Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9AnxnImjEc49reXZMK2FTMayLmk.roa
File: 9AnxnImjEc49reXZMK2FTMayLmk.roa (raw, json)
Hash identifier: 8tldiaw0Efa5JT0iNf3f5fRMFBv7jO6PfNRsCAPI7BY=
Subject key identifier: F4:09:F1:9C:89:A3:11:CE:3D:AD:E5:D9:30:AD:85:4C:C6:B2:2E:69
Certificate issuer: /CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Certificate serial: 01942444E20A2CCF86FB80E168742EDD3972
Authority key identifier: AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9AnxnImjEc49reXZMK2FTMayLmk.roa
Signing time: Wed 01 Jan 2025 23:48:01 +0000
ROA not before: Wed 01 Jan 2025 23:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24740
IP address blocks: 91.223.171.0/24 maxlen: 24
185.59.160.0/23 maxlen: 23
185.59.162.0/23 maxlen: 23
185.227.228.0/24 maxlen: 24
185.227.229.0/24 maxlen: 24
185.227.230.0/24 maxlen: 24
185.227.231.0/24 maxlen: 24
193.111.22.0/23 maxlen: 23
2a04:b4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e2:0a:2c:cf:86:fb:80:e1:68:74:2e:dd:39:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Validity
Not Before: Jan 1 23:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f409f19c89a311ce3dade5d930ad854cc6b22e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5c:66:16:16:e1:68:42:e3:3b:f0:91:f3:c7:
7c:f8:44:8f:2d:e4:6a:e2:be:ec:c0:d6:3c:24:14:
03:ac:99:c0:34:37:11:ba:fd:ec:44:59:37:1e:98:
14:35:cb:41:ce:8d:8e:9c:31:ea:e9:b5:05:82:9d:
b6:49:2b:59:14:89:96:d7:ab:27:89:2c:dd:b7:99:
e4:2f:1f:0e:08:29:41:8e:3a:2e:b2:70:5a:66:ab:
5f:b7:3b:ce:ef:a5:ff:e4:f4:7f:5e:67:3d:17:48:
0d:3e:17:a1:b5:86:42:11:de:d0:d2:44:d5:2b:be:
90:b2:0b:68:e6:51:c4:a6:5e:24:cf:ac:c9:6f:e5:
e9:a5:14:98:b4:9b:a8:94:15:05:b7:9f:2c:a6:58:
2a:c9:67:77:a3:3d:39:4d:25:bf:50:c1:8a:04:44:
ac:22:ea:65:bc:93:5c:49:53:62:37:00:35:2f:21:
a3:1a:18:17:34:2c:2c:d7:ca:26:38:88:70:32:65:
51:69:a0:67:eb:fd:73:6b:b1:dc:6b:c8:b6:7b:e4:
22:ec:8d:e7:0c:e3:86:c8:b3:9c:14:f5:3d:e1:e3:
83:ed:22:f7:8a:ef:37:52:0d:56:2b:cd:90:63:b0:
50:f3:d7:3d:c0:d1:a2:d4:8d:a5:b3:d8:3e:42:34:
7a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:09:F1:9C:89:A3:11:CE:3D:AD:E5:D9:30:AD:85:4C:C6:B2:2E:69
X509v3 Authority Key Identifier:
keyid:AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/9AnxnImjEc49reXZMK2FTMayLmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.171.0/24
185.59.160.0/22
185.227.228.0/22
193.111.22.0/23
IPv6:
2a04:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:2e:6e:bf:94:9b:04:7a:f3:2d:c3:34:71:9c:03:2c:1a:6a:
13:00:ca:d0:c3:bd:43:fb:c7:ea:2d:f0:2e:c3:c5:54:bd:cb:
e5:2c:87:29:25:67:1f:8a:57:b9:5c:d3:1c:96:a9:ba:a4:99:
4f:86:fc:6a:a8:e0:bf:a6:ff:68:74:1a:72:98:22:76:e6:75:
bc:1a:90:f3:b7:da:17:6f:82:74:50:1f:9d:b4:5c:65:54:5a:
2f:e8:c0:f2:5f:6c:f4:82:d2:59:a4:5e:91:ac:ce:63:96:75:
3b:c0:33:84:7c:4c:fe:7d:c2:05:ae:8e:23:05:91:cd:96:70:
2f:73:b6:59:b6:d1:97:e8:2d:e0:8c:4d:e3:c6:f7:33:6a:ee:
2c:2e:02:cd:e7:d0:50:5b:49:61:48:5b:dd:fa:fc:c9:74:42:
71:a9:6f:ff:ff:70:31:1c:b6:40:df:03:35:27:3a:a0:50:de:
a6:d7:40:ed:8f:b4:ef:1a:81:be:ac:f5:b1:73:37:e6:c3:65:
97:43:7f:c8:50:78:68:94:aa:b0:34:ea:16:89:6e:cb:02:d3:
fd:22:db:aa:9b:15:a4:4e:58:77:0c:03:74:99:f1:ca:d3:74:
2c:c3:ea:aa:70:b7:f8:b5:6c:71:2c:56:85:b4:2a:4d:dd:05:
ce:72:e1:3c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQkROIKLM+G+4DhaHQu3TlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGY5N2U2MzUwODIxOWI5NmNiYjIxMDYzNDNmNWUxYjZk
YzVhNGYwHhcNMjUwMTAxMjM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDA5ZjE5Yzg5YTMxMWNlM2RhZGU1ZDkzMGFkODU0Y2M2YjIyZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71xmFhbhaELjO/CR88d8+ESPLeRq
4r7swNY8JBQDrJnANDcRuv3sRFk3HpgUNctBzo2OnDHq6bUFgp22SStZFImW16sn
iSzdt5nkLx8OCClBjjousnBaZqtftzvO76X/5PR/Xmc9F0gNPhehtYZCEd7Q0kTV
K76Qsgto5lHEpl4kz6zJb+XppRSYtJuolBUFt58splgqyWd3oz05TSW/UMGKBESs
IuplvJNcSVNiNwA1LyGjGhgXNCws18omOIhwMmVRaaBn6/1za7Hca8i2e+Qi7I3n
DOOGyLOcFPU94eOD7SL3iu83Ug1WK82QY7BQ89c9wNGi1I2ls9g+QjR6UwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPQJ8ZyJoxHOPa3l2TCthUzGsi5pMB8GA1UdIwQY
MBaAFKoPl+Y1CCGblsuyEGND9eG23FpPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMt
ZjUxMWZkNjg4ZWRhLzEvOUFueG5JbWpFYzQ5cmVYWk1LMkZUTWF5TG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMtZjUxMWZkNjg4ZWRh
LzEvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9+rAwQC
uTugAwQCuePkAwQBwW8WMA0EAgACMAcDBQMqBLTAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWLm6/lJsEevMtwzRxnAMsGmoTAMrQw71D+8fqLfAuw8VUvcvlLIcpJWcfile5
XNMclqm6pJlPhvxqqOC/pv9odBpymCJ25nW8GpDzt9oXb4J0UB+dtFxlVFov6MDy
X2z0gtJZpF6RrM5jlnU7wDOEfEz+fcIFro4jBZHNlnAvc7ZZttGX6C3gjE3jxvcz
au4sLgLN59BQW0lhSFvd+vzJdEJxqW///3AxHLZA3wM1JzqgUN6m10Dtj7TvGoG+
rPWxczfmw2WXQ3/IUHholKqwNOoWiW7LAtP9ItuqmxWkTlh3DAN0mfHK03Qsw+qq
cLf4tWxxLFaFtCpN3QXOcuE8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net