Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa
File: 3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa (raw, json)
Hash identifier: Lzgk9VM3/0+YuHabQnt8dL/9QNx4stqWd1uOafztoy0=
Subject key identifier: DF:26:C3:3C:A8:80:D3:00:EF:F1:F8:18:AA:A2:63:AC:69:6B:81:9A
Certificate issuer: /CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Certificate serial: 019422FC2D70F7F5FB31CB74E43C1976731E
Authority key identifier: 0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60667
IP address blocks: 91.132.102.0/24 maxlen: 24
2a13:1e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2d:70:f7:f5:fb:31:cb:74:e4:3c:19:76:73:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df26c33ca880d300eff1f818aaa263ac696b819a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9d:a3:98:2e:7e:0e:41:1f:fd:8d:ec:47:5a:
11:72:e9:0c:bb:ed:51:1f:99:af:1d:61:cb:00:51:
63:21:36:ce:42:97:ec:87:57:a7:91:7d:30:79:bf:
05:82:7f:bb:b4:a1:06:65:87:3f:0d:0a:ea:99:2f:
f1:10:6a:eb:a6:a1:3f:ee:39:f9:95:fd:7b:f2:a5:
82:45:13:7b:2c:e6:10:33:85:3d:f3:bf:09:de:39:
c9:31:a5:cc:46:97:e5:e1:9b:18:f7:13:4a:07:3e:
d1:30:5f:54:bd:bf:ff:38:24:27:fb:fd:d4:26:cb:
62:71:80:aa:93:73:65:df:06:b6:db:2e:f8:9f:5b:
67:19:de:1d:94:8f:a1:42:ac:70:01:26:8e:87:0a:
62:fa:71:df:be:eb:ca:6e:e8:e1:c8:b6:be:9e:32:
3a:29:f5:1f:b9:34:af:72:55:f4:f7:9f:ed:e8:38:
34:1c:1f:9b:e1:f5:a2:bd:5c:ae:05:7d:93:0f:9f:
e3:6a:f8:be:47:05:99:d8:b7:85:98:a2:a3:6c:e4:
a9:7e:f3:d5:ba:3f:5a:f5:f0:08:e9:90:5b:12:1c:
bf:b7:e5:7e:2a:9f:ab:db:0d:63:67:7e:6d:c8:9f:
de:34:78:ce:19:1e:4a:12:4c:16:29:71:1e:90:f2:
1e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:26:C3:3C:A8:80:D3:00:EF:F1:F8:18:AA:A2:63:AC:69:6B:81:9A
X509v3 Authority Key Identifier:
keyid:0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.102.0/24
IPv6:
2a13:1e00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:79:41:b1:08:69:02:f4:fe:d1:ef:d7:cf:4a:52:cd:12:31:
f8:94:25:c4:d3:99:5d:48:cd:81:c9:8b:56:c2:8e:db:66:5a:
54:e9:ef:99:24:7d:2a:16:f8:16:36:2c:db:fe:55:2e:b8:e9:
59:5f:2a:d1:d6:eb:15:88:5e:df:c9:68:c5:60:c6:53:22:93:
ee:cb:68:9e:39:c2:a8:f0:ff:72:83:02:61:e1:ce:79:9c:b5:
71:32:8c:66:3b:41:01:b7:8e:e0:a0:57:89:20:e2:36:c8:5e:
aa:7c:c2:ca:e3:84:fc:34:26:26:43:16:1b:58:a1:1c:b7:0f:
6c:84:36:5e:df:af:0c:17:89:30:a2:47:f6:1a:0c:f0:f7:76:
77:e5:a1:30:10:7e:b3:e5:e1:8c:cf:41:09:5b:1f:aa:2d:98:
88:75:0a:e8:bd:ab:fd:c5:cf:67:04:49:57:b9:14:a8:25:b0:
e4:6e:af:cf:1f:7e:5b:7a:bd:15:17:19:5c:93:b2:55:98:56:
03:5f:5d:59:10:42:9d:59:2b:c8:ca:30:ff:60:a8:64:b5:6f:
6c:c5:a5:7b:ca:3c:41:64:20:e7:05:8d:24:1d:79:5c:72:58:
91:6b:11:9b:52:00:b4:b2:16:e7:b1:89:fe:f5:f0:17:8d:06:
a7:bb:c7:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/C1w9/X7Mct05DwZdnMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjJhMGVlM2JjNmUzMmQ4OTJlZGRlMjU3Y2JiNzk5MTc5
ZjJjZDYwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI2YzMzY2E4ODBkMzAwZWZmMWY4MThhYWEyNjNhYzY5NmI4MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq52jmC5+DkEf/Y3sR1oRcukMu+1R
H5mvHWHLAFFjITbOQpfsh1enkX0web8Fgn+7tKEGZYc/DQrqmS/xEGrrpqE/7jn5
lf178qWCRRN7LOYQM4U9878J3jnJMaXMRpfl4ZsY9xNKBz7RMF9Uvb//OCQn+/3U
JsticYCqk3Nl3wa22y74n1tnGd4dlI+hQqxwASaOhwpi+nHfvuvKbujhyLa+njI6
KfUfuTSvclX095/t6Dg0HB+b4fWivVyuBX2TD5/javi+RwWZ2LeFmKKjbOSpfvPV
uj9a9fAI6ZBbEhy/t+V+Kp+r2w1jZ35tyJ/eNHjOGR5KEkwWKXEekPIeKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN8mwzyogNMA7/H4GKqiY6xpa4GaMB8GA1UdIwQY
MBaAFA8ioO47xuMtiS7d4lfLt5kXnyzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDct
NDJkNjc4NDA5NDRkLzEvM3liRFBLaUEwd0R2OGZnWXFxSmpyR2xyZ1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDctNDJkNjc4NDA5NDRk
LzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW4RmMA0E
AgACMAcDBQMqEx4AMA0GCSqGSIb3DQEBCwUAA4IBAQAceUGxCGkC9P7R79fPSlLN
EjH4lCXE05ldSM2ByYtWwo7bZlpU6e+ZJH0qFvgWNizb/lUuuOlZXyrR1usViF7f
yWjFYMZTIpPuy2ieOcKo8P9ygwJh4c55nLVxMoxmO0EBt47goFeJIOI2yF6qfMLK
44T8NCYmQxYbWKEctw9shDZe368MF4kwokf2Ggzw93Z35aEwEH6z5eGMz0EJWx+q
LZiIdQrovav9xc9nBElXuRSoJbDkbq/PH35ber0VFxlck7JVmFYDX11ZEEKdWSvI
yjD/YKhktW9sxaV7yjxBZCDnBY0kHXlccliRaxGbUgC0shbnsYn+9fAXjQanu8dk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net