Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/mN-Gq3CnQOseJQb6vbylzDVdWSg.roa
File: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (raw, json)
Hash identifier: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=
Subject key identifier: 98:DF:86:AB:70:A7:40:EB:1E:25:06:FA:BD:BC:A5:CC:35:5D:59:28
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 0194266B3CE07D664CDA8D89F3F08FE94A7F
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/mN-Gq3CnQOseJQb6vbylzDVdWSg.roa
Signing time: Thu 02 Jan 2025 09:49:09 +0000
ROA not before: Thu 02 Jan 2025 09:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58147
IP address blocks: 91.239.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3c:e0:7d:66:4c:da:8d:89:f3:f0:8f:e9:4a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Jan 2 09:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98df86ab70a740eb1e2506fabdbca5cc355d5928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c2:ab:5b:f7:6d:7e:a9:f0:a2:b2:e5:53:68:
16:c0:46:23:13:16:51:62:91:94:9b:9d:05:c3:26:
ad:78:16:5a:3f:a8:99:ec:8a:b9:9d:d9:77:9c:53:
ff:34:32:6b:93:1e:ca:36:c5:ce:54:0c:41:e5:ed:
43:b3:88:e6:96:bc:cf:d7:5c:87:4d:51:12:c7:55:
8d:b0:02:45:1c:84:eb:93:19:23:30:76:d1:8b:ce:
39:98:24:73:85:27:ac:b1:df:de:d2:21:a6:fa:1c:
19:e3:e0:34:6b:aa:03:64:e6:fa:7c:32:0c:c7:f8:
c5:37:71:62:89:dd:4c:6e:7e:ea:44:b8:01:1b:1f:
ff:57:f8:ba:fe:5e:32:4c:31:0a:d3:88:d1:61:48:
bc:c9:f8:5b:12:77:17:06:98:5f:e2:08:5d:f8:bc:
33:c1:83:9d:e4:6e:c4:74:01:c8:89:f1:ad:c9:af:
09:9d:c9:90:2f:f6:14:3b:46:87:db:6d:b5:ee:b0:
a9:78:35:7f:42:c2:bc:4a:c1:2f:07:3b:b2:a4:e5:
66:77:fa:4c:23:0a:16:6a:cd:7f:7a:00:13:1d:09:
05:fc:37:76:3f:0d:9d:49:1c:13:ff:8a:44:9c:fc:
e4:44:01:2f:9b:3f:32:15:77:df:34:6c:17:ab:32:
05:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DF:86:AB:70:A7:40:EB:1E:25:06:FA:BD:BC:A5:CC:35:5D:59:28
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/mN-Gq3CnQOseJQb6vbylzDVdWSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.60.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:6d:8b:4f:bd:54:67:02:9f:5a:71:55:88:f6:cc:54:f9:d7:
85:09:19:5b:68:65:87:61:44:91:87:10:84:82:99:13:57:73:
f4:51:e3:c8:99:ce:a7:cf:58:41:6f:66:ea:ab:ed:92:09:6a:
71:01:fa:2a:83:b9:44:5b:89:e9:8c:7d:b5:c0:b2:32:71:a5:
66:8a:08:da:9c:f2:2b:d5:a9:45:a4:6e:74:e8:77:68:29:e2:
78:f3:a8:0b:5e:23:d5:5d:67:a1:b6:d7:33:7b:65:c6:dc:0a:
c5:a8:9f:bd:c7:70:fd:57:84:81:b3:8c:1e:4f:c7:32:38:47:
5c:3b:5d:9b:91:dd:31:bb:74:72:1e:73:fd:18:fd:5f:59:8b:
cd:39:87:10:62:66:b8:e2:6e:7f:83:56:36:9f:f2:8e:20:09:
25:f8:66:f9:f4:0e:9f:11:f4:9f:1c:bd:ee:c6:fa:c8:92:2e:
82:44:99:3b:01:e9:4b:ea:d2:6b:90:ba:f3:d0:a5:cd:70:81:
69:11:8f:83:48:5e:bb:6c:06:b0:45:15:ac:03:90:88:bc:9b:
c0:ba:1d:a0:4b:85:5b:47:38:05:89:92:be:55:6c:cb:e3:8b:
7f:ab:d4:08:3e:07:7c:6e:84:3b:c0:de:48:9f:54:df:2f:cd:
0e:f7:66:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmazzgfWZM2o2J8/CP6Up/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjUwMTAyMDk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRmODZhYjcwYTc0MGViMWUyNTA2ZmFiZGJjYTVjYzM1NWQ1OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8KrW/dtfqnworLlU2gWwEYjExZR
YpGUm50FwyateBZaP6iZ7Iq5ndl3nFP/NDJrkx7KNsXOVAxB5e1Ds4jmlrzP11yH
TVESx1WNsAJFHITrkxkjMHbRi845mCRzhSessd/e0iGm+hwZ4+A0a6oDZOb6fDIM
x/jFN3Fiid1Mbn7qRLgBGx//V/i6/l4yTDEK04jRYUi8yfhbEncXBphf4ghd+Lwz
wYOd5G7EdAHIifGtya8JncmQL/YUO0aH22217rCpeDV/QsK8SsEvBzuypOVmd/pM
IwoWas1/egATHQkF/Dd2Pw2dSRwT/4pEnPzkRAEvmz8yFXffNGwXqzIFTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjfhqtwp0DrHiUG+r28pcw1XVkoMB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvbU4tR3EzQ25RT3NlSlFiNnZieWx6RFZkV1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+88MA0G
CSqGSIb3DQEBCwUAA4IBAQCObYtPvVRnAp9acVWI9sxU+deFCRlbaGWHYUSRhxCE
gpkTV3P0UePImc6nz1hBb2bqq+2SCWpxAfoqg7lEW4npjH21wLIycaVmigjanPIr
1alFpG506HdoKeJ486gLXiPVXWehttcze2XG3ArFqJ+9x3D9V4SBs4weT8cyOEdc
O12bkd0xu3RyHnP9GP1fWYvNOYcQYma44m5/g1Y2n/KOIAkl+Gb59A6fEfSfHL3u
xvrIki6CRJk7AelL6tJrkLrz0KXNcIFpEY+DSF67bAawRRWsA5CIvJvAuh2gS4Vb
RzgFiZK+VWzL44t/q9QIPgd8boQ7wN5In1TfL80O92Zz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net