Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6e12c8-9dd7-478b-9071-1423e4a07296/1/0yQSyKYvqMhwpBx754j4DnrtLNM.roa
File: 0yQSyKYvqMhwpBx754j4DnrtLNM.roa (raw, json)
Hash identifier: e+uAdbKds5QvbScVHWI09Kx1Ed886p0JBHj+buaAMK8=
Subject key identifier: D3:24:12:C8:A6:2F:A8:C8:70:A4:1C:7B:E7:88:F8:0E:7A:ED:2C:D3
Certificate issuer: /CN=620d0fcb4b94e411a8de26209dc15e32dfa89aa0
Certificate serial: 019428253A70FFF2A5A65FCC90BD96F1EFC0
Authority key identifier: 62:0D:0F:CB:4B:94:E4:11:A8:DE:26:20:9D:C1:5E:32:DF:A8:9A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yg0Py0uU5BGo3iYgncFeMt-omqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6e12c8-9dd7-478b-9071-1423e4a07296/1/0yQSyKYvqMhwpBx754j4DnrtLNM.roa
Signing time: Thu 02 Jan 2025 17:51:55 +0000
ROA not before: Thu 02 Jan 2025 17:51:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58010
IP address blocks: 91.211.114.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:3a:70:ff:f2:a5:a6:5f:cc:90:bd:96:f1:ef:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=620d0fcb4b94e411a8de26209dc15e32dfa89aa0
Validity
Not Before: Jan 2 17:51:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d32412c8a62fa8c870a41c7be788f80e7aed2cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c9:17:d0:aa:54:d2:64:46:d5:d0:cc:d3:69:
52:7e:12:7f:00:8a:11:12:a0:8b:27:28:ea:c9:a6:
8e:d8:15:ae:96:2d:46:d2:11:2e:16:71:0a:7e:e1:
d4:1f:47:d6:7f:6d:28:78:cf:60:cd:02:c0:5f:8a:
e8:9b:f5:d2:c0:d7:1a:c7:fa:9e:23:6b:36:6d:7e:
b0:32:66:03:da:d4:0b:2e:92:dd:b2:a2:c0:98:01:
f8:a9:47:ae:cc:27:71:d3:92:36:74:c1:30:9c:06:
3c:9d:f7:ff:57:2e:20:39:3d:f5:ac:15:c5:89:20:
eb:7e:26:c7:13:14:bc:47:a8:8f:19:fd:d8:1c:8f:
14:4c:d7:83:3d:49:2e:b0:65:43:f8:23:8b:23:52:
cd:9c:3f:90:d2:a1:79:d4:f6:e1:81:de:06:31:e2:
f6:7b:40:30:05:15:06:44:0f:f6:6d:c1:ef:80:57:
2c:a5:55:a8:cd:4e:f6:60:98:13:b1:87:51:83:b9:
7a:72:a5:d2:f9:ca:ea:2e:5f:52:71:ef:9d:fd:c8:
c2:9a:d5:32:3b:69:08:74:f6:db:e9:12:17:40:b7:
45:54:79:68:a0:35:4b:89:0a:b1:42:40:13:c3:88:
48:27:5f:07:3e:f2:ce:08:be:ec:6f:65:43:73:f4:
1d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:24:12:C8:A6:2F:A8:C8:70:A4:1C:7B:E7:88:F8:0E:7A:ED:2C:D3
X509v3 Authority Key Identifier:
keyid:62:0D:0F:CB:4B:94:E4:11:A8:DE:26:20:9D:C1:5E:32:DF:A8:9A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yg0Py0uU5BGo3iYgncFeMt-omqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6e12c8-9dd7-478b-9071-1423e4a07296/1/0yQSyKYvqMhwpBx754j4DnrtLNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6e12c8-9dd7-478b-9071-1423e4a07296/1/Yg0Py0uU5BGo3iYgncFeMt-omqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.114.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:fc:78:79:ed:96:12:f0:6f:a2:a0:34:66:31:82:4a:ee:4a:
0d:05:41:38:21:35:cb:a3:c6:a5:3f:d7:ee:cd:a2:ad:9e:7f:
2d:d9:a2:8f:08:ac:a4:b2:ab:48:e4:c3:72:79:04:d2:21:9c:
64:23:ac:aa:c0:3f:41:b1:a5:e8:78:99:42:1a:16:55:64:08:
18:1d:d2:5c:21:d6:75:62:7b:a4:cd:09:f0:a8:93:12:5f:cb:
21:72:b0:bd:9d:34:30:9c:c4:49:35:57:eb:1b:78:95:a7:f9:
99:18:fb:ef:a8:38:f7:70:a7:81:ce:c0:e3:b7:17:58:bb:bc:
a3:2e:e4:5f:43:c8:43:6a:7d:ce:e4:f7:96:a8:06:66:50:5e:
0e:87:0d:c4:e9:ee:00:43:00:5f:f4:e7:a7:8a:a1:b0:c7:87:
f7:49:b9:44:c3:d6:07:3e:99:8b:63:e8:a7:2f:93:f6:36:d4:
cd:e0:eb:b4:62:2d:98:5f:30:99:2c:31:ee:54:78:fc:14:31:
30:d8:f0:e8:01:e3:e1:c2:98:21:46:0a:26:b7:17:35:75:01:
26:d0:29:bc:e8:80:31:3a:74:17:76:6b:7d:92:04:47:b0:7c:
7a:05:4a:54:3a:48:17:25:f8:7e:f5:ba:92:03:2a:d9:3d:5b:
04:ce:c6:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJTpw//Klpl/MkL2W8e/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMGQwZmNiNGI5NGU0MTFhOGRlMjYyMDlkYzE1ZTMyZGZh
ODlhYTAwHhcNMjUwMTAyMTc1MTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzI0MTJjOGE2MmZhOGM4NzBhNDFjN2JlNzg4ZjgwZTdhZWQyY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8kX0KpU0mRG1dDM02lSfhJ/AIoR
EqCLJyjqyaaO2BWuli1G0hEuFnEKfuHUH0fWf20oeM9gzQLAX4rom/XSwNcax/qe
I2s2bX6wMmYD2tQLLpLdsqLAmAH4qUeuzCdx05I2dMEwnAY8nff/Vy4gOT31rBXF
iSDrfibHExS8R6iPGf3YHI8UTNeDPUkusGVD+COLI1LNnD+Q0qF51Pbhgd4GMeL2
e0AwBRUGRA/2bcHvgFcspVWozU72YJgTsYdRg7l6cqXS+crqLl9Sce+d/cjCmtUy
O2kIdPbb6RIXQLdFVHlooDVLiQqxQkATw4hIJ18HPvLOCL7sb2VDc/QdawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMkEsimL6jIcKQce+eI+A567SzTMB8GA1UdIwQY
MBaAFGIND8tLlOQRqN4mIJ3BXjLfqJqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWcwUHkwdVU1QkdvM2lZZ25jRmVNdC1vbXFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZTEyYzgtOWRkNy00NzhiLTkwNzEt
MTQyM2U0YTA3Mjk2LzEvMHlRU3lLWXZxTWh3cEJ4NzU0ajREbnJ0TE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZTEyYzgtOWRkNy00NzhiLTkwNzEtMTQyM2U0YTA3Mjk2
LzEvWWcwUHkwdVU1QkdvM2lZZ25jRmVNdC1vbXFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9NyMA0G
CSqGSIb3DQEBCwUAA4IBAQAe/Hh57ZYS8G+ioDRmMYJK7koNBUE4ITXLo8alP9fu
zaKtnn8t2aKPCKyksqtI5MNyeQTSIZxkI6yqwD9BsaXoeJlCGhZVZAgYHdJcIdZ1
YnukzQnwqJMSX8shcrC9nTQwnMRJNVfrG3iVp/mZGPvvqDj3cKeBzsDjtxdYu7yj
LuRfQ8hDan3O5PeWqAZmUF4Ohw3E6e4AQwBf9OeniqGwx4f3SblEw9YHPpmLY+in
L5P2NtTN4Ou0Yi2YXzCZLDHuVHj8FDEw2PDoAePhwpghRgomtxc1dQEm0Cm86IAx
OnQXdmt9kgRHsHx6BUpUOkgXJfh+9bqSAyrZPVsEzsbe
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:37:10 2025 by rpki-client on console.sobornost.net