Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/5YovwIx-DfYnXnDFJMr95lV97fM.roa
File: 5YovwIx-DfYnXnDFJMr95lV97fM.roa (raw, json)
Hash identifier: 0/AccKS7ESwqh7EBZGAQBHJV43ER12Y2X7ow/8sTA3k=
Subject key identifier: E5:8A:2F:C0:8C:7E:0D:F6:27:5E:70:C5:24:CA:FD:E6:55:7D:ED:F3
Certificate issuer: /CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Certificate serial: 019427B691DADD81D268836AE93B5B2E5CDF
Authority key identifier: E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/5YovwIx-DfYnXnDFJMr95lV97fM.roa
Signing time: Thu 02 Jan 2025 15:51:03 +0000
ROA not before: Thu 02 Jan 2025 15:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206882
IP address blocks: 91.205.4.0/22 maxlen: 22
91.206.194.0/23 maxlen: 24
103.198.80.0/23 maxlen: 24
193.135.112.0/22 maxlen: 24
193.238.120.0/22 maxlen: 24
194.187.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:91:da:dd:81:d2:68:83:6a:e9:3b:5b:2e:5c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Validity
Not Before: Jan 2 15:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e58a2fc08c7e0df6275e70c524cafde6557dedf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:ad:a3:3f:5f:8b:f9:89:ee:4e:80:e1:52:
e8:c8:d3:5c:34:ed:c4:49:03:f6:ea:70:8f:f2:b2:
20:70:93:ae:12:79:ee:92:5b:7c:c6:0f:72:c7:bf:
19:ac:ff:c4:93:17:95:7d:1e:f8:1d:78:c3:72:e0:
38:7b:15:b2:94:d5:dd:e7:fa:60:f8:e7:2b:ae:d9:
2c:eb:43:0f:b7:95:89:5e:f6:db:a0:ae:ef:3f:8b:
01:24:38:50:ac:8d:ba:35:1d:7e:d2:ba:e2:eb:1c:
d0:a0:69:c9:9f:90:0f:44:d7:e6:6a:9a:d8:e8:c6:
4a:f8:06:4c:53:8a:56:7f:84:1c:b2:20:88:c0:fb:
95:37:c9:b6:07:aa:02:3f:42:bb:e7:eb:4b:49:d0:
8a:50:f9:85:fc:fd:c2:7d:e8:bc:c3:9c:af:1b:6a:
0b:e8:16:26:c0:82:bc:bd:93:91:1f:16:a2:40:89:
a0:6a:2d:90:d6:e0:bb:5b:3f:11:1c:2a:5b:7a:40:
d1:14:b9:63:8a:27:42:60:43:4d:6d:37:a5:2f:d5:
e1:40:67:fa:0e:d6:f8:1a:ff:d7:ca:0c:80:56:b3:
65:c6:b9:10:fe:1d:8d:71:27:d2:75:6c:63:5f:4d:
5c:15:b8:39:42:a1:90:b8:ee:48:42:9d:80:8d:0e:
e0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8A:2F:C0:8C:7E:0D:F6:27:5E:70:C5:24:CA:FD:E6:55:7D:ED:F3
X509v3 Authority Key Identifier:
keyid:E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/5YovwIx-DfYnXnDFJMr95lV97fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.4.0/22
91.206.194.0/23
103.198.80.0/23
193.135.112.0/22
193.238.120.0/22
194.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
af:4e:69:24:67:fb:7b:ba:c5:95:2c:20:0e:79:2f:03:51:69:
5e:02:b2:97:f4:8e:3d:58:b6:8b:8f:fc:6e:83:59:72:13:d3:
65:5e:3e:f5:bf:99:2b:52:9d:d4:78:f3:59:9e:8e:66:24:ae:
66:e6:e6:c3:ce:3a:33:3a:5b:1d:7a:89:ad:be:42:88:e7:ff:
86:ba:e7:ae:74:c9:5a:9c:5a:1f:a2:8e:eb:46:4d:56:79:72:
02:19:18:8d:aa:de:e4:d7:b5:c0:e8:fb:4b:70:8d:dd:3c:5f:
64:95:bc:1b:49:da:0b:59:8a:cd:9f:4a:02:fc:a6:dc:fe:79:
5d:83:49:15:b7:b4:bd:58:fc:38:4f:6e:05:a8:59:30:f5:5f:
50:da:43:2f:cd:e6:03:3a:fb:45:20:8a:e1:c7:64:b2:54:21:
4e:2f:8b:be:b5:73:78:62:68:be:9c:24:09:d5:c8:1f:83:4c:
62:40:e7:ad:48:e0:aa:05:08:2f:97:fd:b9:4b:78:0f:ca:e1:
4b:24:6d:46:17:fe:58:70:f8:f8:45:75:00:c8:40:07:c3:24:
4d:5b:cc:30:19:b2:ba:2e:a6:b4:92:87:46:9a:e1:81:1e:1f:
8f:d6:c4:e0:ee:c8:c0:b1:61:b8:20:ed:19:fc:57:cb:85:c3:
cd:9e:25:3f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQntpHa3YHSaINq6TtbLlzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YzNkNDJmM2IyOTIxYmE3NDE4ZjM4MjAzMmQ2YjM1Yzcx
NTliODgwHhcNMjUwMTAyMTU1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNThhMmZjMDhjN2UwZGY2Mjc1ZTcwYzUyNGNhZmRlNjU1N2RlZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqitoz9fi/mJ7k6A4VLoyNNcNO3E
SQP26nCP8rIgcJOuEnnuklt8xg9yx78ZrP/EkxeVfR74HXjDcuA4exWylNXd5/pg
+Ocrrtks60MPt5WJXvbboK7vP4sBJDhQrI26NR1+0rri6xzQoGnJn5APRNfmaprY
6MZK+AZMU4pWf4QcsiCIwPuVN8m2B6oCP0K75+tLSdCKUPmF/P3Cfei8w5yvG2oL
6BYmwIK8vZORHxaiQImgai2Q1uC7Wz8RHCpbekDRFLljiidCYENNbTelL9XhQGf6
Dtb4Gv/XygyAVrNlxrkQ/h2NcSfSdWxjX01cFbg5QqGQuO5IQp2AjQ7gvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOWKL8CMfg32J15wxSTK/eZVfe3zMB8GA1UdIwQY
MBaAFOnD1C87KSG6dBjzggMtazXHFZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDIt
MWExZWFkMmNkMmIxLzEvNVlvdndJeC1EZlluWG5ERkpNcjk1bFY5N2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIx
LzEvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW80EAwQB
W87CAwQBZ8ZQAwQCwYdwAwQCwe54AwQCwruAMA0GCSqGSIb3DQEBCwUAA4IBAQCv
TmkkZ/t7usWVLCAOeS8DUWleArKX9I49WLaLj/xug1lyE9NlXj71v5krUp3UePNZ
no5mJK5m5ubDzjozOlsdeomtvkKI5/+GuueudMlanFofoo7rRk1WeXICGRiNqt7k
17XA6PtLcI3dPF9klbwbSdoLWYrNn0oC/Kbc/nldg0kVt7S9WPw4T24FqFkw9V9Q
2kMvzeYDOvtFIIrhx2SyVCFOL4u+tXN4Ymi+nCQJ1cgfg0xiQOetSOCqBQgvl/25
S3gPyuFLJG1GF/5YcPj4RXUAyEAHwyRNW8wwGbK6Lqa0kodGmuGBHh+P1sTg7sjA
sWG4IO0Z/FfLhcPNniU/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:04 2025 by rpki-client on console.sobornost.net