Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/PYkAjVi-cL8YN88rzZYetquYlEI.roa
File: PYkAjVi-cL8YN88rzZYetquYlEI.roa (raw, json)
Hash identifier: Bkzz/gNbGNuCgszV6UDZARXya+u9kc2E711f4IbffiA=
Subject key identifier: 3D:89:00:8D:58:BE:70:BF:18:37:CF:2B:CD:96:1E:B6:AB:98:94:42
Certificate issuer: /CN=7ffb0115c4acddd1b4adc4073780726acfc01af9
Certificate serial: 01941FFA93D7A07890DD2A8BDE1F8480F4CA
Authority key identifier: 7F:FB:01:15:C4:AC:DD:D1:B4:AD:C4:07:37:80:72:6A:CF:C0:1A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f_sBFcSs3dG0rcQHN4Byas_AGvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/PYkAjVi-cL8YN88rzZYetquYlEI.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31129
IP address blocks: 91.211.252.0/22 maxlen: 24
91.211.253.0/24 maxlen: 24
193.23.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:93:d7:a0:78:90:dd:2a:8b:de:1f:84:80:f4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ffb0115c4acddd1b4adc4073780726acfc01af9
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d89008d58be70bf1837cf2bcd961eb6ab989442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5e:da:bd:0e:6d:11:98:d8:67:35:ca:81:7f:
27:3d:ef:3d:71:22:e1:67:ca:f3:32:dc:da:2d:8a:
ef:81:7f:04:83:68:d7:4f:55:76:fb:12:6e:2b:b6:
c6:0b:a0:7c:7e:ea:68:18:52:13:b2:0f:4f:ac:e3:
20:61:6f:8b:57:22:d3:36:fb:ad:34:8f:10:b8:63:
d7:e2:7e:d1:58:34:23:74:ba:12:1e:51:47:44:3d:
bd:0c:c7:d9:19:c4:f5:32:9d:84:fa:58:55:08:92:
db:64:e6:6f:18:10:4b:14:13:5d:2b:3a:ab:ea:71:
9a:34:53:53:29:4b:9b:8e:84:32:bd:9c:09:d9:73:
2e:b2:78:a3:68:0e:91:be:6b:71:79:3d:c3:e2:c1:
fb:e8:7e:b4:9b:c2:9d:ad:ac:a6:a8:14:15:29:5b:
e8:39:21:2d:7f:c8:fa:ad:b1:6b:6d:8d:c8:d7:00:
4a:07:bb:bd:85:a0:f4:bb:ab:2b:95:48:3a:6a:d1:
ea:65:06:ce:15:d9:0a:a5:a8:91:85:68:b6:96:f5:
5f:43:01:a8:ff:2d:d2:d3:fe:5d:9a:0a:3f:6e:23:
18:cb:00:4e:d3:08:0e:b7:e3:c8:69:72:5e:06:76:
08:6e:9b:49:1a:8a:c7:cb:f8:c3:c5:f6:dc:df:37:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:89:00:8D:58:BE:70:BF:18:37:CF:2B:CD:96:1E:B6:AB:98:94:42
X509v3 Authority Key Identifier:
keyid:7F:FB:01:15:C4:AC:DD:D1:B4:AD:C4:07:37:80:72:6A:CF:C0:1A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f_sBFcSs3dG0rcQHN4Byas_AGvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/PYkAjVi-cL8YN88rzZYetquYlEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5268fc-cfee-4aa8-97bf-cbe020665efe/1/f_sBFcSs3dG0rcQHN4Byas_AGvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.252.0/22
193.23.51.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:a9:72:c4:b7:18:dc:2a:9e:ad:85:9a:a6:22:da:46:0c:11:
5f:0a:aa:17:c0:b4:e2:39:75:1e:85:9c:21:06:f7:db:da:b8:
44:9e:d5:9d:8a:28:46:5f:f2:9e:40:ca:e8:f8:21:23:f0:e9:
0d:4c:f5:9a:87:1f:d6:ee:2f:ae:37:c0:a8:d8:ad:82:00:0f:
65:51:37:d3:5f:c0:38:15:0d:73:cc:72:af:2c:2b:c4:79:96:
9c:23:3c:27:6b:63:6f:2f:92:29:e0:6a:84:79:59:4d:21:68:
a5:71:96:1a:31:ca:7a:98:f5:c4:02:1f:fc:bc:f6:f9:90:db:
7d:1d:58:7e:7f:d8:e3:80:a7:5e:98:c6:1f:87:29:72:fb:84:
50:68:82:53:d2:86:fa:74:0a:28:f0:eb:05:2c:b4:b0:81:2c:
10:30:10:35:44:e1:bb:0a:4f:ad:aa:0e:c3:39:47:25:8e:70:
18:4e:06:14:7a:d5:c7:7d:e0:b1:2d:8b:71:30:9e:53:c6:38:
c5:bc:e0:85:65:ea:ae:b7:77:5c:53:16:d8:5e:81:05:f4:7e:
8e:bf:f9:ba:9d:95:f3:80:3e:7f:ee:2e:c8:be:00:6c:74:9d:
a4:61:98:2c:b1:36:85:0e:43:74:26:70:46:76:e4:fa:32:d8:
26:12:7c:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+pPXoHiQ3SqL3h+EgPTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZmIwMTE1YzRhY2RkZDFiNGFkYzQwNzM3ODA3MjZhY2Zj
MDFhZjkwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg5MDA4ZDU4YmU3MGJmMTgzN2NmMmJjZDk2MWViNmFiOTg5NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv17avQ5tEZjYZzXKgX8nPe89cSLh
Z8rzMtzaLYrvgX8Eg2jXT1V2+xJuK7bGC6B8fupoGFITsg9PrOMgYW+LVyLTNvut
NI8QuGPX4n7RWDQjdLoSHlFHRD29DMfZGcT1Mp2E+lhVCJLbZOZvGBBLFBNdKzqr
6nGaNFNTKUubjoQyvZwJ2XMusnijaA6RvmtxeT3D4sH76H60m8KdraymqBQVKVvo
OSEtf8j6rbFrbY3I1wBKB7u9haD0u6srlUg6atHqZQbOFdkKpaiRhWi2lvVfQwGo
/y3S0/5dmgo/biMYywBO0wgOt+PIaXJeBnYIbptJGorHy/jDxfbc3zcr4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2JAI1YvnC/GDfPK82WHrarmJRCMB8GA1UdIwQY
MBaAFH/7ARXErN3RtK3EBzeAcmrPwBr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZl9zQkZjU3MzZEcwcmNRSE40Qnlhc19BR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81MjY4ZmMtY2ZlZS00YWE4LTk3YmYt
Y2JlMDIwNjY1ZWZlLzEvUFlrQWpWaS1jTDhZTjg4cnpaWWV0cXVZbEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81MjY4ZmMtY2ZlZS00YWE4LTk3YmYtY2JlMDIwNjY1ZWZl
LzEvZl9zQkZjU3MzZEcwcmNRSE40Qnlhc19BR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9P8AwQA
wRczMA0GCSqGSIb3DQEBCwUAA4IBAQDiqXLEtxjcKp6thZqmItpGDBFfCqoXwLTi
OXUehZwhBvfb2rhEntWdiihGX/KeQMro+CEj8OkNTPWahx/W7i+uN8Co2K2CAA9l
UTfTX8A4FQ1zzHKvLCvEeZacIzwna2NvL5Ip4GqEeVlNIWilcZYaMcp6mPXEAh/8
vPb5kNt9HVh+f9jjgKdemMYfhyly+4RQaIJT0ob6dAoo8OsFLLSwgSwQMBA1ROG7
Ck+tqg7DOUcljnAYTgYUetXHfeCxLYtxMJ5TxjjFvOCFZequt3dcUxbYXoEF9H6O
v/m6nZXzgD5/7i7IvgBsdJ2kYZgssTaFDkN0JnBGduT6MtgmEnwo
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:34 2025 by rpki-client on console.sobornost.net