Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/rEm8DnSRjF-eOZ8W-19-W5YBOlI.roa
File: rEm8DnSRjF-eOZ8W-19-W5YBOlI.roa (raw, json)
Hash identifier: oKxbV7NuBt8nP02xM3KhblNP7v+2Q4dV/sQu1W1Wh/I=
Subject key identifier: AC:49:BC:0E:74:91:8C:5F:9E:39:9F:16:FB:5F:7E:5B:96:01:3A:52
Certificate issuer: /CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Certificate serial: 019422FBBDAD69C4499FB1146369C5525D63
Authority key identifier: A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/rEm8DnSRjF-eOZ8W-19-W5YBOlI.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44655
IP address blocks: 91.202.124.0/22 maxlen: 22
2001:67c:740::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bd:ad:69:c4:49:9f:b1:14:63:69:c5:52:5d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a77720c7dc1dc3edd1d0d47f923bcd833f06af36
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac49bc0e74918c5f9e399f16fb5f7e5b96013a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:af:a4:45:75:0e:13:01:3e:75:45:0b:fd:
59:87:37:c0:d6:c3:b9:6e:aa:54:eb:7e:79:9b:65:
09:f4:8e:d2:a9:a8:04:36:7d:ff:92:81:64:1a:56:
2a:c2:55:b6:14:a7:63:e8:74:77:36:6e:42:60:a0:
f7:d0:61:07:01:bb:c8:4e:53:c7:4d:fb:01:c5:bb:
e6:b7:e2:18:dc:44:47:1a:d8:bc:41:36:16:1f:96:
26:bd:90:f1:a4:dd:f6:10:de:0e:67:db:38:48:81:
9a:91:a3:31:0f:33:ff:27:52:39:66:f2:8d:d0:dd:
3b:06:06:d8:2d:df:91:f0:14:93:26:29:b9:60:87:
c0:46:af:b0:89:c7:31:6c:ff:77:3d:99:79:f4:fa:
82:07:d1:55:93:86:57:9a:16:42:5f:92:43:27:a1:
62:d5:b7:3a:a4:ab:be:e0:44:56:fc:29:bb:be:26:
34:f0:44:9e:41:99:b6:a0:25:49:76:3b:26:ee:11:
8b:2c:83:d3:2d:1c:8c:08:50:d3:9d:1f:21:8e:03:
51:f3:b3:ab:39:f7:21:98:c3:26:d0:39:aa:8b:5c:
b2:43:91:03:95:8a:24:bd:84:c1:d1:26:64:ab:52:
a0:bb:97:07:be:d3:17:ea:b7:55:f4:c5:57:a7:f3:
cd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:49:BC:0E:74:91:8C:5F:9E:39:9F:16:FB:5F:7E:5B:96:01:3A:52
X509v3 Authority Key Identifier:
keyid:A7:77:20:C7:DC:1D:C3:ED:D1:D0:D4:7F:92:3B:CD:83:3F:06:AF:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3cgx9wdw-3R0NR_kjvNgz8GrzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/rEm8DnSRjF-eOZ8W-19-W5YBOlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ba7219-ad7c-48b0-9c96-17228cef0049/1/p3cgx9wdw-3R0NR_kjvNgz8GrzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.124.0/22
IPv6:
2001:67c:740::/48
Signature Algorithm: sha256WithRSAEncryption
3d:0f:2f:83:eb:0e:05:c9:04:0c:1b:1d:9a:66:0d:70:ff:76:
c1:45:e9:12:37:58:ac:ef:f3:77:a5:4c:36:9f:f2:81:bb:61:
d2:18:e4:3a:ce:c6:a5:7c:1a:3a:44:64:36:be:84:f9:c4:6e:
f7:23:2e:63:70:e5:89:82:b9:c8:d7:0f:97:86:6e:14:c6:2e:
47:70:ba:31:4c:a7:47:59:c8:ed:ff:4e:4f:0a:b1:e3:1b:d8:
c0:37:1d:96:9a:dd:2a:08:a1:07:a8:55:bc:5f:50:23:68:52:
02:16:11:b7:e4:68:32:2e:e1:95:f8:ed:f8:cd:db:a5:9c:87:
d0:ec:58:b3:e0:02:cd:3b:af:ae:b7:d2:5c:15:8e:8b:0d:11:
b9:5c:fa:8e:a5:23:5f:5c:52:be:82:94:c4:7a:2d:d5:aa:38:
39:c7:18:aa:b2:4b:e6:a0:fb:68:9c:93:44:70:04:a6:52:36:
e5:32:d2:d8:32:7b:df:04:05:30:43:a0:6c:bc:c3:e8:55:45:
35:8a:d1:22:3c:88:ad:88:3e:3b:eb:35:a3:b3:19:cf:77:31:
2b:01:29:f5:2d:65:0b:59:3e:7e:b8:73:ed:47:3c:7a:26:a9:
7d:a6:47:8a:52:7c:d2:51:07:fd:42:d5:ee:b5:b6:aa:26:7b:
c8:b1:63:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi+72tacRJn7EUY2nFUl1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NzcyMGM3ZGMxZGMzZWRkMWQwZDQ3ZjkyM2JjZDgzM2Yw
NmFmMzYwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQ5YmMwZTc0OTE4YzVmOWUzOTlmMTZmYjVmN2U1Yjk2MDEzYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLOvpEV1DhMBPnVFC/1ZhzfA1sO5
bqpU6355m2UJ9I7SqagENn3/koFkGlYqwlW2FKdj6HR3Nm5CYKD30GEHAbvITlPH
TfsBxbvmt+IY3ERHGti8QTYWH5YmvZDxpN32EN4OZ9s4SIGakaMxDzP/J1I5ZvKN
0N07BgbYLd+R8BSTJim5YIfARq+wiccxbP93PZl59PqCB9FVk4ZXmhZCX5JDJ6Fi
1bc6pKu+4ERW/Cm7viY08ESeQZm2oCVJdjsm7hGLLIPTLRyMCFDTnR8hjgNR87Or
OfchmMMm0Dmqi1yyQ5EDlYokvYTB0SZkq1Kgu5cHvtMX6rdV9MVXp/PNvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKxJvA50kYxfnjmfFvtffluWATpSMB8GA1UdIwQY
MBaAFKd3IMfcHcPt0dDUf5I7zYM/Bq82MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYt
MTcyMjhjZWYwMDQ5LzEvckVtOERuU1JqRi1lT1o4Vy0xOS1XNVlCT2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iYTcyMTktYWQ3Yy00OGIwLTljOTYtMTcyMjhjZWYwMDQ5
LzEvcDNjZ3g5d2R3LTNSME5SX2tqdk5nejhHcnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8p8MA8E
AgACMAkDBwAgAQZ8B0AwDQYJKoZIhvcNAQELBQADggEBAD0PL4PrDgXJBAwbHZpm
DXD/dsFF6RI3WKzv83elTDaf8oG7YdIY5DrOxqV8GjpEZDa+hPnEbvcjLmNw5YmC
ucjXD5eGbhTGLkdwujFMp0dZyO3/Tk8KseMb2MA3HZaa3SoIoQeoVbxfUCNoUgIW
EbfkaDIu4ZX47fjN26Wch9DsWLPgAs07r6630lwVjosNEblc+o6lI19cUr6ClMR6
LdWqODnHGKqyS+ag+2ick0RwBKZSNuUy0tgye98EBTBDoGy8w+hVRTWK0SI8iK2I
PjvrNaOzGc93MSsBKfUtZQtZPn64c+1HPHomqX2mR4pSfNJRB/1C1e61tqome8ix
YyE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:54 2025 by rpki-client on console.sobornost.net