Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/20256e-1e03-400a-9878-fcc89ece5906/1/2TZgxnjJF7qDIIxEY-THpPbZMQA.roa
File: 2TZgxnjJF7qDIIxEY-THpPbZMQA.roa (raw, json)
Hash identifier: 0yx1MB4qhr47LhIlbMqbHpvd6J1nBsWh1WvKzMD4atk=
Subject key identifier: D9:36:60:C6:78:C9:17:BA:83:20:8C:44:63:E4:C7:A4:F6:D9:31:00
Certificate issuer: /CN=419b379a246412810e8a8052a62a39688ca34579
Certificate serial: 0194274653293CAB1DE9915015E4EB6B2F92
Authority key identifier: 41:9B:37:9A:24:64:12:81:0E:8A:80:52:A6:2A:39:68:8C:A3:45:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZs3miRkEoEOioBSpio5aIyjRXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/20256e-1e03-400a-9878-fcc89ece5906/1/2TZgxnjJF7qDIIxEY-THpPbZMQA.roa
Signing time: Thu 02 Jan 2025 13:48:27 +0000
ROA not before: Thu 02 Jan 2025 13:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56932
IP address blocks: 91.225.48.0/22 maxlen: 22
193.176.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:53:29:3c:ab:1d:e9:91:50:15:e4:eb:6b:2f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=419b379a246412810e8a8052a62a39688ca34579
Validity
Not Before: Jan 2 13:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d93660c678c917ba83208c4463e4c7a4f6d93100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a7:cd:2f:42:ec:f3:56:0e:f9:37:d7:b2:41:
c1:e5:f4:eb:e2:69:ff:fb:d6:15:0f:5c:d7:8f:d8:
d7:bd:23:a6:c7:4b:09:94:8f:9e:e9:95:31:b8:07:
60:e1:8c:7e:6b:7d:fb:51:15:3c:b0:9e:47:03:c9:
84:da:f1:39:b4:2f:75:fc:9d:3a:9f:02:52:09:dc:
41:f6:f7:77:9a:bf:ab:30:e5:d8:c0:9b:6f:fd:04:
ec:a9:ca:2d:bd:eb:eb:ad:af:ee:1a:ab:3c:a2:29:
d6:fa:eb:51:bb:4c:c4:d1:c3:bb:db:32:a1:d3:12:
a0:64:94:11:79:c0:d7:56:22:60:c4:84:04:1e:f5:
4c:51:5e:42:72:4c:8c:21:cf:a0:68:fc:da:cf:9e:
5c:84:14:28:1b:11:43:c6:54:f9:08:b5:4a:22:17:
bc:d1:39:71:ec:10:3a:5a:82:42:dd:c3:d5:03:d9:
1c:a8:19:12:e4:40:06:eb:bf:60:c2:73:7e:35:e4:
a2:d6:a1:07:96:4a:4b:b4:91:14:95:e2:c6:c7:39:
e8:9d:2e:67:37:64:c4:e5:0c:f5:17:aa:38:db:39:
ed:4a:15:95:ba:eb:0c:40:da:b2:3f:88:43:68:f7:
fe:30:61:9b:8c:02:a3:8f:8c:b9:b1:6e:e1:cd:0f:
99:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:36:60:C6:78:C9:17:BA:83:20:8C:44:63:E4:C7:A4:F6:D9:31:00
X509v3 Authority Key Identifier:
keyid:41:9B:37:9A:24:64:12:81:0E:8A:80:52:A6:2A:39:68:8C:A3:45:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZs3miRkEoEOioBSpio5aIyjRXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/20256e-1e03-400a-9878-fcc89ece5906/1/2TZgxnjJF7qDIIxEY-THpPbZMQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/20256e-1e03-400a-9878-fcc89ece5906/1/QZs3miRkEoEOioBSpio5aIyjRXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.48.0/22
193.176.248.0/22
Signature Algorithm: sha256WithRSAEncryption
29:e5:f5:8f:08:bd:4a:56:05:9f:cb:39:af:43:3c:b5:42:79:
ac:b5:83:b6:c2:80:a7:8a:9b:42:2b:1c:ac:d2:c5:99:c9:33:
ff:65:34:14:6a:59:34:c7:01:e8:77:19:50:fb:1f:55:d3:26:
d4:45:10:bd:44:f2:05:6b:07:80:b8:50:36:90:bb:2c:a7:40:
3f:0d:c6:5d:e4:3e:61:c8:03:87:d2:e4:21:f3:c1:27:a3:46:
e5:82:93:3c:d9:74:96:2c:4e:80:2b:43:31:61:6f:b6:b2:a1:
20:7c:70:94:5f:2d:fe:10:35:73:db:a2:f9:24:c6:dd:f5:b1:
b6:2e:12:fb:ab:9f:52:d2:95:98:4b:63:be:c1:dc:ca:61:fb:
b7:69:f8:1e:a2:46:40:e0:1e:82:df:61:74:6f:2a:cb:ea:51:
8f:54:92:4a:33:00:2d:03:d6:d1:8b:f5:4f:47:ee:92:79:71:
e8:8a:52:7c:15:0e:5c:c8:8f:70:9d:fc:35:1c:b3:63:aa:80:
ec:20:9a:f9:d3:a8:70:fe:80:62:ab:b0:12:70:87:f9:de:14:
1c:ba:69:87:2c:b7:34:d8:aa:9a:a2:38:79:16:a1:84:07:84:
0b:df:87:4f:54:e4:b2:d2:41:25:03:39:3d:db:e8:27:b9:b4:
e1:1c:df:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnRlMpPKsd6ZFQFeTray+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOWIzNzlhMjQ2NDEyODEwZThhODA1MmE2MmEzOTY4OGNh
MzQ1NzkwHhcNMjUwMTAyMTM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM2NjBjNjc4YzkxN2JhODMyMDhjNDQ2M2U0YzdhNGY2ZDkzMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KfNL0Ls81YO+TfXskHB5fTr4mn/
+9YVD1zXj9jXvSOmx0sJlI+e6ZUxuAdg4Yx+a337URU8sJ5HA8mE2vE5tC91/J06
nwJSCdxB9vd3mr+rMOXYwJtv/QTsqcotvevrra/uGqs8oinW+utRu0zE0cO72zKh
0xKgZJQRecDXViJgxIQEHvVMUV5CckyMIc+gaPzaz55chBQoGxFDxlT5CLVKIhe8
0Tlx7BA6WoJC3cPVA9kcqBkS5EAG679gwnN+NeSi1qEHlkpLtJEUleLGxznonS5n
N2TE5Qz1F6o42zntShWVuusMQNqyP4hDaPf+MGGbjAKjj4y5sW7hzQ+ZoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNk2YMZ4yRe6gyCMRGPkx6T22TEAMB8GA1UdIwQY
MBaAFEGbN5okZBKBDoqAUqYqOWiMo0V5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpzM21pUmtFb0VPaW9CU3BpbzVhSXlqUlhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yMDI1NmUtMWUwMy00MDBhLTk4Nzgt
ZmNjODllY2U1OTA2LzEvMlRaZ3huakpGN3FESUl4RVktVEhwUGJaTVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yMDI1NmUtMWUwMy00MDBhLTk4NzgtZmNjODllY2U1OTA2
LzEvUVpzM21pUmtFb0VPaW9CU3BpbzVhSXlqUlhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+EwAwQC
wbD4MA0GCSqGSIb3DQEBCwUAA4IBAQAp5fWPCL1KVgWfyzmvQzy1QnmstYO2woCn
iptCKxys0sWZyTP/ZTQUalk0xwHodxlQ+x9V0ybURRC9RPIFaweAuFA2kLssp0A/
DcZd5D5hyAOH0uQh88Eno0blgpM82XSWLE6AK0MxYW+2sqEgfHCUXy3+EDVz26L5
JMbd9bG2LhL7q59S0pWYS2O+wdzKYfu3afgeokZA4B6C32F0byrL6lGPVJJKMwAt
A9bRi/VPR+6SeXHoilJ8FQ5cyI9wnfw1HLNjqoDsIJr506hw/oBiq7AScIf53hQc
ummHLLc02Kqaojh5FqGEB4QL34dPVOSy0kElAzk92+gnubThHN84
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net