Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b41866-0578-4557-978a-76c2920ec333/1/Kyy8GZTzk5jbpc-sQWZN_GCAwek.roa
File: Kyy8GZTzk5jbpc-sQWZN_GCAwek.roa (raw, json)
Hash identifier: 0Z7eyKyncAl0NjLC6raqvRk4YOeLcpvsAk5XysLATes=
Subject key identifier: 2B:2C:BC:19:94:F3:93:98:DB:A5:CF:AC:41:66:4D:FC:60:80:C1:E9
Certificate issuer: /CN=bce2db4d659a63e42cb544c57f99a336f7d98ed0
Certificate serial: 0195DBE850408060FC295BC0165D465FA2B0
Authority key identifier: BC:E2:DB:4D:65:9A:63:E4:2C:B5:44:C5:7F:99:A3:36:F7:D9:8E:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vOLbTWWaY-QstUTFf5mjNvfZjtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b41866-0578-4557-978a-76c2920ec333/1/Kyy8GZTzk5jbpc-sQWZN_GCAwek.roa
Signing time: Fri 28 Mar 2025 08:39:49 +0000
ROA not before: Fri 28 Mar 2025 08:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51831
IP address blocks: 91.221.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:e8:50:40:80:60:fc:29:5b:c0:16:5d:46:5f:a2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bce2db4d659a63e42cb544c57f99a336f7d98ed0
Validity
Not Before: Mar 28 08:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b2cbc1994f39398dba5cfac41664dfc6080c1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c3:5d:6d:a9:8b:0b:fa:05:2f:d9:40:90:70:
a4:99:a2:99:6b:7f:c7:56:da:1b:1a:cb:50:90:80:
0e:6d:6a:7a:a7:a0:ca:ce:6e:36:4d:8b:8b:a4:cb:
84:6d:e5:62:05:ca:37:63:ee:b1:c5:ed:dd:ab:62:
7d:5d:ec:b5:dc:ff:a7:24:4c:43:be:01:4a:f6:1a:
66:de:77:df:b3:c9:6f:48:e5:85:f9:c4:bb:93:46:
ff:af:26:14:cd:17:8b:72:f4:b8:5d:e4:25:c1:4d:
47:79:20:04:2d:56:04:a3:cd:78:2d:57:8d:bb:9a:
2a:97:da:0b:22:e7:03:f9:07:44:72:67:5e:46:da:
92:0f:b3:a3:ac:36:29:bc:b2:c3:a5:ac:df:bc:81:
7f:54:f2:e8:87:c9:04:02:77:85:db:f7:3a:fc:42:
71:1d:b5:82:59:44:e9:2f:39:70:1d:b8:de:79:66:
9c:28:ae:6d:95:26:99:77:03:38:6a:00:a6:93:8b:
c8:fd:48:eb:95:50:b7:26:1d:67:ef:78:8e:00:1b:
c3:8a:15:1f:c6:ff:e0:94:61:79:eb:39:19:13:e6:
c9:e7:10:a2:56:ce:15:fb:f3:15:26:ac:98:8b:82:
24:a9:1c:a9:91:93:78:2c:83:b9:da:25:af:be:a6:
fb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2C:BC:19:94:F3:93:98:DB:A5:CF:AC:41:66:4D:FC:60:80:C1:E9
X509v3 Authority Key Identifier:
keyid:BC:E2:DB:4D:65:9A:63:E4:2C:B5:44:C5:7F:99:A3:36:F7:D9:8E:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vOLbTWWaY-QstUTFf5mjNvfZjtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b41866-0578-4557-978a-76c2920ec333/1/Kyy8GZTzk5jbpc-sQWZN_GCAwek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b41866-0578-4557-978a-76c2920ec333/1/vOLbTWWaY-QstUTFf5mjNvfZjtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:60:80:a8:a9:6a:01:a4:d4:d4:6b:53:34:a0:60:94:5f:d1:
97:33:18:7a:df:ff:6e:6a:5b:e7:37:c4:5e:f1:2c:b7:e1:4d:
d9:b8:8e:cf:46:0b:ac:5e:a5:eb:72:71:72:40:9b:e7:ca:82:
15:5d:dd:16:dc:bb:e5:27:fb:52:84:3f:71:14:90:50:5c:f5:
9f:69:e9:02:76:04:c7:dd:6b:0a:41:bd:02:a1:0b:96:05:e2:
f9:49:be:5e:3a:66:d9:df:61:e4:6d:8f:3a:1b:26:7e:0d:c3:
96:f0:5c:24:9a:f4:f5:49:72:32:67:81:f1:4b:66:03:0d:07:
2f:26:a1:da:d0:79:7a:0d:96:ba:eb:3c:07:2a:f8:73:9b:7f:
24:fa:79:39:1c:5e:46:56:e5:13:f7:0f:90:ef:9d:81:eb:23:
42:37:27:d1:e0:73:84:82:fe:87:0e:69:99:8e:09:d8:f8:4a:
cc:e0:56:89:1c:a4:7d:77:ab:0b:b8:33:f9:31:6e:26:ae:8f:
6f:7e:57:9c:59:e5:3a:1f:13:ba:ee:ca:60:23:e5:0d:f7:77:
fa:91:c9:8b:f0:4b:a1:67:dc:3e:82:4e:7f:27:30:42:ad:6a:
67:5e:bb:e0:4d:d2:06:72:0f:7e:a2:43:23:51:a7:ef:33:8e:
87:32:f9:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXb6FBAgGD8KVvAFl1GX6KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZTJkYjRkNjU5YTYzZTQyY2I1NDRjNTdmOTlhMzM2Zjdk
OThlZDAwHhcNMjUwMzI4MDgzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJjYmMxOTk0ZjM5Mzk4ZGJhNWNmYWM0MTY2NGRmYzYwODBjMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsNdbamLC/oFL9lAkHCkmaKZa3/H
VtobGstQkIAObWp6p6DKzm42TYuLpMuEbeViBco3Y+6xxe3dq2J9Xey13P+nJExD
vgFK9hpm3nffs8lvSOWF+cS7k0b/ryYUzReLcvS4XeQlwU1HeSAELVYEo814LVeN
u5oql9oLIucD+QdEcmdeRtqSD7OjrDYpvLLDpazfvIF/VPLoh8kEAneF2/c6/EJx
HbWCWUTpLzlwHbjeeWacKK5tlSaZdwM4agCmk4vI/UjrlVC3Jh1n73iOABvDihUf
xv/glGF56zkZE+bJ5xCiVs4V+/MVJqyYi4IkqRypkZN4LIO52iWvvqb7VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCssvBmU85OY26XPrEFmTfxggMHpMB8GA1UdIwQY
MBaAFLzi201lmmPkLLVExX+Zozb32Y7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk9MYlRXV2FZLVFzdFVURmY1bWpOdmZaanRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNDE4NjYtMDU3OC00NTU3LTk3OGEt
NzZjMjkyMGVjMzMzLzEvS3l5OEdaVHprNWpicGMtc1FXWk5fR0NBd2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNDE4NjYtMDU3OC00NTU3LTk3OGEtNzZjMjkyMGVjMzMz
LzEvdk9MYlRXV2FZLVFzdFVURmY1bWpOdmZaanRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW90jMA0G
CSqGSIb3DQEBCwUAA4IBAQCNYICoqWoBpNTUa1M0oGCUX9GXMxh63/9ualvnN8Re
8Sy34U3ZuI7PRgusXqXrcnFyQJvnyoIVXd0W3LvlJ/tShD9xFJBQXPWfaekCdgTH
3WsKQb0CoQuWBeL5Sb5eOmbZ32HkbY86GyZ+DcOW8FwkmvT1SXIyZ4HxS2YDDQcv
JqHa0Hl6DZa66zwHKvhzm38k+nk5HF5GVuUT9w+Q752B6yNCNyfR4HOEgv6HDmmZ
jgnY+ErM4FaJHKR9d6sLuDP5MW4mro9vflecWeU6HxO67spgI+UN93f6kcmL8Euh
Z9w+gk5/JzBCrWpnXrvgTdIGcg9+okMjUafvM46HMvlp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net