Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa
File: RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa (raw, json)
Hash identifier: BVR+Y8S7WJeuusRjWoFe5ZeYBx8jVE+CDBxd/rFYYkU=
Subject key identifier: 45:B4:5C:37:AC:25:D2:71:05:56:C5:98:C7:C7:3D:5F:21:58:4A:96
Certificate issuer: /CN=4d13128815103574417ca7a70412da3ab3b84511
Certificate serial: 01941FFA0BDAD13F2670F9E52CE5A1CAD7F7
Authority key identifier: 4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8587
IP address blocks: 91.208.251.0/24 maxlen: 24
91.209.14.0/24 maxlen: 24
91.209.21.0/24 maxlen: 24
91.209.22.0/24 maxlen: 24
94.247.72.0/21 maxlen: 21
195.114.224.0/20 maxlen: 20
212.104.210.0/24 maxlen: 24
2a02:ca0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0b:da:d1:3f:26:70:f9:e5:2c:e5:a1:ca:d7:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d13128815103574417ca7a70412da3ab3b84511
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45b45c37ac25d2710556c598c7c73d5f21584a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:05:f8:0b:a4:3b:2b:60:ce:31:86:d8:8b:73:
5f:01:b4:e9:43:f4:01:2e:6c:75:66:9b:1c:9c:43:
58:c8:30:2e:9f:6b:68:08:e5:90:5b:b5:45:be:43:
32:f3:64:fd:e7:d1:c4:fc:95:cd:fe:a6:ed:af:66:
12:0d:50:55:4b:09:83:04:92:9f:3c:ae:1c:2e:69:
11:f6:2e:ae:46:e9:08:95:1e:70:4d:3b:38:72:19:
b8:3b:bb:10:49:0a:5e:ab:b8:2a:a3:ec:7c:92:4a:
77:52:70:48:48:82:8b:2f:f7:aa:62:b0:5f:9d:1b:
7c:87:03:39:fe:d7:84:e3:05:a4:8b:13:15:05:1c:
c4:58:25:84:f6:bd:70:8d:58:e3:a8:3a:21:4e:47:
78:e8:0a:db:fe:54:8b:cc:ca:df:23:7b:18:b7:65:
7b:38:b3:23:1a:c0:9e:82:71:e0:76:cf:1c:0f:ab:
f8:b2:8f:b7:62:3c:36:73:c1:5b:6e:a3:bb:0d:92:
0f:b6:62:ea:fb:41:54:22:0b:c5:c7:60:b1:14:b2:
ae:c4:0f:01:d6:ea:fe:0f:16:c1:0e:27:fd:b4:a4:
9b:ae:48:7c:fe:2f:e1:eb:7c:42:8b:87:5b:91:34:
9e:5a:43:cd:60:b9:d7:60:6b:5d:75:11:90:05:56:
3d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B4:5C:37:AC:25:D2:71:05:56:C5:98:C7:C7:3D:5F:21:58:4A:96
X509v3 Authority Key Identifier:
keyid:4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.251.0/24
91.209.14.0/24
91.209.21.0-91.209.22.255
94.247.72.0/21
195.114.224.0/20
212.104.210.0/24
IPv6:
2a02:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
06:1c:89:3c:46:05:76:87:cb:cd:0a:75:0c:01:30:32:43:a3:
6a:70:fb:65:52:6c:a2:7d:30:4b:ed:52:a6:93:a5:a2:9a:4c:
4d:83:17:e8:30:40:26:51:f7:9a:0c:0a:cc:7d:23:f8:09:75:
fa:9b:f5:68:96:11:f9:c7:55:21:0c:d4:4e:61:c8:6b:81:71:
22:69:f5:69:17:3e:17:a2:0a:51:10:09:4e:d5:d4:ea:12:57:
aa:27:bf:f5:11:5d:da:94:78:9a:7b:05:f0:11:2f:1d:d6:ca:
25:55:79:a1:9c:ff:8c:15:4a:1e:5a:d4:8f:55:9a:79:27:ba:
ca:09:c8:c8:1c:bc:62:60:d5:4a:43:20:36:b9:cf:75:21:46:
9b:ab:26:db:4c:cd:28:97:a6:32:76:b3:21:01:75:96:ca:1f:
a4:fa:4f:f5:e2:c6:b7:98:cc:82:5a:d1:90:84:71:ad:6a:fb:
d7:53:dd:ad:6e:98:c0:7f:09:d2:53:e0:82:0a:04:a2:10:2a:
cc:71:af:62:96:a4:4e:62:37:36:bd:bc:3b:c1:c4:f2:ba:fd:
f2:02:21:4b:a7:c8:36:0f:ec:65:f8:01:f1:19:26:83:6b:57:
3e:03:12:fa:8b:ea:8c:db:91:b2:d7:7a:7a:35:59:18:e8:d0:
43:29:a5:ca
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQf+gva0T8mcPnlLOWhytf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTMxMjg4MTUxMDM1NzQ0MTdjYTdhNzA0MTJkYTNhYjNi
ODQ1MTEwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWI0NWMzN2FjMjVkMjcxMDU1NmM1OThjN2M3M2Q1ZjIxNTg0YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AX4C6Q7K2DOMYbYi3NfAbTpQ/QB
Lmx1ZpscnENYyDAun2toCOWQW7VFvkMy82T959HE/JXN/qbtr2YSDVBVSwmDBJKf
PK4cLmkR9i6uRukIlR5wTTs4chm4O7sQSQpeq7gqo+x8kkp3UnBISIKLL/eqYrBf
nRt8hwM5/teE4wWkixMVBRzEWCWE9r1wjVjjqDohTkd46Arb/lSLzMrfI3sYt2V7
OLMjGsCegnHgds8cD6v4so+3Yjw2c8FbbqO7DZIPtmLq+0FUIgvFx2CxFLKuxA8B
1ur+DxbBDif9tKSbrkh8/i/h63xCi4dbkTSeWkPNYLnXYGtddRGQBVY9BwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFEW0XDesJdJxBVbFmMfHPV8hWEqWMB8GA1UdIwQY
MBaAFE0TEogVEDV0QXynpwQS2jqzuEURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMt
ZjU1ZWE0OGNlNzVhLzEvUmJSY042d2wwbkVGVnNXWXg4YzlYeUZZU3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMtZjU1ZWE0OGNlNzVh
LzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQAW9D7AwQA
W9EOMAwDBABb0RUDBABb0RYDBANe90gDBATDcuADBADUaNIwDQQCAAIwBwMFACoC
DKAwDQYJKoZIhvcNAQELBQADggEBAAYciTxGBXaHy80KdQwBMDJDo2pw+2VSbKJ9
MEvtUqaTpaKaTE2DF+gwQCZR95oMCsx9I/gJdfqb9WiWEfnHVSEM1E5hyGuBcSJp
9WkXPheiClEQCU7V1OoSV6onv/URXdqUeJp7BfARLx3WyiVVeaGc/4wVSh5a1I9V
mnknusoJyMgcvGJg1UpDIDa5z3UhRpurJttMzSiXpjJ2syEBdZbKH6T6T/XixreY
zIJa0ZCEca1q+9dT3a1umMB/CdJT4IIKBKIQKsxxr2KWpE5iNza9vDvBxPK6/fIC
IUunyDYP7GX4AfEZJoNrVz4DEvqL6ozbkbLXeno1WRjo0EMppco=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net