Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/SeFxeccbo68KLvP3eAvdIgxyzVI.roa
File: SeFxeccbo68KLvP3eAvdIgxyzVI.roa (raw, json)
Hash identifier: KKPafx1oDtZuIFD9Wnd6TukbFDgA1SpzCeh9Ci09gpw=
Subject key identifier: 49:E1:71:79:C7:1B:A3:AF:0A:2E:F3:F7:78:0B:DD:22:0C:72:CD:52
Certificate issuer: /CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
Certificate serial: 0194222027499317D52FE8892B6F21B10D3F
Authority key identifier: 87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/SeFxeccbo68KLvP3eAvdIgxyzVI.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60555
IP address blocks: 91.217.114.0/23 maxlen: 23
93.113.254.0/24 maxlen: 24
185.13.212.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:27:49:93:17:d5:2f:e8:89:2b:6f:21:b1:0d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49e17179c71ba3af0a2ef3f7780bdd220c72cd52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9f:0b:a8:9a:7d:60:c9:a4:4a:01:ab:3f:f3:
c0:e9:fa:a9:5a:d3:8c:ac:f9:d2:be:61:9e:40:eb:
a5:f2:b7:70:f5:dd:ab:59:ba:9e:23:08:28:67:40:
1f:8e:19:73:69:48:86:bc:cd:ad:dd:03:52:bd:94:
8f:69:8e:73:3e:9f:ec:42:e0:9a:23:68:01:fe:35:
bd:9d:04:81:ff:bd:81:c9:a7:4e:24:f7:1f:59:81:
76:32:05:cc:ab:07:3b:12:f1:25:61:02:c7:af:42:
44:96:47:56:46:c2:70:e6:fb:b0:bd:97:2c:47:66:
e3:eb:d4:b8:9d:de:3d:d6:85:30:f4:15:c5:46:de:
f5:4f:0c:e5:30:7c:a9:1b:af:ee:03:7d:1d:7f:51:
65:b8:e0:1a:aa:96:c6:6f:9e:59:23:ab:8e:ed:fb:
bf:7c:50:e2:45:6e:2b:c8:39:55:98:e7:ed:53:f8:
2b:ce:27:83:48:9a:28:08:8d:71:a6:5a:a7:b6:a5:
ad:b4:ed:dd:dc:e4:40:a8:4d:c9:65:c1:f1:5e:67:
b7:7a:a4:9f:c3:af:f1:be:ba:d9:96:c7:b6:e3:7d:
3a:b5:14:6d:2c:1a:cb:22:c1:ea:4c:40:9d:0e:30:
bf:02:0e:46:82:93:38:b0:b3:fe:91:cd:9f:48:d9:
ca:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E1:71:79:C7:1B:A3:AF:0A:2E:F3:F7:78:0B:DD:22:0C:72:CD:52
X509v3 Authority Key Identifier:
keyid:87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/SeFxeccbo68KLvP3eAvdIgxyzVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/h3wgc3EWvG1eWyJJMc8T3X95-Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.114.0/23
93.113.254.0/24
185.13.212.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:54:a1:12:c2:83:a9:af:33:fe:f9:f9:56:13:c9:0a:1e:46:
dc:3f:04:20:17:6a:c6:4f:f2:39:b5:bd:98:1a:fc:aa:fd:f7:
a4:47:4b:a3:87:6d:05:20:aa:aa:75:a2:6f:e0:27:3a:fd:40:
fd:89:99:a9:92:26:84:9d:af:9c:b2:af:43:b8:ea:ba:ff:a1:
7a:20:8c:e3:1a:b1:a5:d9:05:a5:cd:a4:82:a5:dd:bd:ba:5f:
fc:99:7d:58:31:58:a8:93:b8:4c:3a:65:db:67:3c:61:18:50:
a0:25:c8:c4:3f:cf:b8:8d:72:d1:53:df:24:8e:04:7c:86:62:
9a:79:45:d3:40:d7:d5:72:28:a1:37:44:07:9d:60:15:31:8a:
30:8c:3d:60:d9:6b:cf:d8:2c:bb:4c:f7:1f:10:59:53:02:e0:
9c:5a:bb:db:be:f5:0b:81:81:61:e6:03:d3:ce:fd:68:df:2b:
50:aa:2b:83:a1:da:6b:f1:df:12:f9:5b:bd:d4:1d:6e:11:f2:
13:6b:ab:41:68:77:05:a5:24:64:ab:5f:61:bf:ba:28:f2:65:
fa:2d:59:b4:cd:8f:3e:55:62:54:94:27:64:22:a2:44:06:27:
71:03:11:c5:2d:76:80:f9:fb:8b:d6:db:64:a6:d7:74:54:91:
52:fe:de:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiICdJkxfVL+iJK28hsQ0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2MyMDczNzExNmJjNmQ1ZTViMjI0OTMxY2YxM2RkN2Y3
OWY5NWIwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWUxNzE3OWM3MWJhM2FmMGEyZWYzZjc3ODBiZGQyMjBjNzJjZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8J8LqJp9YMmkSgGrP/PA6fqpWtOM
rPnSvmGeQOul8rdw9d2rWbqeIwgoZ0AfjhlzaUiGvM2t3QNSvZSPaY5zPp/sQuCa
I2gB/jW9nQSB/72ByadOJPcfWYF2MgXMqwc7EvElYQLHr0JElkdWRsJw5vuwvZcs
R2bj69S4nd491oUw9BXFRt71TwzlMHypG6/uA30df1FluOAaqpbGb55ZI6uO7fu/
fFDiRW4ryDlVmOftU/grzieDSJooCI1xplqntqWttO3d3ORAqE3JZcHxXme3eqSf
w6/xvrrZlse24306tRRtLBrLIsHqTECdDjC/Ag5GgpM4sLP+kc2fSNnKrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEnhcXnHG6OvCi7z93gL3SIMcs1SMB8GA1UdIwQY
MBaAFId8IHNxFrxtXlsiSTHPE91/eflbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgt
ZTcyMzJmODQ0OGIwLzEvU2VGeGVjY2JvNjhLTHZQM2VBdmRJZ3h5elZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgtZTcyMzJmODQ0OGIw
LzEvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW9lyAwQA
XXH+AwQBuQ3UMA0GCSqGSIb3DQEBCwUAA4IBAQC8VKESwoOprzP++flWE8kKHkbc
PwQgF2rGT/I5tb2YGvyq/fekR0ujh20FIKqqdaJv4Cc6/UD9iZmpkiaEna+csq9D
uOq6/6F6IIzjGrGl2QWlzaSCpd29ul/8mX1YMViok7hMOmXbZzxhGFCgJcjEP8+4
jXLRU98kjgR8hmKaeUXTQNfVciihN0QHnWAVMYowjD1g2WvP2Cy7TPcfEFlTAuCc
WrvbvvULgYFh5gPTzv1o3ytQqiuDodpr8d8S+Vu91B1uEfITa6tBaHcFpSRkq19h
v7oo8mX6LVm0zY8+VWJUlCdkIqJEBidxAxHFLXaA+fuL1ttkptd0VJFS/t6k
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:28 2025 by rpki-client on console.sobornost.net