Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/B5IPw2to02EUzOiZAkDMZAMJU40.roa
File: B5IPw2to02EUzOiZAkDMZAMJU40.roa (raw, json)
Hash identifier: SqPGfdHaKQmJHjb0Md5WPKQZqfqDkbS8MZiJDiQQgE0=
Subject key identifier: 07:92:0F:C3:6B:68:D3:61:14:CC:E8:99:02:40:CC:64:03:09:53:8D
Certificate issuer: /CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Certificate serial: 019422FC35D7343AD192766108B775723DBB
Authority key identifier: C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/B5IPw2to02EUzOiZAkDMZAMJU40.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47626
IP address blocks: 91.205.190.0/23 maxlen: 23
176.118.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:d7:34:3a:d1:92:76:61:08:b7:75:72:3d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07920fc36b68d36114cce8990240cc640309538d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:93:c7:80:b0:e0:c5:0e:dc:4c:9e:45:a3:a3:
cc:59:e1:1c:13:24:3c:44:3e:06:c7:50:ef:5d:99:
2a:3b:5e:0c:13:70:0b:86:86:a4:8b:39:9b:de:35:
57:e5:49:94:af:68:27:ad:48:75:00:2e:af:2f:1d:
ae:b3:cb:f1:bc:fb:7a:79:b2:cf:e9:3d:f1:71:3d:
ee:bc:61:8d:4f:af:8d:d2:0e:a0:a8:0b:f4:74:83:
ce:59:74:35:17:32:81:1b:9e:9e:ec:46:40:31:53:
04:ee:99:50:9d:6a:96:60:10:4b:36:f7:62:2c:e7:
50:96:0d:b6:30:01:66:a9:6c:b5:91:83:e8:1c:76:
c6:53:c7:a5:fe:1c:ad:23:5e:86:29:4c:30:9e:58:
fd:01:f5:22:3e:3e:71:c1:f2:a4:d6:86:05:32:63:
87:f6:a3:9d:87:ae:24:d8:9b:a1:cb:b0:49:68:3d:
28:81:e7:b9:32:d4:71:90:2c:94:03:9f:f3:57:d2:
8c:43:aa:4d:32:1d:aa:77:1a:41:1d:f5:3d:0c:6f:
10:45:67:75:05:98:c7:5a:97:50:62:94:a3:87:84:
38:a8:b5:5f:9d:76:1f:c5:4e:c0:66:53:c1:b7:77:
32:5d:48:40:d0:80:d4:81:6b:7a:22:50:42:9b:94:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:92:0F:C3:6B:68:D3:61:14:CC:E8:99:02:40:CC:64:03:09:53:8D
X509v3 Authority Key Identifier:
keyid:C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/B5IPw2to02EUzOiZAkDMZAMJU40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.190.0/23
176.118.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:56:6e:6e:d3:44:2e:1e:e7:a7:e2:05:ca:e2:54:6d:38:d1:
95:f9:7a:77:d2:68:6d:29:7c:25:82:d7:63:44:3e:eb:39:86:
23:1f:30:b2:e1:0f:0d:f8:19:b3:35:8b:b2:0e:65:64:b7:ef:
13:c0:37:84:e0:1b:5e:11:f0:e3:1b:8e:36:cc:68:23:eb:ca:
bd:d9:51:e0:21:f1:3d:8c:12:69:bc:ed:a8:78:ef:d2:fd:f3:
ac:5d:a0:d3:ed:43:8a:45:b8:2c:c1:e7:f0:22:b9:ab:47:71:
89:24:84:82:42:4f:f8:c4:9a:24:cd:eb:0c:71:c2:76:57:34:
2d:b2:f9:14:3a:d0:b3:fa:85:79:9c:13:1e:83:9f:aa:bb:c4:
7f:e0:d3:9b:35:83:e0:0b:f2:5c:0e:62:7d:b4:9d:0d:fc:78:
1e:9f:c2:95:01:55:71:e1:b6:e2:d3:ee:54:c7:2c:8c:e2:7b:
84:ca:46:37:ee:c7:9c:83:8b:12:6b:c0:49:52:ee:c6:b8:6f:
b3:1c:01:ec:08:54:34:0d:12:b2:e4:be:38:d2:7f:17:4f:a7:
e1:0b:e0:8b:24:ac:c0:19:d1:08:4f:a9:e7:ee:44:65:06:4a:
61:a2:1e:9b:ba:ad:4c:9b:8f:f8:b6:51:0c:c7:e4:8f:6a:df:
d1:86:2d:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/DXXNDrRknZhCLd1cj27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MmE1MjRmOWIxYjM4MDFkYmQ3Yzg5YTE2MGFlYzA3NmI1
N2U3MjkwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkyMGZjMzZiNjhkMzYxMTRjY2U4OTkwMjQwY2M2NDAzMDk1MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5PHgLDgxQ7cTJ5Fo6PMWeEcEyQ8
RD4Gx1DvXZkqO14ME3ALhoakizmb3jVX5UmUr2gnrUh1AC6vLx2us8vxvPt6ebLP
6T3xcT3uvGGNT6+N0g6gqAv0dIPOWXQ1FzKBG56e7EZAMVME7plQnWqWYBBLNvdi
LOdQlg22MAFmqWy1kYPoHHbGU8el/hytI16GKUwwnlj9AfUiPj5xwfKk1oYFMmOH
9qOdh64k2Juhy7BJaD0ogee5MtRxkCyUA5/zV9KMQ6pNMh2qdxpBHfU9DG8QRWd1
BZjHWpdQYpSjh4Q4qLVfnXYfxU7AZlPBt3cyXUhA0IDUgWt6IlBCm5TcBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAeSD8NraNNhFMzomQJAzGQDCVONMB8GA1UdIwQY
MBaAFMcqUk+bGzgB29fImhYK7AdrV+cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYt
ZDdhNjg0YTU3YjE5LzEvQjVJUHcydG8wMkVVek9pWkFrRE1aQU1KVTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYtZDdhNjg0YTU3YjE5
LzEveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW82+AwQF
sHbgMA0GCSqGSIb3DQEBCwUAA4IBAQBMVm5u00QuHuen4gXK4lRtONGV+Xp30mht
KXwlgtdjRD7rOYYjHzCy4Q8N+BmzNYuyDmVkt+8TwDeE4BteEfDjG442zGgj68q9
2VHgIfE9jBJpvO2oeO/S/fOsXaDT7UOKRbgswefwIrmrR3GJJISCQk/4xJokzesM
ccJ2VzQtsvkUOtCz+oV5nBMeg5+qu8R/4NObNYPgC/JcDmJ9tJ0N/Hgen8KVAVVx
4bbi0+5UxyyM4nuEykY37secg4sSa8BJUu7GuG+zHAHsCFQ0DRKy5L440n8XT6fh
C+CLJKzAGdEIT6nn7kRlBkphoh6buq1Mm4/4tlEMx+SPat/Rhi0o
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:55 2025 by rpki-client on console.sobornost.net