Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/mEa-TLKrSv59f8M6kG19lj9ZNsk.roa
File: mEa-TLKrSv59f8M6kG19lj9ZNsk.roa (raw, json)
Hash identifier: B4NNTwi5q8vUiOtaP5idLpSIlDDRQuKnJ09MN8x4pKo=
Subject key identifier: 98:46:BE:4C:B2:AB:4A:FE:7D:7F:C3:3A:90:6D:7D:96:3F:59:36:C9
Certificate issuer: /CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Certificate serial: 0195A83572CF7C34773D79083A4C519E3C16
Authority key identifier: 97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/mEa-TLKrSv59f8M6kG19lj9ZNsk.roa
Signing time: Tue 18 Mar 2025 07:43:49 +0000
ROA not before: Tue 18 Mar 2025 07:43:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215686
IP address blocks: 91.229.236.0/24 maxlen: 24
194.39.242.0/24 maxlen: 24
2a0c:dd00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:35:72:cf:7c:34:77:3d:79:08:3a:4c:51:9e:3c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Validity
Not Before: Mar 18 07:43:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9846be4cb2ab4afe7d7fc33a906d7d963f5936c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:ef:65:12:2d:1c:b9:c0:40:dd:90:fc:c5:
4a:42:33:07:1b:9f:59:f0:0b:17:dc:25:21:1d:5c:
f1:f3:99:9c:eb:df:82:7a:ec:1f:c0:73:8f:8b:0b:
0a:69:d6:f5:bf:42:ab:d1:e5:53:5e:a7:23:9f:4d:
ed:87:2e:cc:fc:90:de:85:80:84:35:79:02:42:2c:
c3:0a:3f:51:46:5b:69:58:2e:f5:12:77:3f:b9:9c:
db:92:bc:d6:bd:cb:74:03:1e:fc:14:7c:a4:51:3e:
68:59:c5:af:f8:8c:5c:28:6f:1e:5b:84:2c:69:ca:
40:de:1d:5a:ab:c6:74:db:34:94:33:a2:56:5b:da:
8e:8a:f8:83:e7:0a:f3:e6:6d:e6:44:f3:d7:b9:17:
50:f1:9e:37:ce:b8:b7:ba:fa:d2:fb:95:b8:13:41:
c4:9f:d4:d0:0a:8d:60:83:95:a1:a6:dc:9b:82:f7:
b5:27:ae:a2:58:80:94:f2:5c:d0:bf:82:07:d9:c8:
98:94:2e:07:c5:33:42:e2:ad:f7:0c:77:56:cc:7e:
e0:b1:b7:35:98:ac:ef:d4:42:07:4e:5f:d4:a9:f1:
63:34:03:78:7f:c7:f0:c0:fc:2f:96:c2:37:c1:0f:
c9:9d:8a:a8:44:11:4e:c0:ba:51:d9:b5:8d:f5:93:
71:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:46:BE:4C:B2:AB:4A:FE:7D:7F:C3:3A:90:6D:7D:96:3F:59:36:C9
X509v3 Authority Key Identifier:
keyid:97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/mEa-TLKrSv59f8M6kG19lj9ZNsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/l0417CGA2uvRvz3URAOp4L_LVso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.236.0/24
194.39.242.0/24
IPv6:
2a0c:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d2:b2:39:c1:2c:f5:a4:3f:e8:ac:a1:8c:b4:10:d2:5a:c4:
7d:15:e7:4c:a7:ab:74:e5:13:dd:06:e8:3e:3a:47:c2:84:3a:
7e:3f:22:fc:26:78:8b:b7:db:5b:a4:87:42:a3:52:a6:ce:e5:
d6:31:36:49:5f:a2:88:a3:6e:b6:87:43:f2:7e:80:28:34:24:
c2:47:6f:f7:f9:2b:94:9f:c9:51:0d:d6:aa:71:11:a4:b9:17:
b8:92:53:8f:0c:13:49:5b:dd:73:a2:24:6f:72:ef:1b:f9:3d:
50:d4:fb:f5:1e:ca:a6:24:ff:4e:21:2c:17:ad:99:61:d3:c7:
4b:71:29:db:10:83:3b:1f:8d:a1:01:7b:33:bb:5c:92:de:a2:
bd:13:bf:37:b2:55:51:9f:b0:8d:b9:9d:e0:df:7c:ae:b0:ab:
d8:e8:8a:6c:84:b6:aa:7e:cf:b9:43:29:db:3a:78:a6:22:40:
a1:5b:ce:5c:9a:91:0f:93:4b:43:05:d6:a5:cd:17:66:d8:26:
4c:15:30:ca:63:c1:21:f5:3c:13:f5:eb:0f:ec:a6:2d:a5:96:
3a:64:3a:23:0c:3a:8d:f4:d7:e6:23:fa:d7:97:dc:07:50:fd:
ab:26:4e:92:c3:e1:25:36:71:5f:65:8d:60:e4:de:14:a6:6c:
61:c6:cc:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWoNXLPfDR3PXkIOkxRnjwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NGUzNWVjMjE4MGRhZWJkMWJmM2RkNDQ0MDNhOWUwYmZj
YjU2Y2EwHhcNMjUwMzE4MDc0MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ2YmU0Y2IyYWI0YWZlN2Q3ZmMzM2E5MDZkN2Q5NjNmNTkzNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyvvZRItHLnAQN2Q/MVKQjMHG59Z
8AsX3CUhHVzx85mc69+CeuwfwHOPiwsKadb1v0Kr0eVTXqcjn03thy7M/JDehYCE
NXkCQizDCj9RRltpWC71Enc/uZzbkrzWvct0Ax78FHykUT5oWcWv+IxcKG8eW4Qs
acpA3h1aq8Z02zSUM6JWW9qOiviD5wrz5m3mRPPXuRdQ8Z43zri3uvrS+5W4E0HE
n9TQCo1gg5Whptybgve1J66iWICU8lzQv4IH2ciYlC4HxTNC4q33DHdWzH7gsbc1
mKzv1EIHTl/UqfFjNAN4f8fwwPwvlsI3wQ/JnYqoRBFOwLpR2bWN9ZNxXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJhGvkyyq0r+fX/DOpBtfZY/WTbJMB8GA1UdIwQY
MBaAFJdONewhgNrr0b891EQDqeC/y1bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUt
Y2RmNGM2YjQyNGUxLzEvbUVhLVRMS3JTdjU5ZjhNNmtHMTlsajlaTnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUtY2RmNGM2YjQyNGUx
LzEvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+XsAwQA
wifyMA0EAgACMAcDBQMqDN0AMA0GCSqGSIb3DQEBCwUAA4IBAQAO0rI5wSz1pD/o
rKGMtBDSWsR9FedMp6t05RPdBug+OkfChDp+PyL8JniLt9tbpIdCo1KmzuXWMTZJ
X6KIo262h0PyfoAoNCTCR2/3+SuUn8lRDdaqcRGkuRe4klOPDBNJW91zoiRvcu8b
+T1Q1Pv1HsqmJP9OISwXrZlh08dLcSnbEIM7H42hAXszu1yS3qK9E783slVRn7CN
uZ3g33yusKvY6IpshLaqfs+5QynbOnimIkChW85cmpEPk0tDBdalzRdm2CZMFTDK
Y8Eh9TwT9esP7KYtpZY6ZDojDDqN9NfmI/rXl9wHUP2rJk6Sw+ElNnFfZY1g5N4U
pmxhxsxG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net