Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ILIvvSN7jhBNrgAFepnE5fxAfIc.roa
File: ILIvvSN7jhBNrgAFepnE5fxAfIc.roa (raw, json)
Hash identifier: qrswcvi6gW3Bxpx7V6TKM6+tVg0zuZnKPktwjp/YCHs=
Subject key identifier: 20:B2:2F:BD:23:7B:8E:10:4D:AE:00:05:7A:99:C4:E5:FC:40:7C:87
Certificate issuer: /CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Certificate serial: 01942826D80F10CAFCFF4D29C1830AD20B98
Authority key identifier: A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ILIvvSN7jhBNrgAFepnE5fxAfIc.roa
Signing time: Thu 02 Jan 2025 17:53:41 +0000
ROA not before: Thu 02 Jan 2025 17:53:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211664
IP address blocks: 91.232.22.0/24 maxlen: 24
91.232.23.0/24 maxlen: 24
185.226.241.0/24 maxlen: 24
185.226.242.0/24 maxlen: 24
2a0c:7680:1337::/48 maxlen: 48
2a12:84c0:1::/48 maxlen: 48
2a12:84c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:d8:0f:10:ca:fc:ff:4d:29:c1:83:0a:d2:0b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Validity
Not Before: Jan 2 17:53:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20b22fbd237b8e104dae00057a99c4e5fc407c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:71:36:50:20:45:bc:ba:70:db:91:67:b0:
b5:14:70:17:6c:fe:65:00:9c:35:fa:19:61:c9:b4:
f1:86:70:74:5f:11:61:d9:86:e8:07:9a:71:e7:9f:
a0:62:b3:b7:9d:88:7a:0a:67:16:11:8a:2f:0c:d4:
98:08:65:d1:69:be:e8:78:09:3c:5c:69:d8:c2:98:
9c:5a:02:c2:60:8e:80:c8:d8:da:01:30:d4:4f:42:
6f:0b:ea:06:92:3e:de:7d:fa:e0:84:ca:42:b0:ea:
48:2a:cf:6a:c7:58:0d:7f:39:52:bd:85:b0:bf:fe:
d8:eb:d1:9d:1b:75:8e:57:45:34:91:3a:aa:57:77:
34:9c:a4:32:9a:ce:99:2b:d4:6c:65:47:da:3a:6d:
03:32:82:7a:5c:68:3a:67:56:bd:a8:a8:45:4c:e6:
13:8a:92:8f:af:e4:33:04:55:3a:90:c8:c7:d0:d2:
2a:6d:63:dd:07:0a:df:c3:3c:50:3c:b7:f3:29:7f:
b9:c0:b9:64:9c:1e:14:cf:bd:26:18:42:d7:23:4b:
23:3d:a3:8c:6b:82:92:62:f4:19:cc:ca:6e:7d:6f:
e7:e0:e3:c1:6e:12:cd:35:bc:05:2b:b6:67:c1:89:
ce:67:27:91:c5:b2:8b:42:11:83:2e:7a:c4:3d:7d:
b3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B2:2F:BD:23:7B:8E:10:4D:AE:00:05:7A:99:C4:E5:FC:40:7C:87
X509v3 Authority Key Identifier:
keyid:A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ILIvvSN7jhBNrgAFepnE5fxAfIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.22.0/23
185.226.241.0-185.226.242.255
IPv6:
2a0c:7680:1337::/48
2a12:84c0:1::-2a12:84c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:f1:68:9c:9f:02:55:bc:e5:e4:97:61:5a:8a:6e:f2:12:72:
ea:14:a1:3c:97:6d:90:b6:41:5f:8a:42:73:3b:9b:d9:d5:c1:
18:f1:57:59:ef:79:81:77:67:3e:3d:52:86:16:62:0c:ab:54:
4e:04:b2:3b:89:d1:e1:a5:3a:f7:aa:79:4c:30:5a:48:d4:25:
d5:fa:d0:14:99:31:07:fb:dc:74:d3:7f:3c:fb:6d:76:3d:43:
30:42:93:ab:0d:0b:8b:24:ac:f7:16:bc:1d:ed:fa:d4:96:2b:
f8:6d:20:80:84:c0:9f:db:43:cc:fe:8e:1c:f8:46:37:3c:97:
ed:90:65:e3:f9:17:c3:3d:de:c9:0b:c0:df:6e:62:d3:5c:c7:
07:a3:b6:f5:a4:21:49:a3:82:69:97:d0:12:20:00:0b:e6:56:
84:90:cd:ee:fc:d9:ed:50:cf:50:67:f4:09:40:f7:eb:c3:54:
79:07:6b:5e:80:90:19:8b:cf:71:1a:8a:00:07:12:ac:b2:74:
4c:07:4f:fa:3e:87:6e:ed:e8:35:46:0c:0e:d7:ce:35:8c:f5:
0d:e4:04:64:47:24:ef:9a:fd:c0:42:71:d5:a3:02:10:8c:8e:
87:6d:6f:a8:65:9f:8c:78:af:99:4f:ef:7a:a7:2f:c9:95:76:
84:52:59:60
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQoJtgPEMr8/00pwYMK0guYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGFlNzY3OGEzOTY5NjllNjM0MGM5ZGNiNjVjZGU5ZTMy
OTU1NGEwHhcNMjUwMTAyMTc1MzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGIyMmZiZDIzN2I4ZTEwNGRhZTAwMDU3YTk5YzRlNWZjNDA3Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQhxNlAgRby6cNuRZ7C1FHAXbP5l
AJw1+hlhybTxhnB0XxFh2YboB5px55+gYrO3nYh6CmcWEYovDNSYCGXRab7oeAk8
XGnYwpicWgLCYI6AyNjaATDUT0JvC+oGkj7effrghMpCsOpIKs9qx1gNfzlSvYWw
v/7Y69GdG3WOV0U0kTqqV3c0nKQyms6ZK9RsZUfaOm0DMoJ6XGg6Z1a9qKhFTOYT
ipKPr+QzBFU6kMjH0NIqbWPdBwrfwzxQPLfzKX+5wLlknB4Uz70mGELXI0sjPaOM
a4KSYvQZzMpufW/n4OPBbhLNNbwFK7ZnwYnOZyeRxbKLQhGDLnrEPX2zRQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFCCyL70je44QTa4ABXqZxOX8QHyHMB8GA1UdIwQY
MBaAFKDa52eKOWlp5jQMnctlzenjKVVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDct
ZjczNWUzZGFmZDUzLzEvSUxJdnZTTjdqaEJOcmdBRmVwbkU1ZnhBZkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDctZjczNWUzZGFmZDUz
LzEvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAaBAIAATAUAwQBW+gWMAwD
BAC54vEDBAC54vIwIwQCAAIwHQMHACoMdoATNzASAwcAKhKEwAABAwcAKhKEwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCe8WicnwJVvOXkl2Faim7yEnLqFKE8l22QtkFf
ikJzO5vZ1cEY8VdZ73mBd2c+PVKGFmIMq1ROBLI7idHhpTr3qnlMMFpI1CXV+tAU
mTEH+9x00388+212PUMwQpOrDQuLJKz3Frwd7frUliv4bSCAhMCf20PM/o4c+EY3
PJftkGXj+RfDPd7JC8DfbmLTXMcHo7b1pCFJo4Jpl9ASIAAL5laEkM3u/NntUM9Q
Z/QJQPfrw1R5B2tegJAZi89xGooABxKssnRMB0/6Podu7eg1RgwO1841jPUN5ARk
RyTvmv3AQnHVowIQjI6HbW+oZZ+MeK+ZT+96py/JlXaEUllg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net