Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/pJ8B6gtnj6CL56vYC6LrCO5oBmo.roa
File: pJ8B6gtnj6CL56vYC6LrCO5oBmo.roa (raw, json)
Hash identifier: F88j9ZRyVWoqzEm3QsXJ4KW1kEET+j/VAKZytfrtK/M=
Subject key identifier: A4:9F:01:EA:0B:67:8F:A0:8B:E7:AB:D8:0B:A2:EB:08:EE:68:06:6A
Certificate issuer: /CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Certificate serial: 0194252153DDF86FE1DA9A808BA8C336D419
Authority key identifier: 34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/pJ8B6gtnj6CL56vYC6LrCO5oBmo.roa
Signing time: Thu 02 Jan 2025 03:48:48 +0000
ROA not before: Thu 02 Jan 2025 03:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211600
IP address blocks: 91.195.150.0/23 maxlen: 24
2001:678:2e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:53:dd:f8:6f:e1:da:9a:80:8b:a8:c3:36:d4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34cb956ec3a14f6f5e4b76d54342fa98d59c77a6
Validity
Not Before: Jan 2 03:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a49f01ea0b678fa08be7abd80ba2eb08ee68066a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:55:fb:13:96:a7:18:c7:27:f2:85:62:3e:
61:ea:44:b0:d7:ce:74:c3:0b:70:f8:eb:7f:eb:ab:
68:82:17:98:f2:f4:46:f3:98:fd:bd:e5:2e:ac:ea:
b6:b8:ac:cc:72:44:cf:09:28:44:b0:e7:9d:d9:6a:
0f:4b:7b:52:30:33:ee:e6:4f:c8:b4:20:3a:26:3d:
a3:23:ff:98:19:8f:ec:dc:02:9a:41:57:d8:cd:e0:
b6:dc:d2:52:ed:80:56:11:83:b4:ec:d6:fb:f1:21:
dc:66:31:89:4c:47:31:da:33:5e:1d:30:b0:ae:32:
74:f1:06:3e:60:fe:e7:b5:09:29:d5:15:2c:8f:68:
40:a6:5d:dc:93:6b:0e:21:67:55:04:ba:dd:06:97:
83:ec:44:d9:d3:82:96:00:4b:66:cf:54:2a:4c:f8:
d8:60:79:03:99:ea:29:1c:03:2c:73:56:d0:14:e3:
76:f4:7e:69:2a:b6:92:a9:c7:7c:46:63:64:b6:ad:
c2:27:8c:e6:41:e0:9d:58:3f:ab:ff:7a:cb:71:6b:
94:26:62:30:ff:03:23:5c:ed:bd:d1:59:2a:9a:7a:
b8:82:79:5b:c0:fa:c1:7a:af:40:57:a5:52:6a:3c:
94:76:b3:20:ea:e5:a5:cc:7f:59:e7:bb:50:a7:23:
e9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9F:01:EA:0B:67:8F:A0:8B:E7:AB:D8:0B:A2:EB:08:EE:68:06:6A
X509v3 Authority Key Identifier:
keyid:34:CB:95:6E:C3:A1:4F:6F:5E:4B:76:D5:43:42:FA:98:D5:9C:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/pJ8B6gtnj6CL56vYC6LrCO5oBmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/14f9f5-25d7-45e8-bc24-9a688080a579/1/NMuVbsOhT29eS3bVQ0L6mNWcd6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.150.0/23
IPv6:
2001:678:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:22:31:18:d9:b6:77:d1:f3:45:5c:48:96:5f:1d:35:62:ab:
c0:ce:25:9b:e9:0e:66:1c:58:f0:d8:fc:ab:d7:e0:6f:02:ed:
7d:8b:d2:87:bb:42:a6:40:e9:26:e5:c2:35:5a:32:1c:5e:bf:
36:b8:65:72:86:6e:25:46:28:bb:36:3c:1a:df:1d:d4:28:e5:
72:2c:7e:08:37:a3:83:e9:f1:78:83:ba:6e:af:79:cd:f3:ad:
65:14:e5:55:43:fb:39:8d:39:f4:39:ba:ca:9b:e1:66:f7:80:
85:7b:e4:8c:15:ee:d0:fd:e3:aa:69:9d:82:fd:3d:b6:90:53:
26:d2:94:b6:c3:b3:32:4e:d9:98:e9:02:5b:28:02:91:b0:b9:
d7:48:a2:81:5c:0f:d5:41:09:49:fa:1e:9d:e5:c1:dd:b0:51:
39:2d:83:3d:06:a5:f2:d0:08:65:d9:c8:b8:fa:1c:6b:fc:20:
71:2d:7f:b5:27:7b:94:91:c6:a3:25:c4:72:c7:4c:89:e7:8a:
f6:4f:2c:c0:43:8c:e7:a8:7c:b1:d4:b9:81:47:fa:50:87:3a:
b0:12:ce:8d:a2:6b:82:92:b1:23:13:cc:1d:25:c9:4d:6c:62:
77:f2:1b:c4:00:0f:43:43:fa:3a:2e:b5:99:8b:d6:aa:e5:ca:
3c:75:77:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIVPd+G/h2pqAi6jDNtQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2I5NTZlYzNhMTRmNmY1ZTRiNzZkNTQzNDJmYTk4ZDU5
Yzc3YTYwHhcNMjUwMTAyMDM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDlmMDFlYTBiNjc4ZmEwOGJlN2FiZDgwYmEyZWIwOGVlNjgwNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZhV+xOWpxjHJ/KFYj5h6kSw1850
wwtw+Ot/66togheY8vRG85j9veUurOq2uKzMckTPCShEsOed2WoPS3tSMDPu5k/I
tCA6Jj2jI/+YGY/s3AKaQVfYzeC23NJS7YBWEYO07Nb78SHcZjGJTEcx2jNeHTCw
rjJ08QY+YP7ntQkp1RUsj2hApl3ck2sOIWdVBLrdBpeD7ETZ04KWAEtmz1QqTPjY
YHkDmeopHAMsc1bQFON29H5pKraSqcd8RmNktq3CJ4zmQeCdWD+r/3rLcWuUJmIw
/wMjXO290Vkqmnq4gnlbwPrBeq9AV6VSajyUdrMg6uWlzH9Z57tQpyPpZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKSfAeoLZ4+gi+er2Aui6wjuaAZqMB8GA1UdIwQY
MBaAFDTLlW7DoU9vXkt21UNC+pjVnHemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQt
OWE2ODgwODBhNTc5LzEvcEo4QjZndG5qNkNMNTZ2WUM2THJDTzVvQm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNGY5ZjUtMjVkNy00NWU4LWJjMjQtOWE2ODgwODBhNTc5
LzEvTk11VmJzT2hUMjllUzNiVlEwTDZtTldjZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8OWMA8E
AgACMAkDBwAgAQZ4AuAwDQYJKoZIhvcNAQELBQADggEBAAwiMRjZtnfR80VcSJZf
HTViq8DOJZvpDmYcWPDY/KvX4G8C7X2L0oe7QqZA6SblwjVaMhxevza4ZXKGbiVG
KLs2PBrfHdQo5XIsfgg3o4Pp8XiDum6vec3zrWUU5VVD+zmNOfQ5usqb4Wb3gIV7
5IwV7tD946ppnYL9PbaQUybSlLbDszJO2ZjpAlsoApGwuddIooFcD9VBCUn6Hp3l
wd2wUTktgz0GpfLQCGXZyLj6HGv8IHEtf7Une5SRxqMlxHLHTInnivZPLMBDjOeo
fLHUuYFH+lCHOrASzo2ia4KSsSMTzB0lyU1sYnfyG8QAD0ND+joutZmL1qrlyjx1
d1k=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:46 2025 by rpki-client on console.sobornost.net