Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/J4oSsE5CcGCiSDFTMI_mpkGNGGI.roa
File: J4oSsE5CcGCiSDFTMI_mpkGNGGI.roa (raw, json)
Hash identifier: 8nhOBC3zyNvV6fERAZhV/f/NVIfJdmZ3Tk+7d8j6/i8=
Subject key identifier: 27:8A:12:B0:4E:42:70:60:A2:48:31:53:30:8F:E6:A6:41:8D:18:62
Certificate issuer: /CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Certificate serial: 01942445446999F651C2BF39D608526F3AC3
Authority key identifier: B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/J4oSsE5CcGCiSDFTMI_mpkGNGGI.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51341
IP address blocks: 46.255.25.0/24 maxlen: 24
91.218.84.0/24 maxlen: 24
91.218.85.0/24 maxlen: 24
91.218.86.0/24 maxlen: 24
91.218.87.0/24 maxlen: 24
91.236.140.0/24 maxlen: 24
91.236.141.0/24 maxlen: 24
91.236.142.0/24 maxlen: 24
91.236.143.0/24 maxlen: 24
213.109.201.0/24 maxlen: 24
2a13:af80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:44:69:99:f6:51:c2:bf:39:d6:08:52:6f:3a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b562ac701c14d34bb2e4475ec51152a40c9d3d3c
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=278a12b04e427060a2483153308fe6a6418d1862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e0:10:0d:bf:0c:fc:e6:75:c5:79:27:e5:95:
49:b7:cc:a8:12:6d:c5:33:1f:29:f2:b8:d9:3e:e9:
88:1c:52:1e:79:f0:3d:0d:0e:d7:1b:f7:28:26:16:
86:14:0c:23:52:af:a0:78:de:fd:c1:55:99:f7:d0:
b6:85:5f:50:a9:6b:5c:8b:ff:16:30:e4:f4:84:dd:
cc:6d:ef:99:86:d8:b6:2f:c0:11:59:72:05:bf:e7:
79:b0:72:84:c8:31:86:4b:96:7b:8d:84:6c:3e:51:
b9:60:64:df:c7:3a:12:21:32:aa:5f:3c:f2:52:e6:
8f:3f:3a:6d:a8:0c:23:e0:1f:87:3a:5a:c9:de:16:
ba:7a:b8:f6:be:6f:4b:43:04:3c:4d:c0:8a:f9:33:
1c:f8:46:f8:d8:ec:26:c3:3c:91:ec:34:bf:6e:b4:
35:98:4d:10:9a:3c:81:e1:89:27:e0:a5:1e:b0:4a:
b7:a4:cf:18:71:58:e6:ba:29:25:66:91:58:ed:ad:
62:c9:2b:57:a8:4f:48:71:2b:f4:de:77:0a:b7:bf:
05:20:fb:de:49:2c:9d:b0:70:d5:96:81:46:df:08:
4f:ac:cf:64:2a:21:c0:73:69:72:c2:ec:54:99:70:
a9:05:70:0c:a5:f4:46:6f:31:e8:a0:72:42:90:1f:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8A:12:B0:4E:42:70:60:A2:48:31:53:30:8F:E6:A6:41:8D:18:62
X509v3 Authority Key Identifier:
keyid:B5:62:AC:70:1C:14:D3:4B:B2:E4:47:5E:C5:11:52:A4:0C:9D:3D:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWKscBwU00uy5EdexRFSpAydPTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/J4oSsE5CcGCiSDFTMI_mpkGNGGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8f01b3-257b-48d5-82e2-097324dd9ec8/1/tWKscBwU00uy5EdexRFSpAydPTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.25.0/24
91.218.84.0/22
91.236.140.0/22
213.109.201.0/24
IPv6:
2a13:af80::/29
Signature Algorithm: sha256WithRSAEncryption
7d:b2:67:1d:e3:92:9d:47:f7:6a:0c:f5:b9:b8:49:96:83:f8:
21:55:89:ce:25:9c:93:a2:e5:ad:b9:6f:d4:a4:01:ca:1a:8e:
b6:c8:30:75:3e:97:37:17:60:42:b6:71:2d:1d:c9:b8:16:b0:
6a:92:4c:03:27:b5:c1:bc:d9:b8:70:aa:3b:52:6e:be:0f:19:
aa:27:23:f5:0a:b7:91:d5:1c:fa:ab:a0:55:89:fc:c1:50:0f:
fb:e5:22:d9:30:b0:6b:da:90:18:69:20:53:b6:80:a2:54:d8:
4d:0c:ca:c5:1b:6b:00:79:1b:48:5e:2e:4e:ac:be:a5:63:ce:
cb:83:92:7c:f5:0b:4d:f2:cb:85:c2:e7:b0:eb:a3:b3:6c:fa:
69:84:b6:ab:05:f8:68:04:44:7b:66:6f:5f:34:04:83:57:53:
df:5b:c1:b3:12:f0:b9:da:a7:67:ca:46:9c:21:7c:b8:0d:04:
87:f5:3e:4c:86:be:7f:05:8f:29:08:09:72:35:66:b3:80:d1:
ed:63:82:51:0e:23:fc:71:db:91:fd:ee:36:e3:05:a6:4e:72:
c0:71:d7:13:12:2f:82:d5:72:a6:1c:4b:7d:aa:c7:b6:6e:26:
e7:e4:98:ce:9e:cc:7e:b3:06:51:0f:d4:34:ad:2d:86:8c:07:
d3:96:ab:51
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQkRURpmfZRwr851ghSbzrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjJhYzcwMWMxNGQzNGJiMmU0NDc1ZWM1MTE1MmE0MGM5
ZDNkM2MwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhhMTJiMDRlNDI3MDYwYTI0ODMxNTMzMDhmZTZhNjQxOGQxODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uAQDb8M/OZ1xXkn5ZVJt8yoEm3F
Mx8p8rjZPumIHFIeefA9DQ7XG/coJhaGFAwjUq+geN79wVWZ99C2hV9QqWtci/8W
MOT0hN3Mbe+Zhti2L8ARWXIFv+d5sHKEyDGGS5Z7jYRsPlG5YGTfxzoSITKqXzzy
UuaPPzptqAwj4B+HOlrJ3ha6erj2vm9LQwQ8TcCK+TMc+Eb42OwmwzyR7DS/brQ1
mE0QmjyB4Ykn4KUesEq3pM8YcVjmuiklZpFY7a1iyStXqE9IcSv03ncKt78FIPve
SSydsHDVloFG3whPrM9kKiHAc2lywuxUmXCpBXAMpfRGbzHooHJCkB+nxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCeKErBOQnBgokgxUzCP5qZBjRhiMB8GA1UdIwQY
MBaAFLVirHAcFNNLsuRHXsURUqQMnT08MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTIt
MDk3MzI0ZGQ5ZWM4LzEvSjRvU3NFNUNjR0NpU0RGVE1JX21wa0dOR0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84ZjAxYjMtMjU3Yi00OGQ1LTgyZTItMDk3MzI0ZGQ5ZWM4
LzEvdFdLc2NCd1UwMHV5NUVkZXhSRlNwQXlkUFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALv8ZAwQC
W9pUAwQCW+yMAwQA1W3JMA0EAgACMAcDBQMqE6+AMA0GCSqGSIb3DQEBCwUAA4IB
AQB9smcd45KdR/dqDPW5uEmWg/ghVYnOJZyTouWtuW/UpAHKGo62yDB1Ppc3F2BC
tnEtHcm4FrBqkkwDJ7XBvNm4cKo7Um6+DxmqJyP1CreR1Rz6q6BVifzBUA/75SLZ
MLBr2pAYaSBTtoCiVNhNDMrFG2sAeRtIXi5OrL6lY87Lg5J89QtN8suFwuew66Oz
bPpphLarBfhoBER7Zm9fNASDV1PfW8GzEvC52qdnykacIXy4DQSH9T5Mhr5/BY8p
CAlyNWazgNHtY4JRDiP8cduR/e424wWmTnLAcdcTEi+C1XKmHEt9qse2bibn5JjO
nsx+swZRD9Q0rS2GjAfTlqtR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:26 2025 by rpki-client on console.sobornost.net