Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/M1fWkBIHAuVSUFxtDGIthqqmrJE.roa
File: M1fWkBIHAuVSUFxtDGIthqqmrJE.roa (raw, json)
Hash identifier: +6gCxjSejI/as6boiaKhDkfwSxB7S4u8Oz//yZsKkyM=
Subject key identifier: 33:57:D6:90:12:07:02:E5:52:50:5C:6D:0C:62:2D:86:AA:A6:AC:91
Certificate issuer: /CN=0f89c8697f7792caaf599664e89ace65244f8ae8
Certificate serial: 019421B208F605F3048D3AAE670236D231A8
Authority key identifier: 0F:89:C8:69:7F:77:92:CA:AF:59:96:64:E8:9A:CE:65:24:4F:8A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D4nIaX93ksqvWZZk6JrOZSRPiug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/M1fWkBIHAuVSUFxtDGIthqqmrJE.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51690
IP address blocks: 91.220.33.0/24 maxlen: 24
185.9.200.0/23 maxlen: 23
185.9.202.0/24 maxlen: 24
185.9.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:08:f6:05:f3:04:8d:3a:ae:67:02:36:d2:31:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f89c8697f7792caaf599664e89ace65244f8ae8
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3357d690120702e552505c6d0c622d86aaa6ac91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:86:5d:95:86:53:61:7c:8c:bb:1f:44:b1:de:
a3:91:bf:61:42:de:9d:22:d0:e9:94:53:b5:e8:db:
19:38:1e:9b:fa:7f:14:38:37:40:6b:5f:bf:91:1f:
69:f7:0f:29:66:85:38:50:59:02:de:76:71:2f:80:
26:39:7b:e5:8e:d9:3c:87:f4:29:ba:e4:3e:34:a4:
9e:2d:7b:da:22:bc:48:d4:9f:0f:d9:ee:6b:d2:54:
a1:15:91:bc:af:00:00:46:c8:4d:e3:65:5b:42:6d:
b2:df:d0:07:9e:5e:11:21:e1:2c:c6:a9:d4:d5:1b:
7e:9b:cd:af:9e:de:8a:16:86:35:13:5f:b8:d9:85:
09:e9:30:6b:c6:9e:cc:bf:d1:4a:80:b1:a8:fc:9e:
2d:87:58:26:22:a0:da:fd:83:10:c1:45:41:a7:db:
2c:d2:90:32:5d:89:83:df:02:f4:03:be:57:1f:23:
c5:e7:f1:1d:bf:57:3b:a9:7f:47:6f:5b:0c:05:47:
d3:9b:e7:6c:9c:0d:75:db:69:98:bc:87:55:b1:23:
6c:90:05:4e:4c:83:37:60:aa:43:3d:75:8f:40:09:
27:80:0a:7b:fa:b0:64:77:bd:74:ef:d2:a6:ad:78:
ee:b3:8f:87:83:26:5a:5c:b3:c1:12:bc:f2:2d:b2:
54:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:57:D6:90:12:07:02:E5:52:50:5C:6D:0C:62:2D:86:AA:A6:AC:91
X509v3 Authority Key Identifier:
keyid:0F:89:C8:69:7F:77:92:CA:AF:59:96:64:E8:9A:CE:65:24:4F:8A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4nIaX93ksqvWZZk6JrOZSRPiug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/M1fWkBIHAuVSUFxtDGIthqqmrJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/D4nIaX93ksqvWZZk6JrOZSRPiug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.33.0/24
185.9.200.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:4a:e0:a6:c6:10:2c:92:90:d3:b8:22:72:f3:a2:68:09:01:
28:8f:11:1f:b4:71:0d:49:30:e7:ce:3e:ab:e9:73:f1:10:99:
c9:fb:c4:78:d0:3e:b8:74:30:16:a0:56:cc:1c:22:51:7e:22:
63:1b:08:4e:41:77:72:0a:53:d9:84:28:78:77:ff:b9:9d:72:
44:a8:51:25:c5:6c:fa:67:59:a9:a3:f5:17:c4:d1:7c:2e:46:
26:66:a4:e7:f3:69:4d:93:ed:81:9d:24:a4:f6:5a:0d:3d:22:
ba:83:b0:e4:ad:7b:50:c9:dd:eb:9e:7b:23:41:a3:bb:88:9f:
ac:d4:14:8a:60:48:36:e3:ff:cd:3c:8c:d4:41:08:92:cb:0e:
99:49:85:08:dc:57:0e:1e:4e:e4:a1:c7:f3:ab:70:db:99:cd:
e0:1c:f4:ea:41:2a:c9:c9:de:96:1d:64:87:a5:bb:72:6f:20:
f1:11:b1:39:15:44:bf:c4:fe:cc:6c:4d:aa:ec:c1:a6:cd:bc:
5d:bc:72:98:a5:8d:d7:65:9e:47:63:02:b9:9e:93:f1:11:24:
56:9d:a1:ce:3a:f4:38:c5:a0:cd:a1:6b:28:8a:38:47:ab:4b:
88:07:7b:dd:8b:76:04:6f:87:4e:22:fb:07:4a:53:49:9d:b2:
af:0f:f4:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsgj2BfMEjTquZwI20jGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODljODY5N2Y3NzkyY2FhZjU5OTY2NGU4OWFjZTY1MjQ0
ZjhhZTgwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzU3ZDY5MDEyMDcwMmU1NTI1MDVjNmQwYzYyMmQ4NmFhYTZhYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIZdlYZTYXyMux9Esd6jkb9hQt6d
ItDplFO16NsZOB6b+n8UODdAa1+/kR9p9w8pZoU4UFkC3nZxL4AmOXvljtk8h/Qp
uuQ+NKSeLXvaIrxI1J8P2e5r0lShFZG8rwAARshN42VbQm2y39AHnl4RIeEsxqnU
1Rt+m82vnt6KFoY1E1+42YUJ6TBrxp7Mv9FKgLGo/J4th1gmIqDa/YMQwUVBp9ss
0pAyXYmD3wL0A75XHyPF5/Edv1c7qX9Hb1sMBUfTm+dsnA1122mYvIdVsSNskAVO
TIM3YKpDPXWPQAkngAp7+rBkd71079KmrXjus4+HgyZaXLPBErzyLbJU/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDNX1pASBwLlUlBcbQxiLYaqpqyRMB8GA1UdIwQY
MBaAFA+JyGl/d5LKr1mWZOiazmUkT4roMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRuSWFYOTNrc3F2V1paazZKck9aU1JQaXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZjMxODctM2JlYi00YzRiLTlhNDQt
ZDZiZDU1YTllMzZkLzEvTTFmV2tCSUhBdVZTVUZ4dERHSXRocXFtckpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZjMxODctM2JlYi00YzRiLTlhNDQtZDZiZDU1YTllMzZk
LzEvRDRuSWFYOTNrc3F2V1paazZKck9aU1JQaXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9whAwQC
uQnIMA0GCSqGSIb3DQEBCwUAA4IBAQAtSuCmxhAskpDTuCJy86JoCQEojxEftHEN
STDnzj6r6XPxEJnJ+8R40D64dDAWoFbMHCJRfiJjGwhOQXdyClPZhCh4d/+5nXJE
qFElxWz6Z1mpo/UXxNF8LkYmZqTn82lNk+2BnSSk9loNPSK6g7DkrXtQyd3rnnsj
QaO7iJ+s1BSKYEg24//NPIzUQQiSyw6ZSYUI3FcOHk7kocfzq3Dbmc3gHPTqQSrJ
yd6WHWSHpbtybyDxEbE5FUS/xP7MbE2q7MGmzbxdvHKYpY3XZZ5HYwK5npPxESRW
naHOOvQ4xaDNoWsoijhHq0uIB3vdi3YEb4dOIvsHSlNJnbKvD/Rz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net