Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/SJWhB7kWgTlTbR2flWrmQ2wlKOY.roa
File: SJWhB7kWgTlTbR2flWrmQ2wlKOY.roa (raw, json)
Hash identifier: p8++Hz/3lRer+jzGUuklhwrO6NIeyYEbaz4oXToL4+U=
Subject key identifier: 48:95:A1:07:B9:16:81:39:53:6D:1D:9F:95:6A:E6:43:6C:25:28:E6
Certificate issuer: /CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Certificate serial: 01961B0EDD0873F8590BA249B1CDF25B8619
Authority key identifier: 85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/SJWhB7kWgTlTbR2flWrmQ2wlKOY.roa
Signing time: Wed 09 Apr 2025 14:58:01 +0000
ROA not before: Wed 09 Apr 2025 14:58:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39864
IP address blocks: 91.232.94.0/24 maxlen: 24
91.232.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1b:0e:dd:08:73:f8:59:0b:a2:49:b1:cd:f2:5b:86:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85916be7e63cfd8c8b77c0588d12694f16b14cda
Validity
Not Before: Apr 9 14:58:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4895a107b9168139536d1d9f956ae6436c2528e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3a:c9:bb:fc:c0:b3:0b:31:cb:2f:bf:23:f2:
66:b6:02:ff:9a:f6:5d:cb:26:13:b5:b8:08:12:5e:
78:2a:5b:c8:86:37:ce:be:d7:31:88:e5:d2:3d:3c:
2f:bc:9b:b2:41:cf:2b:fd:5a:54:89:80:56:f0:38:
53:7f:6c:a9:6c:58:ff:3e:96:4d:67:43:94:cf:f8:
93:ef:be:bb:dd:33:03:f0:f6:99:7c:8e:d6:39:57:
57:75:b1:03:3b:3d:a2:c0:74:0e:a9:56:ae:34:7c:
09:3a:0d:c2:31:bf:37:d1:07:9c:f2:b5:77:69:74:
46:37:4d:01:22:cc:12:59:7e:16:cf:fd:39:d5:ba:
db:f1:4f:8f:20:ca:4e:77:ec:80:9c:69:55:4b:b2:
ff:3f:c5:7a:81:99:f4:91:e3:a5:bd:83:b8:4e:49:
37:b7:ff:a0:ae:28:15:ea:25:26:85:7d:94:0c:9b:
80:bc:b0:a1:fe:42:25:5e:dc:57:f4:a5:89:45:cd:
a8:29:38:ce:c6:2b:a9:f4:3f:40:22:a5:c0:8e:1d:
45:c5:0a:fd:47:a0:7d:06:12:cf:9b:34:64:67:c7:
6f:b4:06:08:fe:02:37:29:6d:3e:ec:cb:7b:1f:b9:
83:80:19:43:7f:07:69:d2:a8:1b:27:f0:d7:63:d5:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:95:A1:07:B9:16:81:39:53:6D:1D:9F:95:6A:E6:43:6C:25:28:E6
X509v3 Authority Key Identifier:
keyid:85:91:6B:E7:E6:3C:FD:8C:8B:77:C0:58:8D:12:69:4F:16:B1:4C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/SJWhB7kWgTlTbR2flWrmQ2wlKOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/57fb14-d705-4055-8045-bca234829f48/1/hZFr5-Y8_YyLd8BYjRJpTxaxTNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
27:44:f1:00:bb:bb:39:c2:ba:a3:cd:58:e0:b3:a3:41:dc:69:
17:d1:bb:76:ff:5b:9f:97:53:d3:66:27:11:c3:57:d4:f5:55:
34:e7:cd:8d:97:69:e3:e4:57:38:ad:7e:d3:6c:cc:37:d2:f1:
a0:52:b6:23:94:07:2d:2f:f0:7c:10:42:fa:5e:b5:e6:b1:11:
d1:a7:14:29:c2:ae:52:37:ec:f2:2a:4e:4c:d4:db:b1:d6:8b:
6d:1b:4e:34:4e:a8:b1:d3:4e:a9:42:e7:54:38:47:b6:c1:04:
e2:6a:a1:6b:3f:e1:8c:b8:55:27:0e:32:a4:2a:7e:5c:a4:16:
92:24:d7:77:f1:a0:a1:e1:34:f6:41:f7:8a:a1:a0:46:9f:a1:
52:33:1b:85:de:a5:56:d7:bd:b8:f2:20:ec:e8:21:6d:21:4f:
44:c6:c3:00:d1:b8:96:7b:c4:6d:0c:24:5d:1b:73:91:5f:43:
4c:5c:f3:c7:35:f0:d0:73:0c:19:61:28:ca:cc:63:0d:f4:43:
22:e5:e9:21:6d:bc:5e:67:39:41:9e:3e:8a:a2:8e:56:b3:b4:
ee:64:af:bf:49:fc:3b:ee:8d:dc:29:4f:72:83:75:6d:76:a0:
a9:bb:71:f7:5e:df:e0:bb:3c:26:b4:a5:ed:48:b1:8d:e0:3d:
d3:75:6f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYbDt0Ic/hZC6JJsc3yW4YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTE2YmU3ZTYzY2ZkOGM4Yjc3YzA1ODhkMTI2OTRmMTZi
MTRjZGEwHhcNMjUwNDA5MTQ1ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODk1YTEwN2I5MTY4MTM5NTM2ZDFkOWY5NTZhZTY0MzZjMjUyOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTrJu/zAswsxyy+/I/JmtgL/mvZd
yyYTtbgIEl54KlvIhjfOvtcxiOXSPTwvvJuyQc8r/VpUiYBW8DhTf2ypbFj/PpZN
Z0OUz/iT77673TMD8PaZfI7WOVdXdbEDOz2iwHQOqVauNHwJOg3CMb830Qec8rV3
aXRGN00BIswSWX4Wz/051brb8U+PIMpOd+yAnGlVS7L/P8V6gZn0keOlvYO4Tkk3
t/+grigV6iUmhX2UDJuAvLCh/kIlXtxX9KWJRc2oKTjOxiup9D9AIqXAjh1FxQr9
R6B9BhLPmzRkZ8dvtAYI/gI3KW0+7Mt7H7mDgBlDfwdp0qgbJ/DXY9UbbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiVoQe5FoE5U20dn5Vq5kNsJSjmMB8GA1UdIwQY
MBaAFIWRa+fmPP2Mi3fAWI0SaU8WsUzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUt
YmNhMjM0ODI5ZjQ4LzEvU0pXaEI3a1dnVGxUYlIyZmxXcm1RMndsS09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81N2ZiMTQtZDcwNS00MDU1LTgwNDUtYmNhMjM0ODI5ZjQ4
LzEvaFpGcjUtWThfWXlMZDhCWWpSSnBUeGF4VE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+heMA0G
CSqGSIb3DQEBCwUAA4IBAQAnRPEAu7s5wrqjzVjgs6NB3GkX0bt2/1ufl1PTZicR
w1fU9VU0582Nl2nj5Fc4rX7TbMw30vGgUrYjlActL/B8EEL6XrXmsRHRpxQpwq5S
N+zyKk5M1Nux1ottG040Tqix006pQudUOEe2wQTiaqFrP+GMuFUnDjKkKn5cpBaS
JNd38aCh4TT2QfeKoaBGn6FSMxuF3qVW17248iDs6CFtIU9ExsMA0biWe8RtDCRd
G3ORX0NMXPPHNfDQcwwZYSjKzGMN9EMi5ekhbbxeZzlBnj6Koo5Ws7TuZK+/Sfw7
7o3cKU9yg3VtdqCpu3H3Xt/guzwmtKXtSLGN4D3TdW9N
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net