Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/lLdmQa0LkR3Co21uBQYZ1e5FhDg.roa
File: lLdmQa0LkR3Co21uBQYZ1e5FhDg.roa (raw, json)
Hash identifier: vtgIAMazUzVSJC7ln2bJgxtzKzngIXSl74Jinz+5lNg=
Subject key identifier: 94:B7:66:41:AD:0B:91:1D:C2:A3:6D:6E:05:06:19:D5:EE:45:84:38
Certificate issuer: /CN=053f8469ec62520987896d8926c17228a7bcfb3d
Certificate serial: 01942521D9AD6C14A5F97D2A561211E8FB93
Authority key identifier: 05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/lLdmQa0LkR3Co21uBQYZ1e5FhDg.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197015
IP address blocks: 91.219.140.0/22 maxlen: 22
91.221.6.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d9:ad:6c:14:a5:f9:7d:2a:56:12:11:e8:fb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053f8469ec62520987896d8926c17228a7bcfb3d
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94b76641ad0b911dc2a36d6e050619d5ee458438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:20:8d:ec:05:76:fd:1f:3e:94:99:3d:c6:34:
9b:f1:a2:19:6a:87:8b:57:75:ab:0a:1c:58:68:d1:
ba:70:a4:69:67:fb:4b:29:90:3b:da:bb:94:89:b7:
49:69:8f:70:22:91:5e:e0:53:cd:24:92:9c:e6:a1:
1c:45:51:38:d6:26:5a:b4:76:9c:f1:3a:4e:c8:53:
fe:5b:60:ef:2a:64:39:3c:a1:50:69:84:e4:d4:48:
51:4a:b7:34:79:3a:43:7c:0f:86:84:84:fc:f8:22:
90:c5:66:6c:33:e2:9e:b2:24:bf:0e:c7:73:e3:1d:
bf:8d:64:64:85:57:27:a1:aa:5b:ce:54:68:2c:e5:
bd:db:d0:ac:2d:5e:d4:70:18:f8:a1:a1:50:53:af:
c7:f6:03:5d:5d:60:eb:b9:28:36:41:4e:9b:1e:3e:
09:58:9d:b9:5d:26:fd:d2:cf:81:7e:fd:f8:f3:10:
2e:d6:8a:d9:36:5d:8b:36:58:1b:3e:8f:c2:84:1d:
4e:d7:64:02:2f:af:01:88:2a:7f:98:86:5d:75:d4:
03:92:df:f3:15:08:6b:bc:98:3e:df:0a:6e:76:29:
90:63:9b:8d:c4:aa:93:fa:60:35:25:43:9a:46:cf:
e8:52:b0:21:bc:cd:44:04:08:6d:a1:1a:3d:56:0c:
22:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B7:66:41:AD:0B:91:1D:C2:A3:6D:6E:05:06:19:D5:EE:45:84:38
X509v3 Authority Key Identifier:
keyid:05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/lLdmQa0LkR3Co21uBQYZ1e5FhDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/BT-EaexiUgmHiW2JJsFyKKe8-z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.140.0/22
91.221.6.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:4b:54:e4:d5:f8:b0:e5:25:c2:7e:34:2c:4b:4e:59:f5:7c:
9f:5f:3d:04:4a:04:ea:a1:a9:78:f8:58:51:a8:e3:56:47:7b:
23:f7:dd:d2:f8:67:db:b9:85:2a:b8:7e:26:45:70:49:16:33:
68:61:46:60:dc:8e:3f:1c:9f:99:85:50:d9:08:69:6a:d2:ff:
3c:8d:63:95:49:8f:24:0b:02:4e:f5:85:58:e4:02:09:96:8a:
1b:6c:12:45:59:bf:c5:d2:4e:33:d1:e8:39:e5:37:61:25:9c:
c6:39:d1:39:df:57:08:5c:22:bb:e5:42:c8:4d:a2:3d:47:c0:
38:38:a2:7f:ce:08:1a:8c:b4:ee:c9:5a:95:3e:b6:7d:d8:12:
bd:2d:fe:08:ff:59:e9:64:53:83:61:fb:42:ef:01:41:57:83:
2c:e4:75:81:88:11:81:6a:b1:53:b4:c5:f7:50:e2:8d:f9:4d:
2d:e6:63:4e:1f:c2:6e:74:2f:b8:21:c1:05:6b:cc:8d:be:59:
f8:71:45:7b:fd:41:38:7d:46:1d:91:d1:d1:37:90:39:4b:5b:
a7:f7:fc:39:11:5e:44:dd:58:1f:12:56:75:f1:dc:16:fc:37:
83:2a:16:9c:2b:ab:be:34:49:30:13:f2:91:43:06:71:20:19:
ba:73:9f:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIdmtbBSl+X0qVhIR6PuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2Y4NDY5ZWM2MjUyMDk4Nzg5NmQ4OTI2YzE3MjI4YTdi
Y2ZiM2QwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGI3NjY0MWFkMGI5MTFkYzJhMzZkNmUwNTA2MTlkNWVlNDU4NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniCN7AV2/R8+lJk9xjSb8aIZaoeL
V3WrChxYaNG6cKRpZ/tLKZA72ruUibdJaY9wIpFe4FPNJJKc5qEcRVE41iZatHac
8TpOyFP+W2DvKmQ5PKFQaYTk1EhRSrc0eTpDfA+GhIT8+CKQxWZsM+KesiS/Dsdz
4x2/jWRkhVcnoapbzlRoLOW929CsLV7UcBj4oaFQU6/H9gNdXWDruSg2QU6bHj4J
WJ25XSb90s+Bfv348xAu1orZNl2LNlgbPo/ChB1O12QCL68BiCp/mIZdddQDkt/z
FQhrvJg+3wpudimQY5uNxKqT+mA1JUOaRs/oUrAhvM1EBAhtoRo9VgwilwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJS3ZkGtC5EdwqNtbgUGGdXuRYQ4MB8GA1UdIwQY
MBaAFAU/hGnsYlIJh4ltiSbBciinvPs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMt
ZWZjMTc1MDI5NzQwLzEvbExkbVFhMExrUjNDbzIxdUJRWVoxZTVGaERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMtZWZjMTc1MDI5NzQw
LzEvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9uMAwQB
W90GMA0GCSqGSIb3DQEBCwUAA4IBAQBLS1Tk1fiw5SXCfjQsS05Z9XyfXz0ESgTq
oal4+FhRqONWR3sj993S+GfbuYUquH4mRXBJFjNoYUZg3I4/HJ+ZhVDZCGlq0v88
jWOVSY8kCwJO9YVY5AIJloobbBJFWb/F0k4z0eg55TdhJZzGOdE531cIXCK75ULI
TaI9R8A4OKJ/zggajLTuyVqVPrZ92BK9Lf4I/1npZFODYftC7wFBV4Ms5HWBiBGB
arFTtMX3UOKN+U0t5mNOH8JudC+4IcEFa8yNvln4cUV7/UE4fUYdkdHRN5A5S1un
9/w5EV5E3VgfElZ18dwW/DeDKhacK6u+NEkwE/KRQwZxIBm6c5/r
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net