Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/lO_Mg3DZHEdW5_hWel-RB7XxrdI.roa
File: lO_Mg3DZHEdW5_hWel-RB7XxrdI.roa (raw, json)
Hash identifier: mSvOkFvyMe8N8eCEVEp8qdqZ/KkLJkgUd3GK7ljSNTc=
Subject key identifier: 94:EF:CC:83:70:D9:1C:47:56:E7:F8:56:7A:5F:91:07:B5:F1:AD:D2
Certificate issuer: /CN=8453d1e8618ef8fae8075ddd58270d094006be99
Certificate serial: 0194475F0CDDF2A64278DD99CF35152CC309
Authority key identifier: 84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/lO_Mg3DZHEdW5_hWel-RB7XxrdI.roa
Signing time: Wed 08 Jan 2025 19:23:19 +0000
ROA not before: Wed 08 Jan 2025 19:23:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59577
IP address blocks: 91.201.232.0/22 maxlen: 22
195.72.144.0/24 maxlen: 24
195.72.145.0/24 maxlen: 24
195.72.146.0/24 maxlen: 24
2a12:5b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:5f:0c:dd:f2:a6:42:78:dd:99:cf:35:15:2c:c3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8453d1e8618ef8fae8075ddd58270d094006be99
Validity
Not Before: Jan 8 19:23:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94efcc8370d91c4756e7f8567a5f9107b5f1add2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:69:5a:1c:5a:b3:31:dc:e4:2d:e6:42:5d:48:
97:d2:1b:1b:12:b3:4d:38:00:3a:bb:a8:3f:cf:f0:
7a:83:01:9d:99:73:d0:1e:75:d4:8e:d7:e0:f2:a1:
5d:f9:00:d7:c5:8c:2a:98:57:25:6f:ba:4f:db:92:
22:6c:f4:ee:0a:e7:8a:6b:7d:fa:27:f4:04:a3:b3:
89:db:f7:2d:c1:49:27:5f:6e:2a:e7:0e:9f:17:0a:
06:0e:20:bd:4a:9e:86:69:b4:32:fa:6e:44:96:9a:
fc:8a:c4:62:cd:12:31:ad:79:8d:b3:be:45:dc:e0:
67:df:dc:9a:09:80:51:cd:3c:11:91:9d:74:f0:6e:
54:4e:8d:c6:d3:20:cd:55:55:bd:8b:c9:e6:f7:be:
9e:5b:99:31:a8:c5:5d:8b:fd:28:e2:72:f2:fd:2b:
cb:dc:1d:0c:e6:6f:a6:40:a7:55:3e:04:86:66:b7:
42:39:fa:d8:70:58:5f:08:17:56:d8:db:cc:0a:6d:
68:86:0c:ac:05:81:e7:0d:1c:aa:13:3e:28:89:05:
6b:d8:3d:8e:72:dd:71:e0:67:05:a6:40:8f:65:2a:
29:52:43:33:a7:88:8c:1a:a6:9b:e1:68:bc:66:85:
5e:d4:0a:69:c8:81:c9:5a:38:c8:be:2e:24:62:b6:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EF:CC:83:70:D9:1C:47:56:E7:F8:56:7A:5F:91:07:B5:F1:AD:D2
X509v3 Authority Key Identifier:
keyid:84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/lO_Mg3DZHEdW5_hWel-RB7XxrdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.232.0/22
195.72.144.0-195.72.146.255
IPv6:
2a12:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
60:07:0f:b3:4b:8c:55:8a:77:93:a0:e2:b7:ed:47:fa:7a:73:
36:77:f3:11:18:22:a7:01:34:9e:4a:04:c7:56:65:52:fd:af:
7a:e1:fe:05:18:c2:8c:e9:61:10:2f:a3:c4:49:e7:58:61:69:
46:c5:8a:98:25:ee:45:e6:6e:39:e9:7e:8f:37:46:48:95:92:
2c:73:fb:59:46:00:41:e3:83:43:d1:e4:af:ad:e5:91:49:04:
f4:87:bb:d7:ae:9b:a6:24:fd:8a:47:71:aa:35:7d:87:73:6d:
71:3f:8d:1f:65:8f:d0:1e:d8:4a:d6:c2:c8:04:5a:04:f3:59:
07:a1:a1:96:d8:3d:2c:34:6b:93:aa:44:9e:5b:86:81:28:85:
33:f3:95:0a:13:cd:66:2e:bb:51:93:21:76:c8:bc:fc:57:15:
d6:70:66:b6:16:87:13:32:87:6f:60:06:06:92:40:b4:69:13:
92:63:d1:c1:04:71:13:b1:0e:00:5a:00:42:8a:de:10:51:01:
10:78:a3:9c:71:b2:52:26:32:e5:1b:c8:d9:92:4b:e0:fd:0b:
d1:82:db:49:e0:3d:67:f0:66:53:fb:26:79:24:b8:2c:a9:64:
7b:a9:30:3b:3d:59:92:01:a7:46:81:a1:41:5a:fe:ca:e5:53:
46:3e:49:71
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZRHXwzd8qZCeN2ZzzUVLMMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTNkMWU4NjE4ZWY4ZmFlODA3NWRkZDU4MjcwZDA5NDAw
NmJlOTkwHhcNMjUwMTA4MTkyMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVmY2M4MzcwZDkxYzQ3NTZlN2Y4NTY3YTVmOTEwN2I1ZjFhZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GlaHFqzMdzkLeZCXUiX0hsbErNN
OAA6u6g/z/B6gwGdmXPQHnXUjtfg8qFd+QDXxYwqmFclb7pP25IibPTuCueKa336
J/QEo7OJ2/ctwUknX24q5w6fFwoGDiC9Sp6GabQy+m5Elpr8isRizRIxrXmNs75F
3OBn39yaCYBRzTwRkZ108G5UTo3G0yDNVVW9i8nm976eW5kxqMVdi/0o4nLy/SvL
3B0M5m+mQKdVPgSGZrdCOfrYcFhfCBdW2NvMCm1ohgysBYHnDRyqEz4oiQVr2D2O
ct1x4GcFpkCPZSopUkMzp4iMGqab4Wi8ZoVe1AppyIHJWjjIvi4kYrbUdQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJTvzINw2RxHVuf4VnpfkQe18a3SMB8GA1UdIwQY
MBaAFIRT0ehhjvj66Add3VgnDQlABr6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEt
ZDRhZTQwNzEzMjhmLzEvbE9fTWczRFpIRWRXNV9oV2VsLVJCN1h4cmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEtZDRhZTQwNzEzMjhm
LzEvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCW8noMAwD
BATDSJADBADDSJIwDQQCAAIwBwMFAyoSW4AwDQYJKoZIhvcNAQELBQADggEBAGAH
D7NLjFWKd5Og4rftR/p6czZ38xEYIqcBNJ5KBMdWZVL9r3rh/gUYwozpYRAvo8RJ
51hhaUbFipgl7kXmbjnpfo83RkiVkixz+1lGAEHjg0PR5K+t5ZFJBPSHu9eum6Yk
/YpHcao1fYdzbXE/jR9lj9Ae2ErWwsgEWgTzWQehoZbYPSw0a5OqRJ5bhoEohTPz
lQoTzWYuu1GTIXbIvPxXFdZwZrYWhxMyh29gBgaSQLRpE5Jj0cEEcROxDgBaAEKK
3hBRARB4o5xxslImMuUbyNmSS+D9C9GC20ngPWfwZlP7JnkkuCypZHupMDs9WZIB
p0aBoUFa/srlU0Y+SXE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net