Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/BV9MkYw-noIEhqphKumJe_rAYPw.roa
File: BV9MkYw-noIEhqphKumJe_rAYPw.roa (raw, json)
Hash identifier: cTycQR7uMvIZ+ka9U/Z707XPur1pq5RdGRaj9s/WBEk=
Subject key identifier: 05:5F:4C:91:8C:3E:9E:82:04:86:AA:61:2A:E9:89:7B:FA:C0:60:FC
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 019423D6AA50DF25BB0CC4AA9B5926935A19
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/BV9MkYw-noIEhqphKumJe_rAYPw.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47891
IP address blocks: 91.206.156.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
185.90.96.0/22 maxlen: 24
2a05:df00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:aa:50:df:25:bb:0c:c4:aa:9b:59:26:93:5a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=055f4c918c3e9e820486aa612ae9897bfac060fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:a3:c0:28:65:c1:18:04:26:09:bc:33:a8:
b7:ff:59:48:7a:15:01:b2:bc:0a:53:9d:1f:24:e3:
88:ae:98:a0:23:ac:5b:d8:8f:b2:8a:e1:ec:ef:db:
ab:72:39:39:75:da:6d:60:38:8f:40:4f:d4:d6:94:
36:df:8e:8a:88:c6:e8:4e:e5:d2:b5:a3:43:59:e3:
91:bc:4b:3e:89:d3:cb:6e:65:8c:bc:c2:b1:36:14:
6c:1e:04:cc:6f:c9:ae:aa:4c:45:dc:88:7e:0e:f7:
76:e3:f4:8c:d0:6b:e2:aa:1c:a2:29:10:92:3d:1b:
fe:55:5d:5a:22:a9:72:99:3e:aa:01:b5:db:c1:af:
97:a2:2a:20:42:b8:59:9e:d8:bb:5d:9b:8c:31:61:
0a:5b:1f:6a:00:11:02:be:0c:74:8d:de:68:3b:95:
a0:84:1b:99:c2:38:ac:52:a9:58:43:d5:8d:4d:05:
97:6d:2d:65:db:02:dc:f3:5d:e8:87:97:fc:d8:87:
ce:00:d5:bc:10:48:6e:99:9c:69:27:88:05:22:0e:
3f:26:69:9b:10:66:94:66:b8:e4:5d:f8:28:59:74:
43:87:53:26:cf:46:c8:5f:4f:cf:1c:57:97:1d:82:
ab:11:b8:73:36:cd:b0:7a:c4:04:f0:11:24:8d:50:
9f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5F:4C:91:8C:3E:9E:82:04:86:AA:61:2A:E9:89:7B:FA:C0:60:FC
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/BV9MkYw-noIEhqphKumJe_rAYPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.156.0/23
91.229.230.0/23
185.90.96.0/22
IPv6:
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
09:0f:e1:c8:7b:f3:42:aa:fb:d7:56:b6:49:24:d0:36:42:ff:
52:64:c1:73:fa:fe:4f:a9:01:d3:9b:97:96:4b:25:96:35:00:
f4:e5:a0:2e:12:3c:7c:1d:1d:d0:72:9b:8c:dd:2a:80:4f:5f:
17:ca:12:65:86:da:7e:97:ec:d7:4f:97:4a:16:47:98:86:2f:
bb:9a:67:3f:79:28:04:e6:a3:2d:33:55:83:2e:9c:96:06:f2:
96:e6:f4:38:1c:29:9f:da:bf:37:ac:e0:7a:1d:98:04:5f:5c:
65:c7:69:88:f0:ce:aa:93:03:34:8b:1b:e5:91:01:99:33:3c:
40:6e:fb:47:e5:7d:6a:25:c0:9f:33:d6:59:25:54:22:f4:1c:
5f:48:7b:6e:a2:48:b4:a1:f0:37:45:25:06:e3:77:72:af:ba:
eb:f2:2c:8c:11:f3:fa:e5:bf:c7:32:88:cc:c2:e0:31:0e:8c:
0f:db:c3:29:05:22:ee:d7:3a:56:f9:a3:c0:06:cf:e9:c6:35:
d5:b5:ec:fa:41:36:bb:c2:70:29:0c:b0:a3:5b:9d:d7:dd:e3:
ce:89:d2:b9:bd:e4:d2:72:e2:8e:0c:66:27:36:82:52:5a:96:
c6:e1:e2:dd:89:26:d6:1d:d3:e7:e5:39:bf:1a:03:3f:63:8e:
bb:c8:ce:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1qpQ3yW7DMSqm1kmk1oZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVmNGM5MThjM2U5ZTgyMDQ4NmFhNjEyYWU5ODk3YmZhYzA2MGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI+jwChlwRgEJgm8M6i3/1lIehUB
srwKU50fJOOIrpigI6xb2I+yiuHs79urcjk5ddptYDiPQE/U1pQ2346KiMboTuXS
taNDWeORvEs+idPLbmWMvMKxNhRsHgTMb8muqkxF3Ih+Dvd24/SM0GviqhyiKRCS
PRv+VV1aIqlymT6qAbXbwa+XoiogQrhZnti7XZuMMWEKWx9qABECvgx0jd5oO5Wg
hBuZwjisUqlYQ9WNTQWXbS1l2wLc813oh5f82IfOANW8EEhumZxpJ4gFIg4/Jmmb
EGaUZrjkXfgoWXRDh1Mmz0bIX0/PHFeXHYKrEbhzNs2wesQE8BEkjVCf0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAVfTJGMPp6CBIaqYSrpiXv6wGD8MB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvQlY5TWtZdy1ub0lFaHFwaEt1bUplX3JBWVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW86cAwQB
W+XmAwQCuVpgMA0EAgACMAcDBQMqBd8AMA0GCSqGSIb3DQEBCwUAA4IBAQAJD+HI
e/NCqvvXVrZJJNA2Qv9SZMFz+v5PqQHTm5eWSyWWNQD05aAuEjx8HR3QcpuM3SqA
T18XyhJlhtp+l+zXT5dKFkeYhi+7mmc/eSgE5qMtM1WDLpyWBvKW5vQ4HCmf2r83
rOB6HZgEX1xlx2mI8M6qkwM0ixvlkQGZMzxAbvtH5X1qJcCfM9ZZJVQi9BxfSHtu
oki0ofA3RSUG43dyr7rr8iyMEfP65b/HMojMwuAxDowP28MpBSLu1zpW+aPABs/p
xjXVtez6QTa7wnApDLCjW53X3ePOidK5veTScuKODGYnNoJSWpbG4eLdiSbWHdPn
5Tm/GgM/Y467yM4e
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net