Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/QGmT3Sq2OPr697a4jgYrgI5vyvo.roa
File: QGmT3Sq2OPr697a4jgYrgI5vyvo.roa (raw, json)
Hash identifier: cuVDNdIzZEyCh+DXAd1wDhu2rpRcNesepLeBXruUFrc=
Subject key identifier: 40:69:93:DD:2A:B6:38:FA:FA:F7:B6:B8:8E:06:2B:80:8E:6F:CA:FA
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 019482BBB2708259EA4924E0B16A9A9BAE29
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/QGmT3Sq2OPr697a4jgYrgI5vyvo.roa
Signing time: Mon 20 Jan 2025 08:02:06 +0000
ROA not before: Mon 20 Jan 2025 08:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41898
IP address blocks: 91.135.16.0/20 maxlen: 20
95.130.32.0/21 maxlen: 21
158.255.56.0/21 maxlen: 21
158.255.59.0/24 maxlen: 24
2a01:bae0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:bb:b2:70:82:59:ea:49:24:e0:b1:6a:9a:9b:ae:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: Jan 20 08:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=406993dd2ab638fafaf7b6b88e062b808e6fcafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a4:23:e9:52:f8:b2:f7:4c:be:49:51:44:1e:
e3:1a:97:02:39:d4:43:15:f9:03:08:5c:e6:87:47:
56:78:7f:4c:65:24:5c:d7:b3:fd:97:cd:d2:d5:aa:
4f:ed:b3:5a:ee:dd:9f:fe:a7:bc:9d:3c:b4:88:6e:
87:26:5f:bd:3e:a3:57:01:f5:5c:42:c2:e3:96:db:
68:44:15:6b:94:39:00:0f:0d:1a:94:11:7b:24:31:
b2:80:6c:8f:91:2d:b8:46:c6:a1:8b:c4:be:c2:61:
79:cd:9d:bd:4a:58:aa:a5:f9:3a:4a:b4:d6:85:90:
a9:0a:3d:8b:3f:4b:94:4a:17:77:58:ee:bd:7c:f1:
9b:30:5d:bf:0e:a9:46:37:99:77:ce:fa:c4:5f:3d:
82:77:55:d3:75:07:57:be:ef:0f:cb:1c:73:b3:76:
c3:aa:58:23:7c:fc:68:a9:20:24:07:6a:f3:ee:2b:
5f:d5:ee:fe:17:63:a6:c2:62:b8:0c:b0:0b:ca:4c:
b4:e1:4c:9f:4c:a7:4c:c6:d2:7e:5b:6f:31:55:f5:
75:50:bb:a5:20:6b:51:ef:46:bc:f1:35:10:78:1d:
2c:84:76:22:c7:55:f3:8f:df:b9:55:25:23:0d:53:
ae:e5:fc:c5:58:68:49:e8:af:3c:0c:a6:77:77:2a:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:93:DD:2A:B6:38:FA:FA:F7:B6:B8:8E:06:2B:80:8E:6F:CA:FA
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/QGmT3Sq2OPr697a4jgYrgI5vyvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.16.0/20
95.130.32.0/21
158.255.56.0/21
IPv6:
2a01:bae0::/32
Signature Algorithm: sha256WithRSAEncryption
14:26:fd:5b:46:ea:09:e5:b3:66:b2:5e:d2:40:bb:91:37:7e:
eb:18:24:08:ba:97:8a:eb:53:82:ad:2f:62:e2:6f:3d:aa:ba:
df:01:c8:1e:5a:21:14:ed:4a:77:5f:8a:12:c8:e7:ce:bb:74:
de:a4:76:53:74:a2:67:51:7c:b9:b9:63:49:ee:fe:1e:6c:6f:
65:8f:03:00:1e:5a:b5:8e:b7:67:20:a5:42:30:f5:d6:1d:47:
59:fd:90:e4:61:bd:8c:31:1b:ca:7a:40:47:93:ea:7d:3f:98:
05:62:69:05:62:49:30:a1:17:c6:53:82:a6:b4:34:a5:6f:16:
df:ed:ff:4b:bc:28:9c:d0:2c:1a:9e:99:13:31:d0:3d:ec:b9:
1b:6f:d5:ac:d0:fa:27:44:d0:38:ae:e4:a9:58:6d:0d:11:59:
c2:c3:39:0e:a8:ad:b1:e0:ec:e4:ee:19:32:84:90:d7:bf:4f:
1a:7e:dc:77:55:c4:be:9d:71:0b:24:26:f8:27:bf:fd:3a:a1:
d0:42:92:ac:89:7b:61:e8:32:b7:f1:f3:48:47:c5:c8:a7:b2:
4e:fd:e5:38:c8:b5:0c:8a:2a:05:f3:11:92:97:66:6f:5b:d0:
64:0e:47:c4:8a:a9:94:77:e3:d0:c0:5f:b1:6f:50:f3:b3:5f:
23:73:61:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSCu7JwglnqSSTgsWqam64pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFi
NjNhYjAwHhcNMjUwMTIwMDgwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY5OTNkZDJhYjYzOGZhZmFmN2I2Yjg4ZTA2MmI4MDhlNmZjYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKQj6VL4svdMvklRRB7jGpcCOdRD
FfkDCFzmh0dWeH9MZSRc17P9l83S1apP7bNa7t2f/qe8nTy0iG6HJl+9PqNXAfVc
QsLjlttoRBVrlDkADw0alBF7JDGygGyPkS24Rsahi8S+wmF5zZ29Sliqpfk6SrTW
hZCpCj2LP0uUShd3WO69fPGbMF2/DqlGN5l3zvrEXz2Cd1XTdQdXvu8Pyxxzs3bD
qlgjfPxoqSAkB2rz7itf1e7+F2OmwmK4DLALyky04UyfTKdMxtJ+W28xVfV1ULul
IGtR70a88TUQeB0shHYix1Xzj9+5VSUjDVOu5fzFWGhJ6K88DKZ3dyoh/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEBpk90qtjj6+ve2uI4GK4COb8r6MB8GA1UdIwQY
MBaAFDGCjJnTXLkuLVPa8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYt
ZWIzN2E4NWE4MmM1LzEvUUdtVDNTcTJPUHI2OTdhNGpnWXJnSTV2eXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1
LzEvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEW4cQAwQD
X4IgAwQDnv84MA0EAgACMAcDBQAqAbrgMA0GCSqGSIb3DQEBCwUAA4IBAQAUJv1b
RuoJ5bNmsl7SQLuRN37rGCQIupeK61OCrS9i4m89qrrfAcgeWiEU7Up3X4oSyOfO
u3TepHZTdKJnUXy5uWNJ7v4ebG9ljwMAHlq1jrdnIKVCMPXWHUdZ/ZDkYb2MMRvK
ekBHk+p9P5gFYmkFYkkwoRfGU4KmtDSlbxbf7f9LvCic0CwanpkTMdA97Lkbb9Ws
0PonRNA4ruSpWG0NEVnCwzkOqK2x4Ozk7hkyhJDXv08aftx3VcS+nXELJCb4J7/9
OqHQQpKsiXth6DK38fNIR8XIp7JO/eU4yLUMiioF8xGSl2ZvW9BkDkfEiqmUd+PQ
wF+xb1Dzs18jc2G/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net