Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/90ed8d-f91e-44b6-a84f-edfbfee70af5/1/rzOwmj7yNxYTqaPlre3nKadsFUw.roa
File: rzOwmj7yNxYTqaPlre3nKadsFUw.roa (raw, json)
Hash identifier: DAKc4JSGHKnobmz2nOoFMUFGL3C1Ey22s4rc8SfdlJE=
Subject key identifier: AF:33:B0:9A:3E:F2:37:16:13:A9:A3:E5:AD:ED:E7:29:A7:6C:15:4C
Certificate issuer: /CN=90a7cbf17d0ba0a26ab01a64060141114ce2b9d1
Certificate serial: 0195B92F745B13060CCB86965698E4FD5919
Authority key identifier: 90:A7:CB:F1:7D:0B:A0:A2:6A:B0:1A:64:06:01:41:11:4C:E2:B9:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKfL8X0LoKJqsBpkBgFBEUziudE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/90ed8d-f91e-44b6-a84f-edfbfee70af5/1/rzOwmj7yNxYTqaPlre3nKadsFUw.roa
Signing time: Fri 21 Mar 2025 14:50:49 +0000
ROA not before: Fri 21 Mar 2025 14:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8518
IP address blocks: 91.102.96.0/21 maxlen: 21
91.102.96.0/24 maxlen: 24
91.102.97.0/24 maxlen: 24
91.102.98.0/24 maxlen: 24
91.102.99.0/24 maxlen: 24
91.102.100.0/24 maxlen: 24
91.102.101.0/24 maxlen: 24
91.102.102.0/24 maxlen: 24
91.102.103.0/24 maxlen: 24
94.198.112.0/21 maxlen: 21
94.198.112.0/24 maxlen: 24
94.198.113.0/24 maxlen: 24
94.198.114.0/24 maxlen: 24
94.198.115.0/24 maxlen: 24
94.198.116.0/24 maxlen: 24
94.198.117.0/24 maxlen: 24
94.198.118.0/24 maxlen: 24
94.198.119.0/24 maxlen: 24
185.45.56.0/22 maxlen: 22
185.45.56.0/24 maxlen: 24
185.45.57.0/24 maxlen: 24
185.45.58.0/24 maxlen: 24
185.45.59.0/24 maxlen: 24
193.111.128.0/21 maxlen: 21
193.111.128.0/24 maxlen: 24
193.111.129.0/24 maxlen: 24
193.111.130.0/24 maxlen: 24
193.111.131.0/24 maxlen: 24
193.111.132.0/24 maxlen: 24
193.111.133.0/24 maxlen: 24
193.111.134.0/24 maxlen: 24
193.111.135.0/24 maxlen: 24
2a01:538:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:2f:74:5b:13:06:0c:cb:86:96:56:98:e4:fd:59:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a7cbf17d0ba0a26ab01a64060141114ce2b9d1
Validity
Not Before: Mar 21 14:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af33b09a3ef2371613a9a3e5adede729a76c154c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ea:64:99:5e:be:82:f2:dd:d8:11:d0:70:7c:
69:67:f0:d7:5c:f8:d7:bf:5f:1d:58:54:3b:b5:24:
f7:27:13:f8:c3:e2:54:7f:0e:f7:6b:c5:39:5d:d6:
09:eb:ec:f3:e7:a0:66:c8:3a:5c:f5:7e:2b:60:8f:
c6:5f:87:01:0d:89:bd:1f:f3:cf:70:29:78:d1:c6:
77:de:e5:c9:28:f7:f5:0b:1b:04:ef:cb:bb:c9:85:
61:54:71:7a:36:57:b9:33:74:96:dc:a4:ef:4e:37:
be:49:29:ae:be:ba:1d:63:d3:3a:fe:80:65:4b:54:
74:6d:89:d8:a4:35:9b:7f:ec:c5:56:9c:e2:25:ae:
ca:66:b4:2e:1b:b0:46:ba:27:e7:6a:3e:ba:1b:67:
ca:46:63:4a:d4:e1:51:b9:ef:37:26:1d:de:48:40:
18:3b:25:c1:c5:39:b9:9c:0d:6c:c7:59:d9:5d:a3:
5c:ec:e4:e6:a4:96:ee:1d:58:ee:d7:f1:ea:19:73:
17:a1:ba:56:2f:1c:0e:86:2b:bf:a6:59:4a:29:20:
d8:3c:e2:97:d8:cd:87:e4:d5:d5:3f:89:e3:5d:6c:
d7:63:bc:2f:38:b3:52:12:af:c1:51:88:88:fe:bf:
7f:80:8e:91:7d:8e:cf:fe:86:a8:a8:6f:6c:19:77:
dc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:33:B0:9A:3E:F2:37:16:13:A9:A3:E5:AD:ED:E7:29:A7:6C:15:4C
X509v3 Authority Key Identifier:
keyid:90:A7:CB:F1:7D:0B:A0:A2:6A:B0:1A:64:06:01:41:11:4C:E2:B9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKfL8X0LoKJqsBpkBgFBEUziudE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/90ed8d-f91e-44b6-a84f-edfbfee70af5/1/rzOwmj7yNxYTqaPlre3nKadsFUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/90ed8d-f91e-44b6-a84f-edfbfee70af5/1/kKfL8X0LoKJqsBpkBgFBEUziudE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.96.0/21
94.198.112.0/21
185.45.56.0/22
193.111.128.0/21
IPv6:
2a01:538:2::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cf:6f:57:59:bc:62:40:64:90:22:6a:ec:3a:cc:5d:a7:cb:
87:f3:86:b3:4a:14:cc:9e:74:b0:e6:19:48:91:c1:50:9b:c4:
e5:1f:3d:aa:88:e3:f1:41:72:ac:ca:70:6c:a4:7f:f3:0c:ab:
88:3b:b9:46:00:35:62:19:4b:b8:82:72:d5:35:5c:25:cc:cc:
17:ad:66:8b:2b:a3:88:79:13:28:67:31:d6:ef:29:92:69:d5:
cd:ff:33:20:c9:8b:98:f2:29:1a:07:08:44:29:53:dc:39:be:
07:cc:60:37:85:7b:16:4a:a5:bc:3d:e5:2e:2a:ad:44:fe:69:
99:91:84:1c:87:5f:69:c5:81:a0:7b:f7:0e:00:7e:c8:a9:98:
5b:ca:be:20:87:82:0b:74:6b:23:31:51:1e:55:51:e8:e0:4b:
4b:7d:a3:f0:65:51:48:8a:cb:5a:36:e0:48:1f:73:9a:8e:15:
f4:38:89:83:b2:cb:37:62:24:f7:9a:2e:24:25:d9:e0:b6:34:
22:b4:55:20:1f:5d:e7:f1:d2:cf:0f:6f:8a:b1:e5:27:eb:96:
df:30:05:87:ef:71:7c:a9:09:6c:89:50:a0:b4:7c:bf:97:03:
93:be:15:b5:bc:51:cb:5e:2b:d6:fe:ab:82:19:4a:5f:7e:28:
8b:da:f9:77
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZW5L3RbEwYMy4aWVpjk/VkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTdjYmYxN2QwYmEwYTI2YWIwMWE2NDA2MDE0MTExNGNl
MmI5ZDEwHhcNMjUwMzIxMTQ1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMzYjA5YTNlZjIzNzE2MTNhOWEzZTVhZGVkZTcyOWE3NmMxNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlupkmV6+gvLd2BHQcHxpZ/DXXPjX
v18dWFQ7tST3JxP4w+JUfw73a8U5XdYJ6+zz56BmyDpc9X4rYI/GX4cBDYm9H/PP
cCl40cZ33uXJKPf1CxsE78u7yYVhVHF6Nle5M3SW3KTvTje+SSmuvrodY9M6/oBl
S1R0bYnYpDWbf+zFVpziJa7KZrQuG7BGuifnaj66G2fKRmNK1OFRue83Jh3eSEAY
OyXBxTm5nA1sx1nZXaNc7OTmpJbuHVju1/HqGXMXobpWLxwOhiu/pllKKSDYPOKX
2M2H5NXVP4njXWzXY7wvOLNSEq/BUYiI/r9/gI6RfY7P/oaoqG9sGXfcPwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFK8zsJo+8jcWE6mj5a3t5ymnbBVMMB8GA1UdIwQY
MBaAFJCny/F9C6CiarAaZAYBQRFM4rnRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tmTDhYMExvS0pxc0Jwa0JnRkJFVXppdWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85MGVkOGQtZjkxZS00NGI2LWE4NGYt
ZWRmYmZlZTcwYWY1LzEvcnpPd21qN3lOeFlUcWFQbHJlM25LYWRzRlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85MGVkOGQtZjkxZS00NGI2LWE4NGYtZWRmYmZlZTcwYWY1
LzEva0tmTDhYMExvS0pxc0Jwa0JnRkJFVXppdWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQDW2ZgAwQD
XsZwAwQCuS04AwQDwW+AMA8EAgACMAkDBwAqAQU4AAIwDQYJKoZIhvcNAQELBQAD
ggEBAHrPb1dZvGJAZJAiauw6zF2ny4fzhrNKFMyedLDmGUiRwVCbxOUfPaqI4/FB
cqzKcGykf/MMq4g7uUYANWIZS7iCctU1XCXMzBetZosro4h5EyhnMdbvKZJp1c3/
MyDJi5jyKRoHCEQpU9w5vgfMYDeFexZKpbw95S4qrUT+aZmRhByHX2nFgaB79w4A
fsipmFvKviCHggt0ayMxUR5VUejgS0t9o/BlUUiKy1o24Egfc5qOFfQ4iYOyyzdi
JPeaLiQl2eC2NCK0VSAfXefx0s8Pb4qx5Sfrlt8wBYfvcXypCWyJUKC0fL+XA5O+
FbW8UcteK9b+q4IZSl9+KIva+Xc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:56 2025 by rpki-client on console.sobornost.net