0:9b:59:14:6d:
a7:f2:7b:93:27:de:eb:33:08:83:8e:18:c1:71:cc:d3:c3:4a:
7a:9a:90:ab:f2:0e:ab:76:0a:0c:ed:1d:cd:a0:68:ea:c3:d8:
3d:0e:1e:4f:4b:83:9e:4c:81:1c:27:26:84:01:32:12:2d:12:
59:3f:72:96:10:a1:6a:cd:37:97:9c:c6:33:82:0f:14:be:53:
01:35:af:ea:ba:41:a9:5a:dd:3b:57:a9:08:d5:62:3a:86:d1:
ea:62:aa:cf:db:fd:d3:55:fb:82:ba:eb:55:f4:73:05:87:61:
2b:f9:6d:04:af:fb:31:94:f0:ab:8d:f3:d8:fa:36:9e:12:f9:
26:f0:76:b6:ee:83:f5:c8:31:65:e7:dd:ab:3c:1b:1a:10:2c:
91:ec:3a:10:5d:ba:be:8c:3c:64:e4:bd:74:c1:d1:da:db:d1:
9b:6d:be:2f:70:06:1c:98:ca:8c:e0:4b:23:b3:8d:7b:56:09:
c7:37:38:c9:36:c8:94:ca:11:53:43:80:dd:88:54:fb:d1:0b:
d5:8b:8b:72:c0:88:9e:f2:be:d8:1b:42:c6:cb:12:ab:e2:56:
4d:96:e4:78:c9:32:1a:70:38:51:d9:c8:7f:8e:29:d4:77:d3:
50:6b:31:07
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQhseeqPuEt5nXC3Ak4cmcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDYwY2VjNTNiM2EwY2ZjOGNiNDU0M2EyZDBhOGE1OWU2
MDk2ZWUwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIzNTFjOWYyNzczYzdkOGExODJiMWU1MGUxMmYwYzZhNWZjOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw44bdVk/krAC+zz7O16dB9Ii1ya
0GUI79mipoHwl/67AkqVFeltkGgLEvLLUK2wNjBMg7kN6RhaMguM+0LO70mSuxuU
zDFubq/i2VE5D8z1Z+INlXqQmRjIg96bq2x0mt88meL+LUzUYo6frODUaLpFlej1
Bsp/xBS0+yteVLWGu5grDSEo2prZGDq4DpwK+gQvp/pvVe2YDj1jbu4nDcv1uPvV
tNEdL8E0Y87DWuMetR6Nvm3FwNw+OgI+hsZ+jHkzL88q8NdsDL/zMiJcDZcftbzE
aP/cbfI3Kv5UrDakc+qvaXki+pzz3ZLLM+AEN2t7dPDDUaCxDhOl5OdjpQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIUjUcnydzx9ihgrHlDhLwxqX8ivMB8GA1UdIwQY
MBaAFO/WDOxTs6DPyMtFQ6LQqKWeYJbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5Nzgt
OWUxMjhjZjNjM2FkLzEvaFNOUnlmSjNQSDJLR0NzZVVPRXZER3BmeUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5NzgtOWUxMjhjZjNjM2Fk
LzEvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQAW9omAwQA
wYeWMB8EAgACMBkDBwAgAQZ4ApQDBwAgAQZ4ApgDBQMqB+ZAMA0GCSqGSIb3DQEB
CwUAA4IBAQBrG3uJdEnHka4Y8qBo4JtZFG2n8nuTJ97rMwiDjhjBcczTw0p6mpCr
8g6rdgoM7R3NoGjqw9g9Dh5PS4OeTIEcJyaEATISLRJZP3KWEKFqzTeXnMYzgg8U
vlMBNa/qukGpWt07V6kI1WI6htHqYqrP2/3TVfuCuutV9HMFh2Er+W0Er/sxlPCr
jfPY+jaeEvkm8Ha27oP1yDFl592rPBsaECyR7DoQXbq+jDxk5L10wdHa29Gbbb4v
cAYcmMqM4Esjs417VgnHNzjJNsiUyhFTQ4DdiFT70QvVi4tywIie8r7YG0LGyxKr
4lZNluR4yTIacDhR2ch/jinUd9NQazEH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:54 2025 by rpki-client on console.sobornost.net