Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/1ibpJfSu5zvmElDRsm3yBPA2Psc.roa
File: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (raw, json)
Hash identifier: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=
Subject key identifier: D6:26:E9:25:F4:AE:E7:3B:E6:12:50:D1:B2:6D:F2:04:F0:36:3E:C7
Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Certificate serial: 019424B3A1719ABEA4EDDBA4EFA685B6E06C
Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/1ibpJfSu5zvmElDRsm3yBPA2Psc.roa
Signing time: Thu 02 Jan 2025 01:48:59 +0000
ROA not before: Thu 02 Jan 2025 01:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39043
IP address blocks: 91.211.68.0/22 maxlen: 22
195.66.156.0/23 maxlen: 23
195.66.156.0/24 maxlen: 24
195.66.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a1:71:9a:be:a4:ed:db:a4:ef:a6:85:b6:e0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Validity
Not Before: Jan 2 01:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d626e925f4aee73be61250d1b26df204f0363ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:35:b3:68:1f:cc:ac:4d:b8:4f:a1:66:df:
3a:13:27:b0:3a:6c:42:ae:4a:2f:0b:7e:75:b5:80:
bd:8d:ed:61:a7:85:4e:9d:61:39:62:d4:60:92:0b:
99:4f:2b:ae:4f:67:57:0a:15:43:3f:18:df:dc:06:
68:4f:21:7c:44:86:55:e7:fb:5a:9a:4a:d1:56:df:
c5:98:f2:02:f1:fa:dc:48:3f:03:92:b2:84:fc:9f:
09:09:72:4b:90:3b:9a:73:29:47:36:8c:7b:08:0d:
20:53:df:61:8d:18:ec:bd:cd:6d:4b:20:cd:41:9e:
37:85:4e:9a:77:a9:b0:27:84:b6:ad:37:bd:a2:38:
44:ca:34:cf:9c:b8:68:7d:1d:48:6e:1f:c8:88:e2:
e0:e5:6a:44:87:71:2e:0f:53:63:b3:96:3e:ef:4b:
d1:4b:df:c9:ce:27:dc:d5:65:30:c0:3f:c3:fe:92:
f0:85:86:1d:77:fb:92:e2:6d:c3:e9:c6:2a:f3:9c:
8b:12:ef:4b:35:20:ca:84:2f:00:f0:81:0f:d0:f2:
8d:4d:4d:27:7e:8e:82:34:26:b5:04:1c:23:19:4d:
58:85:63:22:69:18:4e:51:11:c9:42:fd:2a:7c:30:
1e:e4:9d:8f:10:27:96:95:d8:a7:44:48:6e:a0:5b:
c9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:26:E9:25:F4:AE:E7:3B:E6:12:50:D1:B2:6D:F2:04:F0:36:3E:C7
X509v3 Authority Key Identifier:
keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/1ibpJfSu5zvmElDRsm3yBPA2Psc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.68.0/22
195.66.156.0/23
Signature Algorithm: sha256WithRSAEncryption
77:eb:87:2c:bd:44:13:ac:ab:dd:98:0c:4f:34:3d:1e:72:06:
a4:87:70:83:40:99:7d:1f:17:eb:5a:45:a4:bc:59:98:2d:11:
c5:7a:13:3a:ca:dd:87:9c:16:d9:b2:5e:57:20:f2:9e:28:38:
9c:5b:d7:d4:ea:c2:67:30:30:ed:24:25:32:8a:6c:5a:3e:64:
cd:e9:82:b5:08:e0:41:5e:75:53:f0:1d:dd:99:8b:b6:57:e9:
47:19:a5:b2:d0:ba:10:61:78:ec:2f:e7:12:21:4c:4c:6c:78:
62:16:3b:d5:4b:b5:64:fe:c5:8f:40:bb:a2:90:86:7b:df:65:
1b:6a:52:01:4a:8c:a3:9e:d6:9c:66:15:19:1b:1e:dc:4f:8b:
5e:ba:98:c5:3a:b8:2a:1f:d2:3a:42:bd:d0:c1:ea:ea:93:77:
4c:04:cc:12:82:91:0a:87:9f:8d:91:67:8b:4e:2a:b3:21:ab:
0b:1b:6d:a5:dc:94:63:e0:65:60:05:de:65:23:a4:32:b4:10:
1e:74:4b:f1:10:9d:8e:8f:d6:73:dd:fd:3c:59:4c:d7:a4:48:
7c:32:0e:5d:f2:66:b8:d7:24:f6:18:f6:03:30:b5:40:09:8e:
22:10:a8:48:db:6e:1f:ce:2c:fe:f0:94:be:42:da:cb:2b:b8:
6d:64:ba:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks6Fxmr6k7duk76aFtuBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2
ODk5MDgwHhcNMjUwMTAyMDE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI2ZTkyNWY0YWVlNzNiZTYxMjUwZDFiMjZkZjIwNGYwMzYzZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWo1s2gfzKxNuE+hZt86EyewOmxC
rkovC351tYC9je1hp4VOnWE5YtRgkguZTyuuT2dXChVDPxjf3AZoTyF8RIZV5/ta
mkrRVt/FmPIC8frcSD8DkrKE/J8JCXJLkDuacylHNox7CA0gU99hjRjsvc1tSyDN
QZ43hU6ad6mwJ4S2rTe9ojhEyjTPnLhofR1Ibh/IiOLg5WpEh3EuD1Njs5Y+70vR
S9/Jzifc1WUwwD/D/pLwhYYdd/uS4m3D6cYq85yLEu9LNSDKhC8A8IEP0PKNTU0n
fo6CNCa1BBwjGU1YhWMiaRhOURHJQv0qfDAe5J2PECeWldinREhuoFvJdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNYm6SX0ruc75hJQ0bJt8gTwNj7HMB8GA1UdIwQY
MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt
ODBiNTExOGFiYWY2LzEvMWlicEpmU3U1enZtRWxEUnNtM3lCUEEyUHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2
LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9NEAwQB
w0KcMA0GCSqGSIb3DQEBCwUAA4IBAQB364csvUQTrKvdmAxPND0ecgakh3CDQJl9
HxfrWkWkvFmYLRHFehM6yt2HnBbZsl5XIPKeKDicW9fU6sJnMDDtJCUyimxaPmTN
6YK1COBBXnVT8B3dmYu2V+lHGaWy0LoQYXjsL+cSIUxMbHhiFjvVS7Vk/sWPQLui
kIZ732UbalIBSoyjntacZhUZGx7cT4teupjFOrgqH9I6Qr3Qwerqk3dMBMwSgpEK
h5+NkWeLTiqzIasLG22l3JRj4GVgBd5lI6QytBAedEvxEJ2Oj9Zz3f08WUzXpEh8
Mg5d8ma41yT2GPYDMLVACY4iEKhI224fziz+8JS+QtrLK7htZLrh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:40 2025 by rpki-client on console.sobornost.net