Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/OAOWe7maY9pSBU-5gVNjG4r2PZI.roa
File: OAOWe7maY9pSBU-5gVNjG4r2PZI.roa (raw, json)
Hash identifier: cj95WRLXDZ1GDxFc9L374qruvZwqpq+kg9Wr756ijmA=
Subject key identifier: 38:03:96:7B:B9:9A:63:DA:52:05:4F:B9:81:53:63:1B:8A:F6:3D:92
Certificate issuer: /CN=1651d3ddc6add483b761ac0476269533fe7ea717
Certificate serial: 019423D6EACA8F26B17592D00C4D22013E7D
Authority key identifier: 16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/OAOWe7maY9pSBU-5gVNjG4r2PZI.roa
Signing time: Wed 01 Jan 2025 21:47:54 +0000
ROA not before: Wed 01 Jan 2025 21:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47657
IP address blocks: 91.206.150.0/24 maxlen: 24
91.206.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ea:ca:8f:26:b1:75:92:d0:0c:4d:22:01:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1651d3ddc6add483b761ac0476269533fe7ea717
Validity
Not Before: Jan 1 21:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3803967bb99a63da52054fb98153631b8af63d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:45:15:b1:89:f6:5f:5f:9e:9b:db:36:7c:b2:
d9:4c:89:cb:71:bd:17:a2:e4:ef:59:2d:60:bb:c7:
07:c3:57:4c:f0:5d:8b:35:09:ff:b5:b1:42:36:de:
c1:69:12:9d:41:76:8e:e1:d1:95:62:b6:82:07:26:
73:43:28:9f:5c:43:6f:77:f3:71:61:af:c9:e7:56:
a3:75:11:91:e7:e7:46:87:cf:1c:32:5f:c8:32:0c:
bc:0f:bc:ce:d6:60:e3:cb:03:c2:7e:ee:e2:e0:f3:
b1:89:16:f3:6e:3a:7b:df:ad:dd:bd:63:0e:ae:b8:
3d:5a:6b:04:86:48:9b:81:ef:2e:b2:10:73:30:fa:
27:54:52:b6:f8:ca:c6:3d:04:1e:de:ad:ce:cf:f7:
fa:38:ec:21:83:ab:b5:d2:1f:f6:82:32:23:5d:30:
51:9c:99:99:f6:74:42:aa:0a:22:c8:15:af:bc:05:
95:45:56:24:da:21:a5:e3:b4:51:0b:93:c2:98:90:
21:18:aa:81:82:cf:aa:cd:e1:65:a9:c2:9a:96:46:
f5:1c:e7:16:bd:c2:96:93:6d:ba:96:b3:b9:b0:36:
7b:35:fe:e7:78:e9:8c:c6:d4:d0:d2:4e:49:7b:8a:
f7:05:b3:63:0c:27:a3:06:67:b5:9d:21:f9:31:48:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:03:96:7B:B9:9A:63:DA:52:05:4F:B9:81:53:63:1B:8A:F6:3D:92
X509v3 Authority Key Identifier:
keyid:16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/OAOWe7maY9pSBU-5gVNjG4r2PZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.150.0/23
Signature Algorithm: sha256WithRSAEncryption
65:44:fa:f9:6e:00:d0:af:ad:42:0e:bb:04:f9:e1:2d:35:85:
7d:fb:f9:73:23:3e:06:8c:63:51:f3:b4:d5:7f:e2:f6:f9:ef:
8f:c2:99:01:ed:ae:cc:29:d1:8c:b2:81:39:c3:46:19:d0:c1:
d5:44:b6:a0:b0:92:ef:3d:fb:4d:d2:4c:e9:15:3a:9c:e0:38:
86:65:1f:9e:a4:54:cd:55:97:b1:ee:56:bf:87:f0:5a:af:de:
9c:1f:56:b9:c7:e8:be:c4:3a:a7:10:d5:a3:34:72:35:3f:80:
40:72:e2:70:54:e9:31:76:9d:03:88:50:a2:d3:26:5c:d6:49:
eb:c2:01:57:7b:0f:46:49:e1:94:a8:ec:17:54:68:72:72:d0:
f2:7f:3d:a9:30:32:17:b5:0d:bb:f2:38:3d:de:94:90:0b:27:
ce:52:9d:bd:19:18:0a:8f:95:62:a8:1e:12:72:94:5f:1d:57:
aa:e5:d8:9a:64:ef:68:99:eb:be:af:e0:4c:9a:59:13:fd:78:
e8:a2:b0:fc:6d:49:53:45:4b:23:bf:73:bc:05:cb:be:55:dd:
70:89:7d:a7:e8:8d:58:c6:41:3e:c6:83:d5:8d:17:fe:aa:25:
db:b8:a0:50:0e:7d:2e:23:ca:c0:61:de:8c:7d:d9:4f:a8:d8:
42:c2:11:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1urKjyaxdZLQDE0iAT59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTFkM2RkYzZhZGQ0ODNiNzYxYWMwNDc2MjY5NTMzZmU3
ZWE3MTcwHhcNMjUwMTAxMjE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODAzOTY3YmI5OWE2M2RhNTIwNTRmYjk4MTUzNjMxYjhhZjYzZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UUVsYn2X1+em9s2fLLZTInLcb0X
ouTvWS1gu8cHw1dM8F2LNQn/tbFCNt7BaRKdQXaO4dGVYraCByZzQyifXENvd/Nx
Ya/J51ajdRGR5+dGh88cMl/IMgy8D7zO1mDjywPCfu7i4POxiRbzbjp7363dvWMO
rrg9WmsEhkibge8ushBzMPonVFK2+MrGPQQe3q3Oz/f6OOwhg6u10h/2gjIjXTBR
nJmZ9nRCqgoiyBWvvAWVRVYk2iGl47RRC5PCmJAhGKqBgs+qzeFlqcKalkb1HOcW
vcKWk226lrO5sDZ7Nf7neOmMxtTQ0k5Je4r3BbNjDCejBme1nSH5MUhYhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgDlnu5mmPaUgVPuYFTYxuK9j2SMB8GA1UdIwQY
MBaAFBZR093GrdSDt2GsBHYmlTP+fqcXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUt
MjA1NGY2ZTYxOTIyLzEvT0FPV2U3bWFZOXBTQlUtNWdWTmpHNHIyUFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUtMjA1NGY2ZTYxOTIy
LzEvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86WMA0G
CSqGSIb3DQEBCwUAA4IBAQBlRPr5bgDQr61CDrsE+eEtNYV9+/lzIz4GjGNR87TV
f+L2+e+PwpkB7a7MKdGMsoE5w0YZ0MHVRLagsJLvPftN0kzpFTqc4DiGZR+epFTN
VZex7la/h/Bar96cH1a5x+i+xDqnENWjNHI1P4BAcuJwVOkxdp0DiFCi0yZc1knr
wgFXew9GSeGUqOwXVGhyctDyfz2pMDIXtQ278jg93pSQCyfOUp29GRgKj5ViqB4S
cpRfHVeq5diaZO9omeu+r+BMmlkT/XjoorD8bUlTRUsjv3O8Bcu+Vd1wiX2n6I1Y
xkE+xoPVjRf+qiXbuKBQDn0uI8rAYd6MfdlPqNhCwhHo
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:16 2025 by rpki-client on console.sobornost.net