Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SFOJNXUSp6m9LegVLqZTDNkDw-I.roa
File: SFOJNXUSp6m9LegVLqZTDNkDw-I.roa (raw, json)
Hash identifier: 7MfE9n0pNL2VbKGvWynoE7hpg1AbTrSkhUgDGXLIvqI=
Subject key identifier: 48:53:89:35:75:12:A7:A9:BD:2D:E8:15:2E:A6:53:0C:D9:03:C3:E2
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01961BF6F6CAB574D2692FFC21DFA24D87DA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SFOJNXUSp6m9LegVLqZTDNkDw-I.roa
Signing time: Wed 09 Apr 2025 19:11:31 +0000
ROA not before: Wed 09 Apr 2025 19:11:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 46.149.173.0/24 maxlen: 24
91.213.230.0/24 maxlen: 24
91.246.56.0/24 maxlen: 24
91.246.62.0/24 maxlen: 24
91.247.169.0/24 maxlen: 24
91.247.170.0/24 maxlen: 24
185.225.190.0/24 maxlen: 24
194.59.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:f6:f6:ca:b5:74:d2:69:2f:fc:21:df:a2:4d:87:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 19:11:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=485389357512a7a9bd2de8152ea6530cd903c3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:ff:2a:06:fe:b3:79:48:3d:2c:46:bf:f1:
2f:8e:2e:09:36:12:a5:00:3a:5c:0f:57:77:65:f3:
77:9b:61:84:27:d9:97:f0:7f:92:a3:a9:e7:78:af:
f6:3d:77:8d:25:ac:c0:b9:c7:ab:db:56:52:32:cf:
2f:c0:e0:75:26:08:98:67:b3:fa:61:a1:e0:75:86:
90:63:34:36:18:3d:04:2b:16:e0:22:31:51:17:65:
49:0e:6f:a0:22:89:6f:e1:be:07:15:e3:7a:8b:ce:
b6:0b:99:8a:d1:2e:9f:c0:ad:51:2d:97:8c:26:91:
db:7a:5a:2b:9d:25:86:35:27:ad:20:47:0f:26:25:
2f:54:94:3a:9d:2a:57:e8:28:3a:9c:b0:21:0a:ea:
f0:1b:b6:a4:5d:fb:3e:4e:17:c2:1f:71:99:c5:28:
ad:dd:0a:f7:60:42:34:81:19:d3:9e:21:5d:8e:47:
ca:57:49:97:fd:23:1c:64:df:fd:50:53:ec:7d:b6:
7c:92:e9:5b:67:66:52:7f:95:7f:97:be:c1:5c:ff:
b5:84:64:32:25:05:12:5a:46:5c:ff:16:9b:d1:a1:
f8:5d:14:56:9d:95:34:cd:b0:6f:1f:ef:b9:83:49:
86:70:2a:02:92:f1:f8:0e:28:e6:05:1b:00:64:73:
3e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:53:89:35:75:12:A7:A9:BD:2D:E8:15:2E:A6:53:0C:D9:03:C3:E2
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/SFOJNXUSp6m9LegVLqZTDNkDw-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.173.0/24
91.213.230.0/24
91.246.56.0/24
91.246.62.0/24
91.247.169.0-91.247.170.255
185.225.190.0/24
194.59.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:17:a7:17:aa:b9:1e:d9:01:80:a8:bb:2b:bd:98:12:ab:cd:
62:8d:19:a6:0c:a4:ac:43:9c:c8:82:87:68:03:2c:89:4b:78:
9e:be:14:2c:26:1c:36:3c:d6:bc:a6:8b:4f:92:ef:a9:f0:81:
42:36:ae:3a:64:c9:39:21:38:bb:fa:b0:98:fa:c2:4a:d5:45:
6b:ca:24:2e:0e:5b:f6:27:c9:41:62:f8:3d:cf:7a:a6:6c:0e:
1e:f2:1c:af:54:3a:b6:0b:38:6b:ad:7b:c3:e6:4c:27:52:53:
a4:d2:33:52:1d:25:cd:56:47:d9:77:7a:58:ef:12:23:d6:fd:
88:39:aa:54:53:9a:0c:65:df:a7:06:06:8e:eb:69:79:bf:e7:
f5:cd:01:92:f7:8d:42:f2:38:6d:03:c1:e0:08:85:e8:5d:65:
e0:04:32:4e:66:5a:73:f5:fe:46:78:85:31:fb:bf:20:71:1c:
0f:99:17:85:1c:58:d5:8c:86:02:e2:bc:a0:38:5e:ed:9c:4a:
36:50:59:0e:d2:3f:d0:e2:c7:63:0f:e9:f7:8d:80:fc:4c:3a:
14:d6:ce:9a:fa:ba:16:d9:8f:dd:66:16:cd:87:76:a8:8b:6f:
6a:87:ec:b0:cd:63:0a:15:69:82:d6:bd:fe:4e:a3:72:fd:06:
89:c9:19:e3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZYb9vbKtXTSaS/8Id+iTYfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNDA5MTkxMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODUzODkzNTc1MTJhN2E5YmQyZGU4MTUyZWE2NTMwY2Q5MDNjM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN//Kgb+s3lIPSxGv/Evji4JNhKl
ADpcD1d3ZfN3m2GEJ9mX8H+So6nneK/2PXeNJazAucer21ZSMs8vwOB1JgiYZ7P6
YaHgdYaQYzQ2GD0EKxbgIjFRF2VJDm+gIolv4b4HFeN6i862C5mK0S6fwK1RLZeM
JpHbelornSWGNSetIEcPJiUvVJQ6nSpX6Cg6nLAhCurwG7akXfs+ThfCH3GZxSit
3Qr3YEI0gRnTniFdjkfKV0mX/SMcZN/9UFPsfbZ8kulbZ2ZSf5V/l77BXP+1hGQy
JQUSWkZc/xab0aH4XRRWnZU0zbBvH++5g0mGcCoCkvH4DijmBRsAZHM+JwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEhTiTV1EqepvS3oFS6mUwzZA8PiMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvU0ZPSk5YVVNwNm05TGVnVkxxWlRETmtEdy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALpWtAwQA
W9XmAwQAW/Y4AwQAW/Y+MAwDBABb96kDBABb96oDBAC54b4DBADCO/YwDQYJKoZI
hvcNAQELBQADggEBAE8XpxequR7ZAYCouyu9mBKrzWKNGaYMpKxDnMiCh2gDLIlL
eJ6+FCwmHDY81rymi0+S76nwgUI2rjpkyTkhOLv6sJj6wkrVRWvKJC4OW/YnyUFi
+D3PeqZsDh7yHK9UOrYLOGute8PmTCdSU6TSM1IdJc1WR9l3eljvEiPW/Yg5qlRT
mgxl36cGBo7raXm/5/XNAZL3jULyOG0DweAIhehdZeAEMk5mWnP1/kZ4hTH7vyBx
HA+ZF4UcWNWMhgLivKA4Xu2cSjZQWQ7SP9Dix2MP6feNgPxMOhTWzpr6uhbZj91m
Fs2HdqiLb2qH7LDNYwoVaYLWvf5Oo3L9BonJGeM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net