Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/51519c-1e93-44a9-ac70-7e242674defc/1/2zPO2m1PUGY-iLAYnC4rJmYASPE.roa
File: 2zPO2m1PUGY-iLAYnC4rJmYASPE.roa (raw, json)
Hash identifier: Rs7PMbEzIpZxq7FwWF4kt1+4OAfZU7egEzwfwjyWknc=
Subject key identifier: DB:33:CE:DA:6D:4F:50:66:3E:88:B0:18:9C:2E:2B:26:66:00:48:F1
Certificate issuer: /CN=17b8beb555dafa82c3d6aa336909ae5ade35a83d
Certificate serial: 0194258F38581A1A9CD3FFDAD3FA4BF7237A
Authority key identifier: 17:B8:BE:B5:55:DA:FA:82:C3:D6:AA:33:69:09:AE:5A:DE:35:A8:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7i-tVXa-oLD1qozaQmuWt41qD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/51519c-1e93-44a9-ac70-7e242674defc/1/2zPO2m1PUGY-iLAYnC4rJmYASPE.roa
Signing time: Thu 02 Jan 2025 05:48:50 +0000
ROA not before: Thu 02 Jan 2025 05:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199250
IP address blocks: 91.200.68.0/24 maxlen: 24
91.200.69.0/24 maxlen: 24
185.21.36.0/22 maxlen: 24
185.21.37.0/24 maxlen: 24
185.21.38.0/24 maxlen: 24
185.21.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:38:58:1a:1a:9c:d3:ff:da:d3:fa:4b:f7:23:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b8beb555dafa82c3d6aa336909ae5ade35a83d
Validity
Not Before: Jan 2 05:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db33ceda6d4f50663e88b0189c2e2b26660048f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f8:70:94:8f:25:4d:1d:a7:0e:10:06:9b:fd:
8b:54:39:74:b5:f2:64:48:45:b0:96:24:f3:5f:08:
56:6f:18:d6:d0:94:4b:a6:0d:e0:50:67:9c:f3:3f:
db:3e:73:97:a8:67:5f:9d:af:20:de:c5:be:0d:d6:
12:5a:72:21:fd:06:0e:d8:9a:61:a9:c6:81:6d:c3:
a3:0a:6b:46:b5:f2:8b:c1:4f:0f:8a:80:c3:c1:d5:
e0:3b:b7:7f:ed:60:fa:83:9a:c3:10:06:d2:b1:61:
e0:d3:1a:45:7a:a3:70:d2:9f:bf:50:2c:5e:b7:a5:
75:41:5b:8a:6f:11:36:2f:55:06:8f:a3:87:68:9c:
e0:6c:2a:27:ef:22:6e:cc:d2:ab:08:b2:03:3c:cf:
f6:98:d8:1f:d4:e6:a1:7b:69:d2:86:fd:87:11:cc:
dc:a8:e0:34:3e:be:17:7c:a0:0c:75:69:0f:90:70:
7c:81:37:40:5d:df:4b:8c:5a:b4:c8:30:63:9f:ad:
56:be:d9:b3:08:e5:10:d8:c0:e5:89:8b:d2:b7:a4:
93:18:44:15:66:76:bd:db:70:58:94:1c:d6:39:1c:
e1:83:0d:6f:6e:39:2b:22:e2:f0:3d:97:a6:8f:42:
38:fb:b2:97:5e:ee:f5:95:8a:a9:a9:7a:88:81:40:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:33:CE:DA:6D:4F:50:66:3E:88:B0:18:9C:2E:2B:26:66:00:48:F1
X509v3 Authority Key Identifier:
keyid:17:B8:BE:B5:55:DA:FA:82:C3:D6:AA:33:69:09:AE:5A:DE:35:A8:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7i-tVXa-oLD1qozaQmuWt41qD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/51519c-1e93-44a9-ac70-7e242674defc/1/2zPO2m1PUGY-iLAYnC4rJmYASPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/51519c-1e93-44a9-ac70-7e242674defc/1/F7i-tVXa-oLD1qozaQmuWt41qD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.68.0/23
185.21.36.0/22
Signature Algorithm: sha256WithRSAEncryption
62:63:f9:4a:38:ce:a8:06:29:6d:65:39:fa:16:50:49:1b:c0:
6e:9c:5b:dd:3c:4d:75:a5:0f:f0:db:8d:ac:08:47:e1:75:71:
bc:59:07:a1:76:50:88:1c:5d:62:69:0e:b5:43:5d:f6:e5:2c:
0e:02:a1:1c:af:35:83:3d:87:aa:0c:cd:5b:51:64:ba:69:3a:
b1:19:00:21:56:4c:9e:f6:14:c2:9b:a6:85:23:11:3b:2e:94:
68:a9:9f:b3:21:96:1b:79:c0:a6:ee:26:59:95:cd:5e:f9:78:
c4:cc:b4:3b:06:d8:1f:37:48:14:fc:c2:77:0c:bc:4d:53:a9:
fe:b3:b4:9d:12:f2:05:44:cf:a3:31:68:e0:e9:00:7d:2b:9a:
88:c4:f2:f4:e9:52:5d:39:a3:61:fb:83:2d:9c:2e:c2:3a:31:
fb:47:a3:db:dc:ff:a1:01:2a:09:61:f1:1b:90:19:ea:cf:61:
48:73:d9:3a:fe:90:a1:ef:fd:01:b9:ba:1d:49:09:c6:db:20:
97:5b:fc:4a:82:7d:e6:19:cb:0a:23:f7:e6:fb:91:85:d9:0a:
38:18:05:51:cf:6c:0b:fa:5a:23:52:9f:cb:d7:69:1a:f8:8e:
d0:68:f8:2b:92:9e:19:94:db:a1:79:8f:75:34:88:3c:47:d7:
96:91:cb:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljzhYGhqc0//a0/pL9yN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjhiZWI1NTVkYWZhODJjM2Q2YWEzMzY5MDlhZTVhZGUz
NWE4M2QwHhcNMjUwMTAyMDU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMzY2VkYTZkNGY1MDY2M2U4OGIwMTg5YzJlMmIyNjY2MDA0OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvhwlI8lTR2nDhAGm/2LVDl0tfJk
SEWwliTzXwhWbxjW0JRLpg3gUGec8z/bPnOXqGdfna8g3sW+DdYSWnIh/QYO2Jph
qcaBbcOjCmtGtfKLwU8PioDDwdXgO7d/7WD6g5rDEAbSsWHg0xpFeqNw0p+/UCxe
t6V1QVuKbxE2L1UGj6OHaJzgbCon7yJuzNKrCLIDPM/2mNgf1Oahe2nShv2HEczc
qOA0Pr4XfKAMdWkPkHB8gTdAXd9LjFq0yDBjn61WvtmzCOUQ2MDliYvSt6STGEQV
Zna923BYlBzWORzhgw1vbjkrIuLwPZemj0I4+7KXXu71lYqpqXqIgUAZ+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNszztptT1BmPoiwGJwuKyZmAEjxMB8GA1UdIwQY
MBaAFBe4vrVV2vqCw9aqM2kJrlreNag9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdpLXRWWGEtb0xEMXFvemFRbXVXdDQxcUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81MTUxOWMtMWU5My00NGE5LWFjNzAt
N2UyNDI2NzRkZWZjLzEvMnpQTzJtMVBVR1ktaUxBWW5DNHJKbVlBU1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81MTUxOWMtMWU5My00NGE5LWFjNzAtN2UyNDI2NzRkZWZj
LzEvRjdpLXRWWGEtb0xEMXFvemFRbXVXdDQxcUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8hEAwQC
uRUkMA0GCSqGSIb3DQEBCwUAA4IBAQBiY/lKOM6oBiltZTn6FlBJG8BunFvdPE11
pQ/w242sCEfhdXG8WQehdlCIHF1iaQ61Q1325SwOAqEcrzWDPYeqDM1bUWS6aTqx
GQAhVkye9hTCm6aFIxE7LpRoqZ+zIZYbecCm7iZZlc1e+XjEzLQ7BtgfN0gU/MJ3
DLxNU6n+s7SdEvIFRM+jMWjg6QB9K5qIxPL06VJdOaNh+4MtnC7COjH7R6Pb3P+h
ASoJYfEbkBnqz2FIc9k6/pCh7/0BubodSQnG2yCXW/xKgn3mGcsKI/fm+5GF2Qo4
GAVRz2wL+lojUp/L12ka+I7QaPgrkp4ZlNuheY91NIg8R9eWkcvZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:32 2025 by rpki-client on console.sobornost.net