Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/kT96Syix82Ksegk49TAUeSUGMVc.roa
File: kT96Syix82Ksegk49TAUeSUGMVc.roa (raw, json)
Hash identifier: d9BAb8ybDMu+8NvAhemfJFOhiARZSFEf5iHfB6YfEWg=
Subject key identifier: 91:3F:7A:4B:28:B1:F3:62:AC:7A:09:38:F5:30:14:79:25:06:31:57
Certificate issuer: /CN=0ee3d4d810f2477841a8b85593b8f30e8aecd409
Certificate serial: 01941FFA7C6DC6CC0F0F3EE206A019C31BEC
Authority key identifier: 0E:E3:D4:D8:10:F2:47:78:41:A8:B8:55:93:B8:F3:0E:8A:EC:D4:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DuPU2BDyR3hBqLhVk7jzDors1Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/kT96Syix82Ksegk49TAUeSUGMVc.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58138
IP address blocks: 91.239.32.0/23 maxlen: 24
185.43.80.0/22 maxlen: 24
2a04:9040::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7c:6d:c6:cc:0f:0f:3e:e2:06:a0:19:c3:1b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ee3d4d810f2477841a8b85593b8f30e8aecd409
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=913f7a4b28b1f362ac7a0938f530147925063157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:60:95:08:91:c7:9e:73:10:b4:a9:4c:14:6b:
d5:4e:be:a1:d4:55:86:95:96:b4:7f:bd:ed:69:8a:
0e:05:af:56:6f:e7:00:4f:8f:de:df:88:e4:82:19:
63:8d:2c:e3:89:41:18:c0:c4:b2:a8:28:e2:58:a6:
45:3a:b6:ef:72:40:77:37:6f:37:31:77:c5:7c:1b:
12:9b:3e:88:f2:f2:12:a9:93:89:a3:cf:9d:d9:30:
66:71:45:85:f7:f8:ce:6c:26:1e:8e:ca:30:20:27:
e4:76:54:52:ee:50:bd:f3:62:4f:b9:65:a2:eb:cd:
b4:60:84:dc:94:63:19:3a:1f:fa:a5:e9:16:99:a8:
a7:5b:57:e7:e6:7f:fc:ae:2e:92:b1:b2:76:73:50:
83:27:15:f3:26:55:9a:0b:9a:56:d2:a3:ac:7c:ba:
72:5c:6a:f6:29:75:98:29:9c:89:1a:74:83:3c:ed:
ad:94:2a:16:ec:28:dd:ef:2e:be:ae:66:46:57:b4:
a3:b0:17:64:fe:fe:7f:b9:8e:e7:47:a0:f5:85:0f:
fb:29:0b:cb:aa:18:3e:87:82:c9:9b:7e:aa:5e:d1:
4b:e9:4f:b6:18:50:0c:f2:26:b1:23:f3:40:21:b5:
b5:ae:68:27:df:f4:b2:64:2d:f8:78:05:de:c6:7f:
25:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3F:7A:4B:28:B1:F3:62:AC:7A:09:38:F5:30:14:79:25:06:31:57
X509v3 Authority Key Identifier:
keyid:0E:E3:D4:D8:10:F2:47:78:41:A8:B8:55:93:B8:F3:0E:8A:EC:D4:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DuPU2BDyR3hBqLhVk7jzDors1Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/kT96Syix82Ksegk49TAUeSUGMVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/DuPU2BDyR3hBqLhVk7jzDors1Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.32.0/23
185.43.80.0/22
IPv6:
2a04:9040::/29
Signature Algorithm: sha256WithRSAEncryption
aa:c8:16:a6:f8:86:79:e7:1f:cc:23:13:a0:92:cb:7c:c8:78:
70:2a:9b:1e:66:0f:13:90:43:32:23:25:47:0b:96:a3:03:0c:
00:65:a6:49:75:0d:de:f5:4f:e2:6a:79:ea:b0:6a:38:e8:45:
5a:94:28:9b:c3:85:a5:4d:a3:fe:a8:59:32:46:30:84:c2:4d:
16:f6:2d:98:fd:1b:fb:42:d8:96:72:49:97:1a:b8:2d:f6:65:
a2:29:f1:f4:5e:b5:04:c8:63:8d:4e:bd:9f:29:ae:cf:fa:45:
87:6f:fc:15:41:f6:80:e1:94:f6:2f:98:92:89:9c:eb:e9:2b:
1c:67:9a:03:e0:8e:a7:8d:3b:4e:f6:1f:79:44:8b:64:60:8f:
d7:da:a3:db:8b:12:0f:d7:5e:96:53:49:e2:3c:6a:f8:74:36:
92:f6:76:02:8a:3b:20:85:94:93:82:d6:95:ab:d9:be:c4:53:
a4:71:9e:c1:63:87:d9:42:ac:9e:e0:d1:02:b7:6e:b6:db:be:
2a:29:2a:03:97:9a:09:61:24:83:e0:1c:e5:4a:0f:3e:9c:3b:
2b:25:82:71:12:ad:f8:a9:61:a1:f3:04:6c:bd:ce:07:7c:f2:
5f:e8:00:bb:55:ae:31:00:45:df:52:0d:0b:61:7c:d9:26:19:
bd:43:7c:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+nxtxswPDz7iBqAZwxvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZTNkNGQ4MTBmMjQ3Nzg0MWE4Yjg1NTkzYjhmMzBlOGFl
Y2Q0MDkwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNmN2E0YjI4YjFmMzYyYWM3YTA5MzhmNTMwMTQ3OTI1MDYzMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGCVCJHHnnMQtKlMFGvVTr6h1FWG
lZa0f73taYoOBa9Wb+cAT4/e34jkghljjSzjiUEYwMSyqCjiWKZFOrbvckB3N283
MXfFfBsSmz6I8vISqZOJo8+d2TBmcUWF9/jObCYejsowICfkdlRS7lC982JPuWWi
6820YITclGMZOh/6pekWmainW1fn5n/8ri6SsbJ2c1CDJxXzJlWaC5pW0qOsfLpy
XGr2KXWYKZyJGnSDPO2tlCoW7Cjd7y6+rmZGV7SjsBdk/v5/uY7nR6D1hQ/7KQvL
qhg+h4LJm36qXtFL6U+2GFAM8iaxI/NAIbW1rmgn3/SyZC34eAXexn8l5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJE/eksosfNirHoJOPUwFHklBjFXMB8GA1UdIwQY
MBaAFA7j1NgQ8kd4Qai4VZO48w6K7NQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHVQVTJCRHlSM2hCcUxoVms3anpEb3JzMUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmM2ZGItNDU3Ni00ZjFiLTg2NzIt
YzMzMjZhZDJjZjhmLzEva1Q5NlN5aXg4MktzZWdrNDlUQVVlU1VHTVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmM2ZGItNDU3Ni00ZjFiLTg2NzItYzMzMjZhZDJjZjhm
LzEvRHVQVTJCRHlSM2hCcUxoVms3anpEb3JzMUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+8gAwQC
uStQMA0EAgACMAcDBQMqBJBAMA0GCSqGSIb3DQEBCwUAA4IBAQCqyBam+IZ55x/M
IxOgkst8yHhwKpseZg8TkEMyIyVHC5ajAwwAZaZJdQ3e9U/iannqsGo46EValCib
w4WlTaP+qFkyRjCEwk0W9i2Y/Rv7QtiWckmXGrgt9mWiKfH0XrUEyGONTr2fKa7P
+kWHb/wVQfaA4ZT2L5iSiZzr6SscZ5oD4I6njTtO9h95RItkYI/X2qPbixIP116W
U0niPGr4dDaS9nYCijsghZSTgtaVq9m+xFOkcZ7BY4fZQqye4NECt262274qKSoD
l5oJYSSD4BzlSg8+nDsrJYJxEq34qWGh8wRsvc4HfPJf6AC7Va4xAEXfUg0LYXzZ
Jhm9Q3wt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net