Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/tKq2kTGwjRxV1VeF4yjWXlgGg4s.roa
File: tKq2kTGwjRxV1VeF4yjWXlgGg4s.roa (raw, json)
Hash identifier: 26irNsQZ2yFre3Oewun8lnjL981q/hQTWsn6QhKyj1Q=
Subject key identifier: B4:AA:B6:91:31:B0:8D:1C:55:D5:57:85:E3:28:D6:5E:58:06:83:8B
Certificate issuer: /CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Certificate serial: 019422FBB3FDBF6896A5D9D39D1AC3C2BD37
Authority key identifier: D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/tKq2kTGwjRxV1VeF4yjWXlgGg4s.roa
Signing time: Wed 01 Jan 2025 17:48:28 +0000
ROA not before: Wed 01 Jan 2025 17:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49724
IP address blocks: 91.215.220.0/22 maxlen: 22
91.215.220.0/24 maxlen: 24
91.215.221.0/24 maxlen: 24
91.215.222.0/23 maxlen: 23
188.0.160.0/19 maxlen: 19
188.0.160.0/20 maxlen: 20
188.0.162.0/24 maxlen: 24
188.0.166.0/23 maxlen: 23
188.0.169.0/24 maxlen: 24
188.0.175.0/24 maxlen: 24
188.0.176.0/21 maxlen: 21
188.0.178.0/24 maxlen: 24
188.0.179.0/24 maxlen: 24
188.0.180.0/24 maxlen: 24
188.0.183.0/24 maxlen: 24
188.0.184.0/22 maxlen: 22
188.0.186.0/24 maxlen: 24
188.0.188.0/24 maxlen: 24
188.0.189.0/24 maxlen: 24
188.0.190.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b3:fd:bf:68:96:a5:d9:d3:9d:1a:c3:c2:bd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Validity
Not Before: Jan 1 17:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4aab69131b08d1c55d55785e328d65e5806838b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:17:5d:ef:97:ef:3e:f1:c8:c3:83:d9:86:a4:
2d:12:7b:17:e3:b7:56:9b:fa:3a:d2:70:7d:a8:2d:
8b:ee:9e:c3:5e:2a:69:4b:e8:2b:5d:93:48:5e:81:
3a:80:88:5b:17:06:a5:c2:e4:d2:f0:91:71:80:08:
ed:c7:14:98:ae:8c:d2:21:c9:f9:71:03:89:b3:f4:
37:14:db:ba:4d:3d:7d:71:95:69:95:eb:88:83:ff:
1d:c5:25:d4:84:de:ce:cd:f8:d5:22:77:46:cf:7e:
cd:b1:a7:5f:7b:97:e8:54:8f:2a:8d:f1:41:e2:6b:
d4:40:13:f6:e4:52:47:72:7f:59:cf:df:10:69:84:
37:e6:de:5d:8f:4d:94:f5:cf:03:9a:21:e8:30:66:
8e:48:fc:55:29:9a:c2:d4:fc:f7:d3:8a:5f:a5:db:
f4:9a:93:ad:ec:ce:78:f0:2c:ea:e4:65:6c:d6:a9:
4f:3a:8f:8e:0e:0c:4b:eb:b9:87:70:72:63:8c:25:
b6:0d:92:a1:7d:17:a6:98:d1:d1:c0:88:ca:55:1d:
5a:1e:4f:fe:13:7c:e5:4f:cd:3a:17:28:be:39:4b:
4a:b9:8f:59:52:c5:df:a8:f3:59:ee:68:2a:e0:95:
3a:71:d8:0b:1b:12:bc:f3:01:53:eb:14:5c:1c:ee:
9d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AA:B6:91:31:B0:8D:1C:55:D5:57:85:E3:28:D6:5E:58:06:83:8B
X509v3 Authority Key Identifier:
keyid:D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/tKq2kTGwjRxV1VeF4yjWXlgGg4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.220.0/22
188.0.160.0/19
Signature Algorithm: sha256WithRSAEncryption
63:70:d5:94:69:8a:b3:e7:20:35:18:20:9b:09:33:f6:2d:e6:
d1:46:f9:f6:02:f4:a3:33:58:1c:bb:38:21:12:8a:de:da:e8:
71:e2:4c:6a:95:bf:b0:12:17:12:6a:9c:92:fe:79:32:f3:b1:
fe:70:e3:0e:5b:63:e3:e6:67:9b:d1:1b:76:cd:9e:2d:86:a6:
77:9d:a2:59:86:69:be:f3:b8:67:d9:e0:68:bc:2c:57:27:3f:
1a:c9:1e:cd:5f:e7:d2:2c:14:12:7a:2b:4a:ac:70:a2:5f:49:
94:71:5f:ad:49:3c:d3:2c:ff:e0:18:0f:38:80:24:14:d1:5f:
5b:42:7e:40:c3:1c:f0:86:d4:5c:8d:7c:ed:67:58:62:9e:2c:
16:3a:39:e4:1f:52:e3:70:10:8c:3d:60:76:51:5b:36:7f:2c:
7d:e7:f0:e9:95:a2:cc:02:1a:16:2c:f7:cf:71:f6:0d:a7:93:
15:76:fc:a4:16:a2:3d:50:86:55:b7:26:f0:57:4f:1e:90:03:
49:00:e0:1f:0e:32:71:d8:09:5f:10:fb:78:65:8a:f2:d5:c6:
2c:1d:69:85:77:0b:f0:01:a3:e5:3a:d2:c4:2c:83:55:d8:ba:
44:43:d5:e1:e4:58:af:eb:4f:c8:95:af:9d:1a:64:c1:a0:c9:
9c:11:ef:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+7P9v2iWpdnTnRrDwr03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZDM4ZjQ1OTcwNTFiNmMwZGRmMWJiODY2YWU0ZTk0NzAz
ZTE1NWUwHhcNMjUwMTAxMTc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFhYjY5MTMxYjA4ZDFjNTVkNTU3ODVlMzI4ZDY1ZTU4MDY4MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bdd75fvPvHIw4PZhqQtEnsX47dW
m/o60nB9qC2L7p7DXippS+grXZNIXoE6gIhbFwalwuTS8JFxgAjtxxSYrozSIcn5
cQOJs/Q3FNu6TT19cZVpleuIg/8dxSXUhN7OzfjVIndGz37Nsadfe5foVI8qjfFB
4mvUQBP25FJHcn9Zz98QaYQ35t5dj02U9c8DmiHoMGaOSPxVKZrC1Pz304pfpdv0
mpOt7M548Czq5GVs1qlPOo+ODgxL67mHcHJjjCW2DZKhfRemmNHRwIjKVR1aHk/+
E3zlT806Fyi+OUtKuY9ZUsXfqPNZ7mgq4JU6cdgLGxK88wFT6xRcHO6dLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSqtpExsI0cVdVXheMo1l5YBoOLMB8GA1UdIwQY
MBaAFNLTj0WXBRtsDd8buGauTpRwPhVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYt
YmM1Zjg5N2M3MjRhLzEvdEtxMmtUR3dqUnhWMVZlRjR5aldYbGdHZzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYtYmM1Zjg5N2M3MjRh
LzEvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9fcAwQF
vACgMA0GCSqGSIb3DQEBCwUAA4IBAQBjcNWUaYqz5yA1GCCbCTP2LebRRvn2AvSj
M1gcuzghEore2uhx4kxqlb+wEhcSapyS/nky87H+cOMOW2Pj5meb0Rt2zZ4thqZ3
naJZhmm+87hn2eBovCxXJz8ayR7NX+fSLBQSeitKrHCiX0mUcV+tSTzTLP/gGA84
gCQU0V9bQn5AwxzwhtRcjXztZ1hiniwWOjnkH1LjcBCMPWB2UVs2fyx95/DplaLM
AhoWLPfPcfYNp5MVdvykFqI9UIZVtybwV08ekANJAOAfDjJx2AlfEPt4ZYry1cYs
HWmFdwvwAaPlOtLELINV2LpEQ9Xh5Fiv60/Ila+dGmTBoMmcEe87
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:47 2025 by rpki-client on console.sobornost.net