Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/mgO2bfWYu0Z3yfKtycB0eHY39X8.roa
File: mgO2bfWYu0Z3yfKtycB0eHY39X8.roa (raw, json)
Hash identifier: 60DQx4kpFtDfON86MP27ODodoK2c+Xs/qbF18XYACcg=
Subject key identifier: 9A:03:B6:6D:F5:98:BB:46:77:C9:F2:AD:C9:C0:74:78:76:37:F5:7F
Certificate issuer: /CN=b6d7f368fa1cf5b1aaaa76b0f1f23c06750a8426
Certificate serial: 019426D974C5A3B8A3AEB4CA8B4B917DC1FF
Authority key identifier: B6:D7:F3:68:FA:1C:F5:B1:AA:AA:76:B0:F1:F2:3C:06:75:0A:84:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttfzaPoc9bGqqnaw8fI8BnUKhCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/mgO2bfWYu0Z3yfKtycB0eHY39X8.roa
Signing time: Thu 02 Jan 2025 11:49:32 +0000
ROA not before: Thu 02 Jan 2025 11:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33965
IP address blocks: 91.212.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:74:c5:a3:b8:a3:ae:b4:ca:8b:4b:91:7d:c1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d7f368fa1cf5b1aaaa76b0f1f23c06750a8426
Validity
Not Before: Jan 2 11:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a03b66df598bb4677c9f2adc9c074787637f57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:19:9c:b5:89:4d:92:83:9c:cb:ae:c5:bf:
f1:61:65:d4:c5:97:ac:a3:2b:34:2f:0d:d0:dd:f7:
30:04:53:3f:93:35:e9:0c:ac:e5:53:0d:09:ae:0f:
e5:cc:c4:23:07:16:a3:c7:96:cd:f7:6c:65:b0:1e:
08:4c:e6:5a:d0:58:e8:09:5b:7a:3a:d8:f4:7e:a4:
d2:e1:7b:1f:b6:1f:5a:9f:2e:54:c9:44:8c:e8:7c:
27:26:67:59:d5:7b:9f:7e:e0:d7:ab:ab:57:81:33:
88:cd:ba:1d:a1:ad:60:44:2c:b4:49:ea:33:53:1a:
65:57:91:f7:45:26:ca:51:4e:1e:5a:fc:bd:b7:63:
91:12:17:f7:05:cb:02:2d:a9:78:35:42:e8:07:4d:
40:a9:6f:cf:a4:c2:4c:94:77:04:7b:c3:df:b4:77:
74:6c:d8:6c:20:70:fc:c8:1f:09:dc:3d:cc:57:f8:
14:24:af:97:5e:67:00:62:02:7c:0f:5d:02:3a:d3:
2d:bd:b5:20:de:7b:53:55:0f:c3:e2:9f:b4:b9:f8:
0d:30:26:60:be:5d:cc:fe:e4:e8:1d:1b:8d:77:64:
d5:bb:c9:99:de:47:a2:a1:d6:47:ba:e7:fe:e0:c3:
0e:03:0d:d2:c3:7c:5e:c9:18:68:70:84:e1:ee:ae:
7c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:03:B6:6D:F5:98:BB:46:77:C9:F2:AD:C9:C0:74:78:76:37:F5:7F
X509v3 Authority Key Identifier:
keyid:B6:D7:F3:68:FA:1C:F5:B1:AA:AA:76:B0:F1:F2:3C:06:75:0A:84:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttfzaPoc9bGqqnaw8fI8BnUKhCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/mgO2bfWYu0Z3yfKtycB0eHY39X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/ttfzaPoc9bGqqnaw8fI8BnUKhCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.109.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e0:f9:d6:4a:a8:a8:e0:b3:96:52:1e:95:b8:48:65:bb:a1:
31:ee:12:c5:4e:d3:f2:3d:0d:be:d0:5b:08:77:c5:8e:ec:16:
03:6b:77:91:2b:ce:91:f5:c6:43:93:9f:ce:cc:18:1c:be:a1:
6f:5c:4b:a5:ac:d3:b2:93:ec:35:b1:2a:cf:d7:0e:27:29:0d:
d5:72:c2:78:28:bf:23:04:e3:e9:c6:dd:7d:a2:36:7b:c2:0a:
56:b9:78:cc:cf:1c:3b:74:f8:f8:51:84:1f:e0:05:cd:b3:2f:
a7:67:da:ca:3d:5f:bf:e0:57:9a:db:98:93:ef:46:f5:17:13:
7e:ad:1d:10:8b:1c:ed:ef:53:5e:c7:77:6f:67:0b:dc:ae:42:
5e:21:ad:52:04:69:8f:87:6e:cd:83:00:0e:70:0c:60:2d:75:
9a:ef:2a:bf:17:2a:df:65:5e:ea:0b:b1:66:27:6d:fb:9c:04:
ac:02:92:24:b2:32:59:f0:c9:52:41:4c:78:c4:d3:9a:93:4b:
77:57:43:21:1f:2d:0e:8d:d0:d2:68:e3:3f:5d:9f:9c:db:3a:
d5:f6:5b:c2:68:1a:3a:fd:f9:0b:f6:d0:b8:3e:89:3e:56:0b:
83:ed:7a:c7:ed:09:3b:41:7c:ff:e7:d2:3d:ee:84:67:3b:b8:
30:19:45:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2XTFo7ijrrTKi0uRfcH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDdmMzY4ZmExY2Y1YjFhYWFhNzZiMGYxZjIzYzA2NzUw
YTg0MjYwHhcNMjUwMTAyMTE0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAzYjY2ZGY1OThiYjQ2NzdjOWYyYWRjOWMwNzQ3ODc2MzdmNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvykZnLWJTZKDnMuuxb/xYWXUxZes
oys0Lw3Q3fcwBFM/kzXpDKzlUw0Jrg/lzMQjBxajx5bN92xlsB4ITOZa0FjoCVt6
Otj0fqTS4Xsfth9any5UyUSM6HwnJmdZ1XuffuDXq6tXgTOIzbodoa1gRCy0Seoz
UxplV5H3RSbKUU4eWvy9t2OREhf3BcsCLal4NULoB01AqW/PpMJMlHcEe8PftHd0
bNhsIHD8yB8J3D3MV/gUJK+XXmcAYgJ8D10COtMtvbUg3ntTVQ/D4p+0ufgNMCZg
vl3M/uToHRuNd2TVu8mZ3keiodZHuuf+4MMOAw3Sw3xeyRhocITh7q58dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoDtm31mLtGd8nyrcnAdHh2N/V/MB8GA1UdIwQY
MBaAFLbX82j6HPWxqqp2sPHyPAZ1CoQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRmemFQb2M5YkdxcW5hdzhmSThCblVLaENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZDE1ZjQtODZhMi00NmQ5LWIzZWQt
MDhhZWRjMmYyNjM5LzEvbWdPMmJmV1l1MFozeWZLdHljQjBlSFkzOVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZDE1ZjQtODZhMi00NmQ5LWIzZWQtMDhhZWRjMmYyNjM5
LzEvdHRmemFQb2M5YkdxcW5hdzhmSThCblVLaENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RtMA0G
CSqGSIb3DQEBCwUAA4IBAQBz4PnWSqio4LOWUh6VuEhlu6Ex7hLFTtPyPQ2+0FsI
d8WO7BYDa3eRK86R9cZDk5/OzBgcvqFvXEulrNOyk+w1sSrP1w4nKQ3VcsJ4KL8j
BOPpxt19ojZ7wgpWuXjMzxw7dPj4UYQf4AXNsy+nZ9rKPV+/4Fea25iT70b1FxN+
rR0Qixzt71Nex3dvZwvcrkJeIa1SBGmPh27NgwAOcAxgLXWa7yq/FyrfZV7qC7Fm
J237nASsApIksjJZ8MlSQUx4xNOak0t3V0MhHy0OjdDSaOM/XZ+c2zrV9lvCaBo6
/fkL9tC4Pok+VguD7XrH7Qk7QXz/59I97oRnO7gwGUXt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:10 2025 by rpki-client on console.sobornost.net