Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/x4XI86xuT3wsfzGO7m_2JB-s4p4.roa
File: x4XI86xuT3wsfzGO7m_2JB-s4p4.roa (raw, json)
Hash identifier: Dt7gE1TI/UXgmAj9V+d2Jv58edUR433oJyH6DVwQHcw=
Subject key identifier: C7:85:C8:F3:AC:6E:4F:7C:2C:7F:31:8E:EE:6F:F6:24:1F:AC:E2:9E
Certificate issuer: /CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Certificate serial: 019426D8B5C2B192D548F61B1074E11379B1
Authority key identifier: 95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/x4XI86xuT3wsfzGO7m_2JB-s4p4.roa
Signing time: Thu 02 Jan 2025 11:48:43 +0000
ROA not before: Thu 02 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42402
IP address blocks: 91.189.56.0/21 maxlen: 21
91.189.56.0/22 maxlen: 22
91.189.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:b5:c2:b1:92:d5:48:f6:1b:10:74:e1:13:79:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Validity
Not Before: Jan 2 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c785c8f3ac6e4f7c2c7f318eee6ff6241face29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:08:a5:9e:d2:74:fd:ba:3c:65:cc:e4:74:9d:
a5:31:bb:c6:69:a8:b8:c8:62:4a:94:ee:b6:c4:d8:
1a:b1:dd:ba:b7:09:9f:12:19:a0:83:c5:6c:23:bd:
84:fe:19:44:e7:ab:41:55:80:92:94:32:a6:f4:bd:
54:69:e8:ae:13:19:3f:b1:c5:77:34:d9:b7:48:b8:
86:b9:27:1a:2f:18:2b:93:ff:63:05:1a:5b:36:64:
4d:6f:17:22:be:c6:7c:b5:88:1a:3d:49:49:81:3a:
8d:d2:cb:cd:c8:b6:33:e8:82:9e:96:3f:7f:26:7c:
86:ff:29:09:c1:c7:7f:03:1e:03:78:05:62:a8:a0:
8f:5e:1c:e1:26:0d:66:6e:40:4b:01:84:49:82:eb:
18:4e:13:48:4f:b5:41:f2:d5:09:08:da:93:a6:83:
6d:69:8d:85:5a:1b:b9:9c:90:a9:a6:0a:d7:b4:f9:
a6:8b:26:c6:95:97:74:6e:f8:f3:3c:c7:40:a7:ab:
48:11:36:af:83:c8:1b:ef:d4:78:cf:cd:51:72:be:
b3:4e:28:c2:bf:0b:cd:1e:52:14:45:6d:68:4a:02:
dc:61:ca:d6:ee:0f:1c:83:a1:d5:0c:5f:67:ac:1b:
d5:5d:39:fc:27:ee:55:6d:46:e5:40:54:34:7e:45:
6d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:85:C8:F3:AC:6E:4F:7C:2C:7F:31:8E:EE:6F:F6:24:1F:AC:E2:9E
X509v3 Authority Key Identifier:
keyid:95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/x4XI86xuT3wsfzGO7m_2JB-s4p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.56.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:27:ba:e0:87:6c:05:18:b4:f2:5e:64:61:c9:26:b6:e7:fa:
8b:9b:3f:45:0b:66:8e:da:7b:52:bd:90:35:b7:4f:5f:89:84:
00:88:94:8c:76:5c:a0:62:d8:78:1e:55:02:35:f3:14:b6:17:
98:60:ff:94:c5:8d:f8:b5:d9:ab:3f:7b:7b:74:22:94:81:aa:
4c:06:26:a2:50:c3:49:d1:55:91:5a:13:67:02:78:42:72:06:
7c:b9:bd:af:b0:24:a8:f1:18:fa:49:57:c8:fd:28:4c:98:30:
7b:9f:ce:97:9b:56:4b:9e:5e:77:ef:b8:fe:a0:29:d9:e4:8b:
2b:6e:e9:0e:ab:04:32:4d:fa:5a:f5:bb:4e:f4:79:b9:53:78:
c8:e2:5b:ee:df:8d:40:95:9a:19:c9:8e:c7:94:5d:db:1d:65:
1c:77:f4:1f:f1:3e:08:53:b0:99:d8:2f:55:fc:65:2c:ec:5c:
a7:6a:7a:90:08:b8:68:03:4a:2b:93:5b:b8:c2:ad:a8:15:8d:
50:a9:52:06:73:55:25:3f:b6:76:b0:21:d8:09:4c:9b:22:ce:
a6:f8:14:e1:34:84:ae:48:d4:f9:a1:5d:81:5e:15:3d:1e:be:
43:ed:e3:3c:7d:3c:26:a8:7d:95:15:50:2d:51:ea:e4:f3:e9:
0f:24:1b:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2LXCsZLVSPYbEHThE3mxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTRkZjlmZGMzYTBiMTI4YzIwZWU4YzA2NjI4YzQzYzk1
OGJiZjAwHhcNMjUwMTAyMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg1YzhmM2FjNmU0ZjdjMmM3ZjMxOGVlZTZmZjYyNDFmYWNlMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gilntJ0/bo8ZczkdJ2lMbvGaai4
yGJKlO62xNgasd26twmfEhmgg8VsI72E/hlE56tBVYCSlDKm9L1UaeiuExk/scV3
NNm3SLiGuScaLxgrk/9jBRpbNmRNbxcivsZ8tYgaPUlJgTqN0svNyLYz6IKelj9/
JnyG/ykJwcd/Ax4DeAViqKCPXhzhJg1mbkBLAYRJgusYThNIT7VB8tUJCNqTpoNt
aY2FWhu5nJCppgrXtPmmiybGlZd0bvjzPMdAp6tIETavg8gb79R4z81Rcr6zTijC
vwvNHlIURW1oSgLcYcrW7g8cg6HVDF9nrBvVXTn8J+5VbUblQFQ0fkVtfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMeFyPOsbk98LH8xju5v9iQfrOKeMB8GA1UdIwQY
MBaAFJUU35/cOgsSjCDujAZijEPJWLvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2Mjct
ZTIyMmJmODUyOWI4LzEveDRYSTg2eHVUM3dzZnpHTzdtXzJKQi1zNHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2MjctZTIyMmJmODUyOWI4
LzEvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW704MA0G
CSqGSIb3DQEBCwUAA4IBAQBsJ7rgh2wFGLTyXmRhySa25/qLmz9FC2aO2ntSvZA1
t09fiYQAiJSMdlygYth4HlUCNfMUtheYYP+UxY34tdmrP3t7dCKUgapMBiaiUMNJ
0VWRWhNnAnhCcgZ8ub2vsCSo8Rj6SVfI/ShMmDB7n86Xm1ZLnl5377j+oCnZ5Isr
bukOqwQyTfpa9btO9Hm5U3jI4lvu341AlZoZyY7HlF3bHWUcd/Qf8T4IU7CZ2C9V
/GUs7FynanqQCLhoA0ork1u4wq2oFY1QqVIGc1UlP7Z2sCHYCUybIs6m+BThNISu
SNT5oV2BXhU9Hr5D7eM8fTwmqH2VFVAtUerk8+kPJBva
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net