Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/1-MmN0tsEmoim2sae335BAlf2iMY.roa
File: 1-MmN0tsEmoim2sae335BAlf2iMY.roa (raw, json)
Hash identifier: BOjGK2JKa11z5em/Dgc+q3/nSr0kFU/3HDEjsSjRF+k=
Subject key identifier: F8:C9:8D:D2:DB:04:9A:88:A6:DA:C6:9E:DF:7E:41:02:57:F6:88:C6
Certificate issuer: /CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Certificate serial: 0194266B7DD93D2CC63CB68A9ED406ED2D85
Authority key identifier: 74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/1-MmN0tsEmoim2sae335BAlf2iMY.roa
Signing time: Thu 02 Jan 2025 09:49:26 +0000
ROA not before: Thu 02 Jan 2025 09:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50213
IP address blocks: 91.213.203.0/24 maxlen: 24
2001:67c:398::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7d:d9:3d:2c:c6:3c:b6:8a:9e:d4:06:ed:2d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a4f3c0b66a4c93e80ff5f6d89ad8673e943c5f
Validity
Not Before: Jan 2 09:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8c98dd2db049a88a6dac69edf7e410257f688c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e1:fd:3c:d5:2d:34:41:89:07:1a:aa:32:45:
74:1c:53:67:71:6f:03:13:86:08:ab:09:92:91:b9:
9d:84:2f:be:ef:4e:5d:f3:f4:38:16:f2:41:22:b0:
e6:e6:23:25:3e:e1:e4:78:82:ec:d9:f6:54:c4:6b:
32:70:3b:3f:67:b4:75:5e:e0:c4:e8:ac:2f:65:9f:
74:d8:f0:fd:db:74:05:83:23:e8:4b:5e:ff:11:9e:
80:f2:d7:d5:e3:c4:24:2f:42:aa:fe:cb:14:4a:e2:
ce:02:d9:3d:65:4d:45:0a:ac:6b:ff:89:83:4b:21:
3f:dd:72:4d:92:52:33:b0:bd:52:bf:55:0d:30:a9:
d4:ec:8f:fd:c9:3b:fe:67:68:1c:bf:0b:05:b7:67:
33:04:b4:ae:df:16:b6:75:17:51:c8:7f:ec:e4:65:
c1:7b:0f:3e:f7:c8:0e:a5:a0:ef:54:aa:93:21:b8:
0f:20:aa:fd:08:9d:f8:d5:4c:d9:4a:ee:c8:80:e6:
39:9f:6d:47:6d:15:87:84:d3:ea:72:14:50:a5:16:
5e:41:dc:ef:6f:00:3f:dd:97:aa:bb:7e:26:e9:2a:
ef:42:42:fa:1a:85:4c:26:4b:6e:f1:93:1e:0b:ad:
90:23:aa:f6:84:90:a6:21:37:60:24:1d:97:0f:04:
32:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C9:8D:D2:DB:04:9A:88:A6:DA:C6:9E:DF:7E:41:02:57:F6:88:C6
X509v3 Authority Key Identifier:
keyid:74:A4:F3:C0:B6:6A:4C:93:E8:0F:F5:F6:D8:9A:D8:67:3E:94:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKTzwLZqTJPoD_X22JrYZz6UPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/1-MmN0tsEmoim2sae335BAlf2iMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/699704-8004-4614-b44c-2ca492f6d7a8/1/dKTzwLZqTJPoD_X22JrYZz6UPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.203.0/24
IPv6:
2001:67c:398::/48
Signature Algorithm: sha256WithRSAEncryption
71:96:00:32:0e:ec:4b:a2:36:ac:cd:a7:b5:7c:18:1b:2b:b3:
fe:6a:c4:c3:bb:3d:10:1d:31:80:c5:14:d7:78:5d:fb:8f:6c:
a2:63:5c:bb:1f:3b:e5:43:ea:e2:1f:1f:be:33:1b:1f:a8:ca:
fc:65:9b:e4:9b:6f:7d:a2:1e:52:91:3c:10:de:9f:93:51:2b:
a1:b1:69:f7:4e:28:15:7d:0b:da:27:93:e2:d0:30:13:83:dd:
54:22:99:e7:d7:98:b7:de:69:c9:15:cd:e3:30:87:cd:3b:e1:
d5:36:7f:a0:3c:a6:e5:de:18:85:2f:ca:38:25:9c:13:48:74:
01:b9:a7:70:f6:c3:bc:8f:b4:5a:67:57:00:ad:c8:74:ef:0e:
d0:37:cc:b3:88:5c:09:c8:cf:7f:94:dd:fb:93:2d:90:95:c3:
7f:77:3f:9f:80:4f:b1:e6:2c:04:ec:bb:27:1a:3f:6a:14:25:
5d:c0:f2:37:ea:55:a9:ac:7a:2e:a1:a8:97:e3:12:19:e5:bd:
9e:3a:72:d9:97:34:b3:98:f6:8a:b5:0f:9f:54:54:77:9b:52:
bb:28:86:e1:42:36:a2:5a:e4:4a:66:60:38:ef:d0:d8:ad:ce:
8f:04:f9:a4:83:11:f0:60:b5:08:f6:32:a8:b7:d4:9a:db:7c:
31:d9:c4:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQma33ZPSzGPLaKntQG7S2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTRmM2MwYjY2YTRjOTNlODBmZjVmNmQ4OWFkODY3M2U5
NDNjNWYwHhcNMjUwMTAyMDk0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM5OGRkMmRiMDQ5YTg4YTZkYWM2OWVkZjdlNDEwMjU3ZjY4OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOH9PNUtNEGJBxqqMkV0HFNncW8D
E4YIqwmSkbmdhC++705d8/Q4FvJBIrDm5iMlPuHkeILs2fZUxGsycDs/Z7R1XuDE
6KwvZZ902PD923QFgyPoS17/EZ6A8tfV48QkL0Kq/ssUSuLOAtk9ZU1FCqxr/4mD
SyE/3XJNklIzsL1Sv1UNMKnU7I/9yTv+Z2gcvwsFt2czBLSu3xa2dRdRyH/s5GXB
ew8+98gOpaDvVKqTIbgPIKr9CJ341UzZSu7IgOY5n21HbRWHhNPqchRQpRZeQdzv
bwA/3Zequ34m6SrvQkL6GoVMJktu8ZMeC62QI6r2hJCmITdgJB2XDwQy1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPjJjdLbBJqIptrGnt9+QQJX9ojGMB8GA1UdIwQY
MBaAFHSk88C2akyT6A/19tia2Gc+lDxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtUendMWnFUSlBvRF9YMjJKcllaejZVUEY4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82OTk3MDQtODAwNC00NjE0LWI0NGMt
MmNhNDkyZjZkN2E4LzEvMS1NbU4wdHNFbW9pbTJzYWUzMzVCQWxmMmlNWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTYvNjk5NzA0LTgwMDQtNDYxNC1iNDRjLTJjYTQ5MmY2ZDdh
OC8xL2RLVHp3TFpxVEpQb0RfWDIySnJZWno2VVBGOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvVyzAP
BAIAAjAJAwcAIAEGfAOYMA0GCSqGSIb3DQEBCwUAA4IBAQBxlgAyDuxLojaszae1
fBgbK7P+asTDuz0QHTGAxRTXeF37j2yiY1y7HzvlQ+riHx++MxsfqMr8ZZvkm299
oh5SkTwQ3p+TUSuhsWn3TigVfQvaJ5Pi0DATg91UIpnn15i33mnJFc3jMIfNO+HV
Nn+gPKbl3hiFL8o4JZwTSHQBuadw9sO8j7RaZ1cArch07w7QN8yziFwJyM9/lN37
ky2QlcN/dz+fgE+x5iwE7LsnGj9qFCVdwPI36lWprHouoaiX4xIZ5b2eOnLZlzSz
mPaKtQ+fVFR3m1K7KIbhQjaiWuRKZmA479DYrc6PBPmkgxHwYLUI9jKot9Sa23wx
2cT+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net