Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ibvrneMp14yx1aeNF9L_aPTpyR8.roa
File: ibvrneMp14yx1aeNF9L_aPTpyR8.roa (raw, json)
Hash identifier: VZVseX73bEIVKUE/+ZPW5JNub6b1T9krDYglkTTQtpc=
Subject key identifier: 89:BB:EB:9D:E3:29:D7:8C:B1:D5:A7:8D:17:D2:FF:68:F4:E9:C9:1F
Certificate issuer: /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial: 01942369456A6F6C7D39EC85AF742E392E38
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ibvrneMp14yx1aeNF9L_aPTpyR8.roa
Signing time: Wed 01 Jan 2025 19:48:09 +0000
ROA not before: Wed 01 Jan 2025 19:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13273
IP address blocks: 91.216.209.0/24 maxlen: 24
185.21.152.0/22 maxlen: 24
185.114.208.0/22 maxlen: 24
195.54.62.0/23 maxlen: 24
213.91.0.0/18 maxlen: 24
213.162.32.0/19 maxlen: 24
213.162.32.0/20 maxlen: 24
213.162.62.0/24 maxlen: 24
2a04:1940::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:45:6a:6f:6c:7d:39:ec:85:af:74:2e:39:2e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Validity
Not Before: Jan 1 19:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89bbeb9de329d78cb1d5a78d17d2ff68f4e9c91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:f5:0d:b6:a7:0a:f6:f8:d5:aa:65:1b:57:
e9:4e:c3:9d:4e:3a:4b:96:16:88:86:8b:5f:21:57:
08:a4:3c:19:a7:7d:02:07:50:9d:f1:e4:b5:75:27:
16:dc:87:27:b3:20:ff:15:76:9f:8b:90:aa:ac:d0:
8b:8b:13:bb:b7:3c:87:6c:91:dc:f3:e3:ca:ae:6f:
d4:57:82:43:22:0f:3b:82:60:67:e2:dc:c0:39:c6:
e4:d0:35:d4:df:6f:dc:8e:05:0f:60:71:e7:22:b7:
93:ab:45:14:89:a4:2b:59:b4:a4:80:9a:3a:83:09:
91:95:50:06:14:1e:9f:c9:3e:9f:fd:a4:69:0f:f6:
1f:fc:15:f5:63:5e:d4:2e:52:3e:46:6e:2b:26:de:
44:5d:f9:3b:b8:3b:c7:02:25:53:75:54:94:4f:71:
c0:17:b4:84:70:5d:89:2a:b0:81:ef:ae:fa:28:cd:
bc:47:63:2b:17:6f:74:c0:4b:4e:2d:03:09:8d:d7:
46:da:bb:6a:ad:10:8d:ad:5e:bc:20:1c:72:b0:4d:
5f:73:f5:b0:d3:08:4d:77:db:04:a9:d5:31:d4:fa:
7a:56:18:8e:2a:c0:b9:5f:d9:33:7f:68:79:91:5f:
4d:ca:94:26:c4:2e:5e:ec:1b:53:ac:6f:b1:74:27:
73:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BB:EB:9D:E3:29:D7:8C:B1:D5:A7:8D:17:D2:FF:68:F4:E9:C9:1F
X509v3 Authority Key Identifier:
keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ibvrneMp14yx1aeNF9L_aPTpyR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
185.114.208.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/19
IPv6:
2a04:1940::/29
Signature Algorithm: sha256WithRSAEncryption
bf:d8:fd:63:54:71:cc:0c:c0:40:51:f8:53:bb:17:17:46:dc:
d2:82:8c:f7:ae:8a:af:52:87:86:ab:a3:df:9b:88:79:9d:5a:
6e:c4:45:62:69:e2:38:4e:17:f8:37:ce:92:be:c4:d8:3e:b8:
32:99:20:9c:3b:cb:d9:ca:74:e0:8c:c6:86:e6:d0:2e:df:96:
fe:97:1f:5c:ef:47:a9:78:96:b7:ca:ab:e9:f9:b2:00:8b:fc:
72:31:a2:c0:70:10:02:c8:74:95:fb:cb:46:4d:72:9a:25:b4:
a2:45:10:35:60:21:b0:ec:66:f9:ff:da:f0:13:bd:fa:9e:0c:
d4:4e:ef:a8:45:a5:90:95:7b:a4:f3:cf:4d:09:a8:01:fe:6b:
4a:55:bf:89:f2:fd:0d:63:3a:20:cd:f8:eb:c6:18:fd:25:1d:
34:45:3c:e9:bd:2c:a2:81:d6:d0:0c:b7:ff:87:53:97:5d:78:
f5:04:fe:5a:31:30:95:2a:e9:b9:42:2a:90:de:99:7d:ee:32:
a0:12:a6:61:c4:67:1b:2b:16:df:c2:3b:6b:50:83:75:40:25:
2a:bc:33:e1:3d:a3:50:ff:fe:de:95:df:2d:9d:d7:36:c9:a0:
49:d6:52:5c:e7:6f:ad:16:e1:fa:b7:78:ac:66:9f:78:68:5e:
a3:08:4e:5f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQjaUVqb2x9OeyFr3QuOS44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjUwMTAxMTk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJiZWI5ZGUzMjlkNzhjYjFkNWE3OGQxN2QyZmY2OGY0ZTljOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPz1DbanCvb41aplG1fpTsOdTjpL
lhaIhotfIVcIpDwZp30CB1Cd8eS1dScW3IcnsyD/FXafi5CqrNCLixO7tzyHbJHc
8+PKrm/UV4JDIg87gmBn4tzAOcbk0DXU32/cjgUPYHHnIreTq0UUiaQrWbSkgJo6
gwmRlVAGFB6fyT6f/aRpD/Yf/BX1Y17ULlI+Rm4rJt5EXfk7uDvHAiVTdVSUT3HA
F7SEcF2JKrCB7676KM28R2MrF290wEtOLQMJjddG2rtqrRCNrV68IBxysE1fc/Ww
0whNd9sEqdUx1Pp6VhiOKsC5X9kzf2h5kV9NypQmxC5e7BtTrG+xdCdz7wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIm7653jKdeMsdWnjRfS/2j06ckfMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvaWJ2cm5lTXAxNHl4MWFlTkY5TF9hUFRweVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9jRAwQC
uRWYAwQCuXLQAwQBwzY+AwQG1VsAAwQF1aIgMA0EAgACMAcDBQMqBBlAMA0GCSqG
SIb3DQEBCwUAA4IBAQC/2P1jVHHMDMBAUfhTuxcXRtzSgoz3roqvUoeGq6Pfm4h5
nVpuxEViaeI4Thf4N86SvsTYPrgymSCcO8vZynTgjMaG5tAu35b+lx9c70epeJa3
yqvp+bIAi/xyMaLAcBACyHSV+8tGTXKaJbSiRRA1YCGw7Gb5/9rwE736ngzUTu+o
RaWQlXuk889NCagB/mtKVb+J8v0NYzogzfjrxhj9JR00RTzpvSyigdbQDLf/h1OX
XXj1BP5aMTCVKum5QiqQ3pl97jKgEqZhxGcbKxbfwjtrUIN1QCUqvDPhPaNQ//7e
ld8tndc2yaBJ1lJc52+tFuH6t3isZp94aF6jCE5f
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:59 2025 by rpki-client on console.sobornost.net