Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/PEXdMp-4CvfhDpAVQ0Pz3ECZAhk.roa
File: PEXdMp-4CvfhDpAVQ0Pz3ECZAhk.roa (raw, json)
Hash identifier: qaoxZI1AadmU8INHwPbDVXQK737+Qj88K4LOCtSbEyg=
Subject key identifier: 3C:45:DD:32:9F:B8:0A:F7:E1:0E:90:15:43:43:F3:DC:40:99:02:19
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019427B66742A072F86F4145ED2673C594E4
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/PEXdMp-4CvfhDpAVQ0Pz3ECZAhk.roa
Signing time: Thu 02 Jan 2025 15:50:52 +0000
ROA not before: Thu 02 Jan 2025 15:50:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35297
IP address blocks: 91.236.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:67:42:a0:72:f8:6f:41:45:ed:26:73:c5:94:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Jan 2 15:50:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c45dd329fb80af7e10e90154343f3dc40990219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:65:99:22:f1:12:ab:61:4e:12:aa:47:2a:
cf:0a:44:49:76:5f:5f:1c:08:ec:bb:4b:80:5e:8c:
8e:85:f9:4f:08:05:96:c2:15:11:c4:c5:5c:7d:43:
fd:c2:bb:c1:d4:a5:3f:6d:04:ca:bf:00:98:92:86:
c3:f6:49:ca:91:6d:f0:98:f3:e3:21:fd:f4:19:d7:
65:32:37:09:28:9e:33:2a:44:ae:36:97:b9:e4:e4:
c0:02:04:e0:c8:a4:d8:48:2c:77:6f:c1:1f:1a:9b:
72:ab:01:c2:c1:b4:fa:aa:07:65:26:2c:93:79:4a:
01:ac:9e:3f:94:69:7e:c6:42:27:32:ae:92:f7:0e:
ca:cc:03:65:2a:11:87:c4:a1:31:b0:21:32:05:6b:
a4:73:93:0b:59:a3:ad:af:fb:ed:83:5a:c6:08:8a:
6f:14:5b:31:3c:c7:8e:38:94:eb:ee:1f:b6:bc:3d:
76:ed:f1:99:08:0e:b5:c1:9a:bb:bc:87:55:f0:4a:
25:fd:7f:50:26:ef:19:62:a2:fd:09:50:34:07:2a:
90:6d:23:64:ed:b3:f3:42:8f:5e:fb:71:b1:0b:15:
99:05:08:7c:d4:a7:c3:8f:cd:39:76:13:56:92:11:
7a:89:3c:04:09:c8:31:ff:b9:69:42:bc:10:3e:ac:
93:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:45:DD:32:9F:B8:0A:F7:E1:0E:90:15:43:43:F3:DC:40:99:02:19
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/PEXdMp-4CvfhDpAVQ0Pz3ECZAhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.154.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ff:83:cb:ad:78:ba:cf:cd:1d:21:0e:cb:df:cd:e3:61:e4:
b5:35:18:53:bd:08:fb:6f:9c:3a:10:bb:ca:97:77:0c:d0:5e:
ed:11:88:9d:b6:1d:96:ad:a6:6b:fb:b7:96:d1:51:06:4f:4b:
f9:d2:cf:7e:ec:2c:d2:84:f2:07:f2:aa:dd:f6:5f:44:ec:ed:
3e:33:53:c7:68:dc:96:03:4b:f4:52:32:27:03:9b:97:3d:8c:
9f:03:2c:f5:5a:cb:49:6f:49:3b:ee:0f:a5:ac:57:59:6d:63:
47:59:2f:c3:e8:59:38:0b:4f:ea:c4:a9:ee:b1:77:a7:ec:af:
7f:fe:a9:e2:a4:e4:05:9f:59:38:fb:d6:52:d4:b9:61:a2:1f:
27:df:34:e5:43:58:7b:dc:ac:77:b1:c3:4d:d4:c6:60:e6:9a:
d1:73:49:b7:32:e9:c1:a6:f3:44:a1:01:34:68:c5:e7:57:91:
43:29:3a:ad:36:82:82:c0:72:19:8e:c6:4e:4f:d0:74:14:ee:
fc:9d:1f:69:22:45:78:c1:02:b5:87:db:52:92:4f:1a:8d:55:
53:cf:bc:49:cb:a8:9e:6e:73:13:f3:27:7a:2f:1b:64:04:0e:
c7:37:8d:9d:54:e5:67:05:cb:4d:f6:8f:66:f1:8b:fc:07:f7:
91:95:21:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntmdCoHL4b0FF7SZzxZTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMTAyMTU1MDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQ1ZGQzMjlmYjgwYWY3ZTEwZTkwMTU0MzQzZjNkYzQwOTkwMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+9lmSLxEqthThKqRyrPCkRJdl9f
HAjsu0uAXoyOhflPCAWWwhURxMVcfUP9wrvB1KU/bQTKvwCYkobD9knKkW3wmPPj
If30GddlMjcJKJ4zKkSuNpe55OTAAgTgyKTYSCx3b8EfGptyqwHCwbT6qgdlJiyT
eUoBrJ4/lGl+xkInMq6S9w7KzANlKhGHxKExsCEyBWukc5MLWaOtr/vtg1rGCIpv
FFsxPMeOOJTr7h+2vD127fGZCA61wZq7vIdV8Eol/X9QJu8ZYqL9CVA0ByqQbSNk
7bPzQo9e+3GxCxWZBQh81KfDj805dhNWkhF6iTwECcgx/7lpQrwQPqyTXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxF3TKfuAr34Q6QFUND89xAmQIZMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvUEVYZE1wLTRDdmZoRHBBVlEwUHozRUNaQWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yaMA0G
CSqGSIb3DQEBCwUAA4IBAQA4/4PLrXi6z80dIQ7L383jYeS1NRhTvQj7b5w6ELvK
l3cM0F7tEYidth2WraZr+7eW0VEGT0v50s9+7CzShPIH8qrd9l9E7O0+M1PHaNyW
A0v0UjInA5uXPYyfAyz1WstJb0k77g+lrFdZbWNHWS/D6Fk4C0/qxKnusXen7K9/
/qnipOQFn1k4+9ZS1Llhoh8n3zTlQ1h73Kx3scNN1MZg5prRc0m3MunBpvNEoQE0
aMXnV5FDKTqtNoKCwHIZjsZOT9B0FO78nR9pIkV4wQK1h9tSkk8ajVVTz7xJy6ie
bnMT8yd6LxtkBA7HN42dVOVnBctN9o9m8Yv8B/eRlSH/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net