Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/L7K-XR4rTNFTEnboIJT8rcKDxW4.roa
File: L7K-XR4rTNFTEnboIJT8rcKDxW4.roa (raw, json)
Hash identifier: Orjc5PbTzJEGwidvDgWcdnyYtJunNcWhaUwiDHcpNvs=
Subject key identifier: 2F:B2:BE:5D:1E:2B:4C:D1:53:12:76:E8:20:94:FC:AD:C2:83:C5:6E
Certificate issuer: /CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Certificate serial: 01942522041573EE6CB98AE725317B3336E1
Authority key identifier: 5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/L7K-XR4rTNFTEnboIJT8rcKDxW4.roa
Signing time: Thu 02 Jan 2025 03:49:33 +0000
ROA not before: Thu 02 Jan 2025 03:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.58.0/24 maxlen: 24
2001:678:d98::/48 maxlen: 48
2001:678:d9c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:04:15:73:ee:6c:b9:8a:e7:25:31:7b:33:36:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b1a2cf2f13745ee1bbf7f0a74bead3ce5074855
Validity
Not Before: Jan 2 03:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fb2be5d1e2b4cd1531276e82094fcadc283c56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fe:2a:17:ea:1e:b5:2a:66:99:3a:43:59:c6:
4a:6b:a5:43:8d:8b:8c:60:71:ad:bd:2b:4c:b1:8e:
20:93:e8:d8:31:34:eb:f1:97:a7:52:12:61:63:dd:
53:d3:7e:5c:74:ce:ce:b8:f8:f6:fb:5b:5a:0d:d2:
27:84:82:a9:e7:f7:e6:85:7d:53:6e:0f:04:a8:10:
0b:86:59:67:b7:8e:c0:05:1c:fa:2a:2e:cd:dd:c9:
c4:70:70:57:64:f1:71:6f:f3:fe:3c:d6:70:5e:ba:
8f:84:4d:d0:fd:06:b1:26:0f:b2:81:ae:86:37:83:
7f:35:c6:f4:c2:b6:ab:e5:de:80:46:6b:3b:5f:76:
ad:fb:aa:9f:c1:df:38:d1:2e:f8:d2:96:8d:2a:6b:
61:9e:60:f1:d0:54:7a:6b:6b:5a:a1:e6:10:2e:3a:
ea:c4:dd:7a:6e:cb:2e:08:5a:28:ae:e3:de:d7:01:
7d:a8:0c:aa:2e:e2:07:54:94:5f:8c:e2:f9:58:a3:
47:e1:9d:cf:3d:79:6b:d1:4a:6b:a6:12:ea:9b:fd:
ec:00:71:67:bd:6a:d3:de:5a:87:20:70:bb:c4:d0:
a4:4b:b0:40:0d:6b:70:13:44:11:ae:d6:41:4a:e4:
34:32:35:94:c8:22:5d:10:8b:55:dc:3d:d7:3f:86:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B2:BE:5D:1E:2B:4C:D1:53:12:76:E8:20:94:FC:AD:C2:83:C5:6E
X509v3 Authority Key Identifier:
keyid:5B:1A:2C:F2:F1:37:45:EE:1B:BF:7F:0A:74:BE:AD:3C:E5:07:48:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wxos8vE3Re4bv38KdL6tPOUHSFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/L7K-XR4rTNFTEnboIJT8rcKDxW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/24f02d-b23a-4c81-91f0-7f9025e53109/1/Wxos8vE3Re4bv38KdL6tPOUHSFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.58.0/24
IPv6:
2001:678:d98::/48
2001:678:d9c::/48
Signature Algorithm: sha256WithRSAEncryption
21:21:ab:fb:92:dc:50:73:bc:f7:85:40:6a:af:58:e8:57:88:
7b:5f:04:61:de:75:f6:b9:28:35:bc:95:24:6c:a5:e9:a6:8c:
dd:df:91:32:30:a1:d6:81:d2:7b:13:42:28:68:c1:14:a1:9c:
de:a1:4c:8e:1b:f7:f8:98:95:57:f0:a9:22:ef:73:f3:65:27:
49:c5:42:02:49:11:90:fb:dd:c9:2d:4e:7e:d1:86:11:99:4a:
b1:07:2a:bc:81:bc:b8:b8:21:38:90:99:e6:47:3c:78:c8:2b:
ed:18:bb:15:a3:09:83:fb:3c:0e:12:bf:64:ca:18:bd:42:48:
c2:ba:81:af:d5:b3:2a:bf:9c:fb:17:35:73:3a:a9:9c:1d:63:
fe:e3:da:17:b1:9c:a0:a0:bd:ed:d7:81:1e:69:b1:0c:37:35:
96:18:bd:5d:27:67:50:ca:fd:85:24:15:ca:a4:a0:9f:d6:b3:
4e:52:05:e0:2a:9b:67:97:cd:b8:23:07:2c:a7:f7:ad:fa:9b:
0a:09:91:ca:ca:0f:75:44:78:2b:a8:5e:8c:ed:e3:c2:51:11:
d9:23:46:78:41:77:f1:de:08:41:30:ed:77:22:9f:f6:91:62:
28:d2:4a:d1:cb:5e:7a:74:09:84:9c:ee:5e:e4:df:e4:e1:58:
81:c8:82:ae
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIgQVc+5suYrnJTF7MzbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMWEyY2YyZjEzNzQ1ZWUxYmJmN2YwYTc0YmVhZDNjZTUw
NzQ4NTUwHhcNMjUwMTAyMDM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIyYmU1ZDFlMmI0Y2QxNTMxMjc2ZTgyMDk0ZmNhZGMyODNjNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/4qF+oetSpmmTpDWcZKa6VDjYuM
YHGtvStMsY4gk+jYMTTr8ZenUhJhY91T035cdM7OuPj2+1taDdInhIKp5/fmhX1T
bg8EqBALhllnt47ABRz6Ki7N3cnEcHBXZPFxb/P+PNZwXrqPhE3Q/QaxJg+yga6G
N4N/Ncb0wrar5d6ARms7X3at+6qfwd840S740paNKmthnmDx0FR6a2taoeYQLjrq
xN16bssuCFooruPe1wF9qAyqLuIHVJRfjOL5WKNH4Z3PPXlr0UprphLqm/3sAHFn
vWrT3lqHIHC7xNCkS7BADWtwE0QRrtZBSuQ0MjWUyCJdEItV3D3XP4agmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC+yvl0eK0zRUxJ26CCU/K3Cg8VuMB8GA1UdIwQY
MBaAFFsaLPLxN0XuG79/CnS+rTzlB0hVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAt
N2Y5MDI1ZTUzMTA5LzEvTDdLLVhSNHJUTkZURW5ib0lKVDhyY0tEeFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yNGYwMmQtYjIzYS00YzgxLTkxZjAtN2Y5MDI1ZTUzMTA5
LzEvV3hvczh2RTNSZTRidjM4S2RMNnRQT1VIU0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW8Y6MBgE
AgACMBIDBwAgAQZ4DZgDBwAgAQZ4DZwwDQYJKoZIhvcNAQELBQADggEBACEhq/uS
3FBzvPeFQGqvWOhXiHtfBGHedfa5KDW8lSRspemmjN3fkTIwodaB0nsTQihowRSh
nN6hTI4b9/iYlVfwqSLvc/NlJ0nFQgJJEZD73cktTn7RhhGZSrEHKryBvLi4ITiQ
meZHPHjIK+0YuxWjCYP7PA4Sv2TKGL1CSMK6ga/Vsyq/nPsXNXM6qZwdY/7j2hex
nKCgve3XgR5psQw3NZYYvV0nZ1DK/YUkFcqkoJ/Ws05SBeAqm2eXzbgjByyn9636
mwoJkcrKD3VEeCuoXozt48JREdkjRnhBd/HeCEEw7Xcin/aRYijSStHLXnp0CYSc
7l7k3+ThWIHIgq4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:33 2025 by rpki-client on console.sobornost.net