Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/CdAs9uXPdWzwOsn5f3_VQNLvlMY.roa
File: CdAs9uXPdWzwOsn5f3_VQNLvlMY.roa (raw, json)
Hash identifier: z23dSOm4EWMwCPY/rIYDaKhlW5ucCmgZPFZkayJaxA8=
Subject key identifier: 09:D0:2C:F6:E5:CF:75:6C:F0:3A:C9:F9:7F:7F:D5:40:D2:EF:94:C6
Certificate issuer: /CN=62f603f3a55a29e6617f096b3a69bff0a392a928
Certificate serial: 01942143D050A065F822E600918134ADE6AB
Authority key identifier: 62:F6:03:F3:A5:5A:29:E6:61:7F:09:6B:3A:69:BF:F0:A3:92:A9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvYD86VaKeZhfwlrOmm_8KOSqSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/CdAs9uXPdWzwOsn5f3_VQNLvlMY.roa
Signing time: Wed 01 Jan 2025 09:47:59 +0000
ROA not before: Wed 01 Jan 2025 09:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44238
IP address blocks: 91.195.238.0/23 maxlen: 23
2001:67c:160::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d0:50:a0:65:f8:22:e6:00:91:81:34:ad:e6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62f603f3a55a29e6617f096b3a69bff0a392a928
Validity
Not Before: Jan 1 09:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09d02cf6e5cf756cf03ac9f97f7fd540d2ef94c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f1:f2:a1:98:a6:04:24:6c:a7:16:7d:a5:31:
72:be:25:e2:bc:c7:e0:0f:f6:df:2a:be:ad:6d:39:
ed:42:e3:c0:81:e5:30:4b:fd:a0:a5:0b:d6:db:84:
6f:28:93:55:c5:e4:f0:34:d8:5f:d5:bf:81:e0:ec:
56:fc:64:c1:25:dc:e1:72:4c:5a:a7:25:c3:81:79:
8f:b3:1f:59:4d:ab:ee:07:05:6b:e3:5a:a0:a2:ed:
76:ad:0e:38:bb:9f:0e:62:1b:38:e1:d3:c7:4c:87:
b1:28:7c:56:62:f6:a6:32:39:9d:ab:18:f3:c2:1f:
f8:48:f3:52:3a:6d:07:5c:da:94:03:53:da:0b:39:
b3:f1:f6:ff:78:8c:0c:3e:f5:9b:b7:5a:8a:66:ae:
df:08:98:9b:c9:81:20:09:1d:58:37:9e:b8:43:bb:
87:f7:e8:31:fd:94:44:6c:70:36:10:6f:bc:e3:09:
ad:ce:88:be:b5:68:d0:e4:1c:18:4c:b6:6d:ac:ca:
a3:15:3d:88:92:af:c2:c2:b6:51:ed:23:76:96:a1:
25:1a:96:3d:b9:2e:ec:9f:2d:ee:ff:cf:53:9c:bb:
d5:1f:d7:45:e1:4a:34:c2:03:32:44:44:ba:12:be:
f1:88:b8:82:27:a9:89:7a:e0:62:54:a0:ed:17:20:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D0:2C:F6:E5:CF:75:6C:F0:3A:C9:F9:7F:7F:D5:40:D2:EF:94:C6
X509v3 Authority Key Identifier:
keyid:62:F6:03:F3:A5:5A:29:E6:61:7F:09:6B:3A:69:BF:F0:A3:92:A9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvYD86VaKeZhfwlrOmm_8KOSqSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/CdAs9uXPdWzwOsn5f3_VQNLvlMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/YvYD86VaKeZhfwlrOmm_8KOSqSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.238.0/23
IPv6:
2001:67c:160::/48
Signature Algorithm: sha256WithRSAEncryption
71:12:0d:10:6c:ce:d2:03:01:12:f8:5e:9a:44:e5:3f:38:2f:
91:61:ad:dc:5b:65:f9:22:ec:28:e6:60:9f:52:f4:32:5d:af:
df:0d:be:4c:d7:c1:22:ae:6c:55:db:66:1d:83:9b:ab:97:0f:
a3:83:a5:a9:cd:bc:4b:2c:ec:c5:ce:22:b1:1d:49:fc:98:6a:
43:b3:e4:05:ff:be:22:9c:79:88:ed:48:88:e9:aa:2c:22:36:
0b:89:64:6c:94:59:ea:2a:4c:06:32:ac:a5:d5:08:0b:c8:ed:
93:f7:2f:7b:0d:0a:bc:82:b9:b7:1d:46:20:40:6e:b1:9e:b0:
29:82:de:f4:0f:45:a6:f4:82:11:80:08:dc:35:27:21:1b:2b:
30:45:cb:b7:af:83:df:61:99:3f:ef:1d:e5:98:d9:b8:b2:5b:
c8:a6:f3:15:21:91:42:6e:df:37:c8:8a:0e:51:d4:bf:05:f2:
57:74:8f:d1:7a:0b:f3:a6:8c:7e:78:b5:10:cd:01:8a:c5:ed:
a8:74:d2:c9:d7:ef:80:7f:7a:a5:a5:00:5b:8e:75:1d:d0:bf:
47:0d:08:78:2e:63:e6:25:ad:fe:b4:35:a4:35:cf:f5:0c:88:
1a:57:ae:44:49:01:e7:0b:d5:df:6c:9f:f3:c8:d2:bd:b8:df:
8a:ec:5a:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhQ9BQoGX4IuYAkYE0rearMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZjYwM2YzYTU1YTI5ZTY2MTdmMDk2YjNhNjliZmYwYTM5
MmE5MjgwHhcNMjUwMTAxMDk0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQwMmNmNmU1Y2Y3NTZjZjAzYWM5Zjk3ZjdmZDU0MGQyZWY5NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fHyoZimBCRspxZ9pTFyviXivMfg
D/bfKr6tbTntQuPAgeUwS/2gpQvW24RvKJNVxeTwNNhf1b+B4OxW/GTBJdzhckxa
pyXDgXmPsx9ZTavuBwVr41qgou12rQ44u58OYhs44dPHTIexKHxWYvamMjmdqxjz
wh/4SPNSOm0HXNqUA1PaCzmz8fb/eIwMPvWbt1qKZq7fCJibyYEgCR1YN564Q7uH
9+gx/ZREbHA2EG+84wmtzoi+tWjQ5BwYTLZtrMqjFT2Ikq/CwrZR7SN2lqElGpY9
uS7sny3u/89TnLvVH9dF4Uo0wgMyRES6Er7xiLiCJ6mJeuBiVKDtFyBaVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnQLPblz3Vs8DrJ+X9/1UDS75TGMB8GA1UdIwQY
MBaAFGL2A/OlWinmYX8Jazppv/CjkqkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZZRDg2VmFLZVpoZndsck9tbV84S09TcVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80NzA2NWQtMmQ4My00NjQxLTgyMjMt
NDFmMzlhOGMwOWRkLzEvQ2RBczl1WFBkV3p3T3NuNWYzX1ZRTkx2bE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80NzA2NWQtMmQ4My00NjQxLTgyMjMtNDFmMzlhOGMwOWRk
LzEvWXZZRDg2VmFLZVpoZndsck9tbV84S09TcVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PuMA8E
AgACMAkDBwAgAQZ8AWAwDQYJKoZIhvcNAQELBQADggEBAHESDRBsztIDARL4XppE
5T84L5FhrdxbZfki7CjmYJ9S9DJdr98NvkzXwSKubFXbZh2Dm6uXD6ODpanNvEss
7MXOIrEdSfyYakOz5AX/viKceYjtSIjpqiwiNguJZGyUWeoqTAYyrKXVCAvI7ZP3
L3sNCryCubcdRiBAbrGesCmC3vQPRab0ghGACNw1JyEbKzBFy7evg99hmT/vHeWY
2biyW8im8xUhkUJu3zfIig5R1L8F8ld0j9F6C/OmjH54tRDNAYrF7ah00snX74B/
eqWlAFuOdR3Qv0cNCHguY+Ylrf60NaQ1z/UMiBpXrkRJAecL1d9sn/PI0r2434rs
Wvk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:20 2025 by rpki-client on console.sobornost.net