Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/A2XZpMhjoSl2eIpUcSwowos8QQA.roa
File: A2XZpMhjoSl2eIpUcSwowos8QQA.roa (raw, json)
Hash identifier: 7IQHzb+LeNjLi41+XbYgKffdbEsxRoe4BI+dUjjQXH8=
Subject key identifier: 03:65:D9:A4:C8:63:A1:29:76:78:8A:54:71:2C:28:C2:8B:3C:41:00
Certificate issuer: /CN=e23cb7d9e521e6469fd7e2ad13603fb7eebfe0e0
Certificate serial: 019421445C65BDA2D5E9BE80950B4CA8C1CF
Authority key identifier: E2:3C:B7:D9:E5:21:E6:46:9F:D7:E2:AD:13:60:3F:B7:EE:BF:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jy32eUh5kaf1-KtE2A_t-6_4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/A2XZpMhjoSl2eIpUcSwowos8QQA.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31117
IP address blocks: 91.148.0.0/18 maxlen: 18
185.242.56.0/22 maxlen: 22
2a03:1d80::/29 maxlen: 29
2a03:1d87:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5c:65:bd:a2:d5:e9:be:80:95:0b:4c:a8:c1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23cb7d9e521e6469fd7e2ad13603fb7eebfe0e0
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0365d9a4c863a12976788a54712c28c28b3c4100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:33:36:d6:54:d5:45:ca:6c:cc:ff:3a:86:
12:7b:1d:25:b5:37:9d:bc:d2:ee:4b:4b:ab:58:a0:
2f:5a:cb:cf:7b:47:03:b2:c9:0f:82:fa:ea:a2:3d:
c2:20:0e:fe:a1:ef:ed:fd:1b:60:b4:0a:fe:d4:af:
12:d9:41:80:b6:4e:f8:65:e7:42:5d:2c:ff:eb:d1:
13:a5:55:5e:fc:1e:5f:3d:36:6d:7e:5a:d1:9a:e4:
30:77:6c:ba:c4:ee:f4:f7:58:65:3e:a2:2c:f1:cd:
45:4d:4f:ed:38:32:54:1a:36:a1:1f:13:d7:59:3e:
d5:04:c5:af:2e:09:40:b5:62:2a:d3:82:b7:9e:38:
58:4a:74:2f:a6:d1:29:fd:55:a4:07:d8:3b:02:28:
aa:e1:41:8e:de:43:99:ec:01:36:b2:37:7c:df:58:
7f:8b:6a:75:de:d3:18:67:f8:8b:5c:13:c6:76:dc:
23:b9:53:4d:5a:27:fa:ae:d3:2a:fc:c8:0b:10:9c:
3e:07:09:8d:18:19:0a:46:e7:d5:3a:aa:6b:d0:67:
1e:22:ff:46:29:61:4c:a7:dc:91:27:69:92:29:a8:
35:72:6f:6d:2c:55:d4:4c:5b:7d:e6:ab:63:39:8e:
97:2f:de:c9:38:c2:63:12:a9:2f:b2:3d:15:22:4f:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:65:D9:A4:C8:63:A1:29:76:78:8A:54:71:2C:28:C2:8B:3C:41:00
X509v3 Authority Key Identifier:
keyid:E2:3C:B7:D9:E5:21:E6:46:9F:D7:E2:AD:13:60:3F:B7:EE:BF:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jy32eUh5kaf1-KtE2A_t-6_4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/A2XZpMhjoSl2eIpUcSwowos8QQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/4jy32eUh5kaf1-KtE2A_t-6_4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.148.0.0/18
185.242.56.0/22
IPv6:
2a03:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
34:b5:98:16:a4:c0:22:a3:fd:7c:11:6e:97:c6:34:e6:04:f0:
0a:2d:cc:e5:ba:69:de:5f:e4:29:da:04:8c:0b:9e:ed:44:11:
be:17:0f:cf:15:9d:52:07:16:ed:cd:9f:8e:73:ba:f6:6f:c4:
97:a9:6b:9c:96:4d:47:6e:cb:40:88:28:57:13:94:f3:ed:3e:
29:17:9e:03:d1:bc:22:dd:ea:27:9e:ef:ab:91:a2:c3:ba:0b:
26:77:30:f9:7d:07:f0:62:0d:c6:9b:b0:f4:0d:24:1c:02:44:
8e:ab:09:79:04:8f:d8:96:f0:c9:3c:54:e6:96:3d:d7:ce:20:
12:ee:d1:d8:47:f2:81:5f:d7:f9:7f:b9:66:7b:12:e2:53:78:
bc:3b:4a:f0:76:50:ef:cb:f0:c9:8b:b0:25:b3:bf:a1:94:8b:
d2:65:0f:7f:57:b6:2b:55:b4:b4:3d:bc:7a:8d:11:f7:42:42:
58:e7:99:1c:46:c8:81:27:c0:9f:28:cf:fc:93:5e:96:c6:24:
3d:66:eb:06:46:7e:78:09:b3:fb:4f:e7:bb:a7:8c:f2:43:60:
6f:e3:07:3c:5a:e8:f4:34:e0:a8:dd:b8:d6:b8:bf:8d:85:2f:
7e:a1:31:7e:47:c2:8e:36:c2:89:8a:ee:10:05:7e:9f:3d:5f:
b5:bc:09:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRFxlvaLV6b6AlQtMqMHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyM2NiN2Q5ZTUyMWU2NDY5ZmQ3ZTJhZDEzNjAzZmI3ZWVi
ZmUwZTAwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY1ZDlhNGM4NjNhMTI5NzY3ODhhNTQ3MTJjMjhjMjhiM2M0MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFMzNtZU1UXKbMz/OoYSex0ltTed
vNLuS0urWKAvWsvPe0cDsskPgvrqoj3CIA7+oe/t/RtgtAr+1K8S2UGAtk74ZedC
XSz/69ETpVVe/B5fPTZtflrRmuQwd2y6xO7091hlPqIs8c1FTU/tODJUGjahHxPX
WT7VBMWvLglAtWIq04K3njhYSnQvptEp/VWkB9g7Aiiq4UGO3kOZ7AE2sjd831h/
i2p13tMYZ/iLXBPGdtwjuVNNWif6rtMq/MgLEJw+BwmNGBkKRufVOqpr0GceIv9G
KWFMp9yRJ2mSKag1cm9tLFXUTFt95qtjOY6XL97JOMJjEqkvsj0VIk/sWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFANl2aTIY6EpdniKVHEsKMKLPEEAMB8GA1UdIwQY
MBaAFOI8t9nlIeZGn9firRNgP7fuv+DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGp5MzJlVWg1a2FmMS1LdEUyQV90LTZfNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjY5OGMtNjQwOS00NTljLWIwNDYt
ZWE2ZjcwNWQyYzBkLzEvQTJYWnBNaGpvU2wyZUlwVWNTd293b3M4UVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjY5OGMtNjQwOS00NTljLWIwNDYtZWE2ZjcwNWQyYzBk
LzEvNGp5MzJlVWg1a2FmMS1LdEUyQV90LTZfNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW5QAAwQC
ufI4MA0EAgACMAcDBQMqAx2AMA0GCSqGSIb3DQEBCwUAA4IBAQA0tZgWpMAio/18
EW6XxjTmBPAKLczlumneX+Qp2gSMC57tRBG+Fw/PFZ1SBxbtzZ+Oc7r2b8SXqWuc
lk1HbstAiChXE5Tz7T4pF54D0bwi3eonnu+rkaLDugsmdzD5fQfwYg3Gm7D0DSQc
AkSOqwl5BI/YlvDJPFTmlj3XziAS7tHYR/KBX9f5f7lmexLiU3i8O0rwdlDvy/DJ
i7Als7+hlIvSZQ9/V7YrVbS0Pbx6jRH3QkJY55kcRsiBJ8CfKM/8k16WxiQ9ZusG
Rn54CbP7T+e7p4zyQ2Bv4wc8Wuj0NOCo3bjWuL+NhS9+oTF+R8KONsKJiu4QBX6f
PV+1vAm9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net