Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/AoPTcwy6H2m6XsU7z7Y2AN7ROE0.roa
File: AoPTcwy6H2m6XsU7z7Y2AN7ROE0.roa (raw, json)
Hash identifier: EkcAF/FP1ByxQSttbvF051kXzqctUYj/EMjpBXkG1v8=
Subject key identifier: 02:83:D3:73:0C:BA:1F:69:BA:5E:C5:3B:CF:B6:36:00:DE:D1:38:4D
Certificate issuer: /CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Certificate serial: 01942747E593D4676CAEFB015D3D0331B2FD
Authority key identifier: B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/AoPTcwy6H2m6XsU7z7Y2AN7ROE0.roa
Signing time: Thu 02 Jan 2025 13:50:10 +0000
ROA not before: Thu 02 Jan 2025 13:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12998
IP address blocks: 5.183.200.0/22 maxlen: 24
91.196.100.0/22 maxlen: 24
193.227.206.0/23 maxlen: 24
195.3.156.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e5:93:d4:67:6c:ae:fb:01:5d:3d:03:31:b2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5000b81e9ed4b2a702a1ef5f852e0e769ee10e2
Validity
Not Before: Jan 2 13:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0283d3730cba1f69ba5ec53bcfb63600ded1384d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:34:85:e5:23:f1:87:a3:9b:d4:4e:e5:b2:22:
48:67:58:53:ea:bd:21:52:7d:b6:7d:68:6d:fa:fa:
3e:00:e0:28:e1:3f:12:64:73:a1:a9:81:da:8c:23:
40:1b:29:fc:38:84:ed:80:0a:a7:9f:c1:ab:f5:1f:
de:43:51:40:cc:93:f2:09:fd:9c:6f:fd:4c:11:57:
6a:44:ad:b4:13:21:f4:cc:c1:fe:35:ba:6c:f7:b3:
9a:a0:13:a2:37:39:fc:64:6b:e6:e9:4e:15:09:62:
46:a0:dd:e6:6e:62:b4:8c:93:4a:86:f1:31:40:cf:
9f:eb:49:d3:28:12:b8:f3:73:0c:8c:2d:50:e9:8c:
87:13:4a:fe:97:c8:f7:bc:b8:dd:db:2e:dd:7f:41:
aa:1f:42:12:43:9f:db:13:22:1a:09:81:e8:52:c3:
e9:5c:48:3d:14:8a:2e:9f:00:3b:9b:0e:9c:2c:e0:
f6:47:b8:0d:45:a4:6a:f6:35:3b:68:d3:ff:17:34:
c1:30:c4:90:ca:5d:a7:97:08:26:59:48:ff:49:94:
56:3d:3e:85:42:f8:a6:89:5b:37:8b:6f:40:5f:98:
e3:5e:5e:32:90:aa:fd:91:cb:bb:45:66:f8:06:2c:
2a:45:cd:49:fb:6e:d4:ff:37:e5:53:ca:34:ab:8d:
b2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:83:D3:73:0C:BA:1F:69:BA:5E:C5:3B:CF:B6:36:00:DE:D1:38:4D
X509v3 Authority Key Identifier:
keyid:B5:00:0B:81:E9:ED:4B:2A:70:2A:1E:F5:F8:52:E0:E7:69:EE:10:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQALgentSypwKh71-FLg52nuEOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/AoPTcwy6H2m6XsU7z7Y2AN7ROE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0df7f3-a492-4d6f-b36f-d41e03592335/1/tQALgentSypwKh71-FLg52nuEOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.200.0/22
91.196.100.0/22
193.227.206.0/23
195.3.156.0/22
Signature Algorithm: sha256WithRSAEncryption
05:2a:c4:eb:63:d7:80:e8:42:de:b9:06:2a:51:0f:7f:0a:9d:
4d:88:d9:d1:a6:74:d0:f2:6c:6a:47:63:d1:09:24:ed:19:14:
bd:16:25:bc:d0:60:61:ab:6c:4a:8a:73:50:4a:7d:85:bd:6d:
40:51:78:7f:a2:82:b3:33:71:b1:1b:f3:79:83:33:b0:35:72:
28:86:47:1a:4d:28:dd:05:ce:d8:05:e9:50:d4:47:49:8d:88:
12:32:3a:39:62:48:e1:8a:af:83:c3:99:cc:a6:e7:cf:6f:6c:
c5:7e:48:4d:26:a1:8f:6f:04:0f:80:9e:9b:8e:6e:c1:4e:de:
71:81:24:ef:90:b1:fb:cd:ae:31:97:3c:e2:cf:1d:d3:0e:26:
05:a4:97:27:b2:ba:2b:df:5e:49:5e:0e:6b:cd:ef:59:e6:7e:
83:b0:63:17:ab:4a:71:c8:ef:13:58:56:83:6d:74:8f:22:74:
a9:0e:14:68:30:89:c6:08:e8:7a:64:7f:e0:12:97:f3:d6:6f:
4e:4f:10:1e:81:72:92:10:df:21:f3:07:19:db:62:a7:b8:90:
8c:9f:26:aa:45:52:f5:f1:44:34:01:6e:21:63:63:37:3d:41:
10:96:99:77:e3:a9:3a:a2:d6:13:ff:bd:9c:d1:e5:1d:9f:90:
7f:6f:45:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnR+WT1GdsrvsBXT0DMbL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDAwYjgxZTllZDRiMmE3MDJhMWVmNWY4NTJlMGU3Njll
ZTEwZTIwHhcNMjUwMTAyMTM1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjgzZDM3MzBjYmExZjY5YmE1ZWM1M2JjZmI2MzYwMGRlZDEzODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzSF5SPxh6Ob1E7lsiJIZ1hT6r0h
Un22fWht+vo+AOAo4T8SZHOhqYHajCNAGyn8OITtgAqnn8Gr9R/eQ1FAzJPyCf2c
b/1MEVdqRK20EyH0zMH+Nbps97OaoBOiNzn8ZGvm6U4VCWJGoN3mbmK0jJNKhvEx
QM+f60nTKBK483MMjC1Q6YyHE0r+l8j3vLjd2y7df0GqH0ISQ5/bEyIaCYHoUsPp
XEg9FIounwA7mw6cLOD2R7gNRaRq9jU7aNP/FzTBMMSQyl2nlwgmWUj/SZRWPT6F
QvimiVs3i29AX5jjXl4ykKr9kcu7RWb4BiwqRc1J+27U/zflU8o0q42ycQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAKD03MMuh9pul7FO8+2NgDe0ThNMB8GA1UdIwQY
MBaAFLUAC4Hp7UsqcCoe9fhS4Odp7hDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYt
ZDQxZTAzNTkyMzM1LzEvQW9QVGN3eTZIMm02WHNVN3o3WTJBTjdST0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wZGY3ZjMtYTQ5Mi00ZDZmLWIzNmYtZDQxZTAzNTkyMzM1
LzEvdFFBTGdlbnRTeXB3S2g3MS1GTGc1Mm51RU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbfIAwQC
W8RkAwQBwePOAwQCwwOcMA0GCSqGSIb3DQEBCwUAA4IBAQAFKsTrY9eA6ELeuQYq
UQ9/Cp1NiNnRpnTQ8mxqR2PRCSTtGRS9FiW80GBhq2xKinNQSn2FvW1AUXh/ooKz
M3GxG/N5gzOwNXIohkcaTSjdBc7YBelQ1EdJjYgSMjo5Ykjhiq+Dw5nMpufPb2zF
fkhNJqGPbwQPgJ6bjm7BTt5xgSTvkLH7za4xlzzizx3TDiYFpJcnsror315JXg5r
ze9Z5n6DsGMXq0pxyO8TWFaDbXSPInSpDhRoMInGCOh6ZH/gEpfz1m9OTxAegXKS
EN8h8wcZ22KnuJCMnyaqRVL18UQ0AW4hY2M3PUEQlpl346k6otYT/72c0eUdn5B/
b0WC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net