Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/_11c4KnryngFBZ3LrSwCjXVWAnI.roa
File: _11c4KnryngFBZ3LrSwCjXVWAnI.roa (raw, json)
Hash identifier: 4suX3JVW+dbra41XqoLSgaNnHC7+X6k6GS1R8JLgxL8=
Subject key identifier: FF:5D:5C:E0:A9:EB:CA:78:05:05:9D:CB:AD:2C:02:8D:75:56:02:72
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 019425FC849E15267AB6B738F9044961F00C
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/_11c4KnryngFBZ3LrSwCjXVWAnI.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60805
IP address blocks: 91.240.240.0/24 maxlen: 24
2001:67c:1734::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:84:9e:15:26:7a:b6:b7:38:f9:04:49:61:f0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff5d5ce0a9ebca7805059dcbad2c028d75560272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:36:39:ad:9b:c9:20:7c:66:ca:f4:6f:df:29:
d8:72:5f:5b:e4:a8:fa:ed:ea:90:03:47:5a:a9:5b:
cb:c2:51:e9:33:e1:8f:ff:c1:54:1d:86:74:d1:c1:
41:57:be:c8:6d:3f:cd:db:9e:fa:a0:c6:78:4f:56:
db:6e:a3:64:c6:2c:a6:27:29:e3:d6:79:43:a8:75:
95:50:fc:f5:b0:d9:f3:62:bd:c1:80:66:a6:3e:f7:
57:c9:20:8d:a4:df:73:54:bd:f5:8f:1f:b2:90:d2:
20:03:93:61:bd:8f:2b:a2:e9:41:e4:ef:28:dd:ed:
f0:38:86:3b:e8:82:b8:e5:da:50:78:ae:df:da:15:
79:6e:b3:9b:b6:eb:39:fb:23:de:0d:b6:f2:e5:c9:
e5:11:ae:fc:07:74:de:9a:df:ae:0b:90:0e:85:b1:
c1:62:e9:37:f5:ea:5c:cc:8e:95:79:a4:b3:85:09:
27:9a:99:12:e7:2b:8a:23:76:0a:eb:53:e8:10:8b:
e1:75:f0:6f:14:85:c5:f2:e1:e3:a6:56:70:22:35:
90:57:67:6f:5d:00:7d:2e:50:b4:33:fb:51:cc:f2:
64:82:d6:85:22:85:e4:fb:bf:ea:d6:25:6d:1e:fc:
35:dd:0d:35:04:a6:5e:d3:02:4a:9c:51:48:18:23:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5D:5C:E0:A9:EB:CA:78:05:05:9D:CB:AD:2C:02:8D:75:56:02:72
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/_11c4KnryngFBZ3LrSwCjXVWAnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.240.0/24
IPv6:
2001:67c:1734::/48
Signature Algorithm: sha256WithRSAEncryption
b5:c2:6c:65:b0:7d:96:b2:4b:24:3f:d7:85:76:c1:ce:9b:03:
8e:9e:28:28:d2:49:db:07:1f:81:18:e5:71:64:9e:c6:72:ed:
22:06:99:39:e5:ca:fc:0e:03:cf:79:89:ac:f9:df:fe:47:78:
79:f6:8f:42:dc:cf:2d:d7:51:84:72:ae:75:84:cf:2e:cc:7f:
5d:e4:70:7b:8d:3f:12:a6:43:e6:00:c6:95:78:53:ab:db:8e:
42:c9:dc:41:13:86:94:22:65:c0:3a:9f:6e:32:ad:3a:dd:48:
50:c2:a9:6b:82:74:b4:1c:27:9b:c2:dd:50:8d:ee:40:d3:a9:
96:ee:f2:07:55:1e:5c:8e:a8:5f:47:b4:26:cd:ee:e2:7c:e3:
0c:a0:b5:8c:1b:92:54:a4:61:a7:0a:0a:32:90:5d:63:75:8e:
d2:b5:10:27:b7:57:ef:d9:db:7b:07:6e:d6:07:cd:dc:f6:42:
18:4b:27:92:fc:be:e6:46:d9:2c:77:ea:58:a0:44:05:00:98:
c8:be:9f:58:3e:e7:46:4d:23:71:8f:05:9c:c3:c6:a7:14:d2:
eb:ce:b5:8a:47:b8:64:a7:b6:ce:5d:f7:ba:34:10:c2:75:6d:
b8:9d:d7:c5:97:70:ad:3c:4f:cb:cb:28:41:42:48:b8:bd:26:
a5:ae:25:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/ISeFSZ6trc4+QRJYfAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVkNWNlMGE5ZWJjYTc4MDUwNTlkY2JhZDJjMDI4ZDc1NTYwMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzY5rZvJIHxmyvRv3ynYcl9b5Kj6
7eqQA0daqVvLwlHpM+GP/8FUHYZ00cFBV77IbT/N2576oMZ4T1bbbqNkxiymJynj
1nlDqHWVUPz1sNnzYr3BgGamPvdXySCNpN9zVL31jx+ykNIgA5NhvY8roulB5O8o
3e3wOIY76IK45dpQeK7f2hV5brObtus5+yPeDbby5cnlEa78B3Temt+uC5AOhbHB
Yuk39epczI6VeaSzhQknmpkS5yuKI3YK61PoEIvhdfBvFIXF8uHjplZwIjWQV2dv
XQB9LlC0M/tRzPJkgtaFIoXk+7/q1iVtHvw13Q01BKZe0wJKnFFIGCNpPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9dXOCp68p4BQWdy60sAo11VgJyMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvXzExYzRLbnJ5bmdGQlozTHJTd0NqWFZXQW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/DwMA8E
AgACMAkDBwAgAQZ8FzQwDQYJKoZIhvcNAQELBQADggEBALXCbGWwfZaySyQ/14V2
wc6bA46eKCjSSdsHH4EY5XFknsZy7SIGmTnlyvwOA895iaz53/5HeHn2j0Lczy3X
UYRyrnWEzy7Mf13kcHuNPxKmQ+YAxpV4U6vbjkLJ3EEThpQiZcA6n24yrTrdSFDC
qWuCdLQcJ5vC3VCN7kDTqZbu8gdVHlyOqF9HtCbN7uJ84wygtYwbklSkYacKCjKQ
XWN1jtK1ECe3V+/Z23sHbtYHzdz2QhhLJ5L8vuZG2Sx36ligRAUAmMi+n1g+50ZN
I3GPBZzDxqcU0uvOtYpHuGSnts5d97o0EMJ1bbid18WXcK08T8vLKEFCSLi9JqWu
JUE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:11 2025 by rpki-client on console.sobornost.net