Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/sKACgvTr5E2KmqilEPnCMtDVWp0.roa
File: sKACgvTr5E2KmqilEPnCMtDVWp0.roa (raw, json)
Hash identifier: GFqzFhApZWxNeYshDRfyRg5L0vTOIJdMwgZ8ZtOAg9Y=
Subject key identifier: B0:A0:02:82:F4:EB:E4:4D:8A:9A:A8:A5:10:F9:C2:32:D0:D5:5A:9D
Certificate issuer: /CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Certificate serial: 019424B39C9E3149E37B68E2DD135D12F0EA
Authority key identifier: 5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/sKACgvTr5E2KmqilEPnCMtDVWp0.roa
Signing time: Thu 02 Jan 2025 01:48:58 +0000
ROA not before: Thu 02 Jan 2025 01:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198606
IP address blocks: 91.237.96.0/24 maxlen: 24
2001:67c:28c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9c:9e:31:49:e3:7b:68:e2:dd:13:5d:12:f0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Validity
Not Before: Jan 2 01:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a00282f4ebe44d8a9aa8a510f9c232d0d55a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:96:63:ef:07:b7:c7:d7:c2:d2:45:c0:41:88:
59:b2:1b:65:17:1b:6e:44:23:80:d3:01:98:46:74:
06:95:89:2d:a4:17:01:0d:77:ff:d6:60:41:66:81:
fa:06:2f:b7:6c:22:25:8a:f3:04:cc:11:e8:ea:fc:
32:da:34:2f:3f:17:c1:5d:7c:60:08:f4:13:8f:78:
f5:dc:e8:41:78:d7:83:0f:01:a8:70:fb:e9:4e:45:
f1:7b:eb:cb:51:a3:bd:36:d4:34:90:9d:27:35:c6:
2b:15:23:6d:f9:47:d0:af:7f:06:f3:01:43:85:07:
97:30:72:82:d6:1d:04:d4:79:d5:80:1a:d6:82:40:
e4:69:7b:03:e4:de:c2:30:45:78:a3:5d:b8:74:63:
4c:8c:94:15:fb:72:58:0d:1e:e8:65:3b:0b:6e:2a:
81:14:3b:38:5d:2a:c8:7c:c3:6e:97:94:a9:63:61:
79:be:7f:6b:f3:09:b4:fd:27:6e:64:81:a1:2c:2e:
eb:2b:0d:ff:ae:67:da:47:ed:e7:1d:39:28:9c:34:
5c:e9:4e:05:99:b3:8b:05:fe:67:29:2e:52:f5:81:
f3:0e:5a:ee:d9:91:57:37:55:87:ef:5e:58:9a:df:
9f:dc:63:2a:e4:50:84:bf:29:de:e1:af:28:28:3e:
9b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A0:02:82:F4:EB:E4:4D:8A:9A:A8:A5:10:F9:C2:32:D0:D5:5A:9D
X509v3 Authority Key Identifier:
keyid:5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/sKACgvTr5E2KmqilEPnCMtDVWp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.96.0/24
IPv6:
2001:67c:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
0f:89:8c:39:5a:c5:d8:89:34:07:c0:f2:e3:ba:5a:15:3e:6c:
03:c4:d8:4b:e8:f5:0f:09:c9:ea:55:8d:04:d3:fb:3e:b6:fc:
0c:a4:e9:4e:04:6c:28:b1:cf:6c:e2:56:c9:29:6a:5a:2e:37:
b8:54:6f:c6:5e:75:06:52:15:3e:47:e7:c1:fb:1a:3b:a6:e6:
7c:c0:a5:08:8e:64:41:55:ec:59:a9:2b:e5:0f:1d:6a:b4:df:
f2:5e:a7:a3:75:34:4c:1b:3f:73:4d:8f:49:ee:c8:56:62:b2:
10:70:15:00:14:40:e2:c1:87:0d:f8:01:1b:b8:c4:70:3a:cd:
8b:ab:f4:36:9a:4d:b9:3f:b9:82:6a:c0:d2:dc:16:ff:06:9e:
19:96:73:34:07:e3:e9:01:95:a3:a1:37:81:c7:22:8e:32:ce:
9b:4a:f9:c4:f3:3d:9c:8f:6c:7f:36:f5:d5:79:93:17:4f:7e:
48:48:77:a0:2a:9f:da:74:53:c9:4c:3f:73:70:f6:4e:0f:55:
72:82:1f:f5:0f:55:0f:5c:89:d8:59:b9:71:de:c1:78:c5:9e:
e4:63:f6:22:f2:8e:01:40:98:47:78:39:d1:27:75:cd:dc:1b:
85:27:44:3e:17:e5:02:70:0c:13:01:a8:d1:8d:e0:dc:fe:34:
2e:a7:e2:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks5yeMUnje2ji3RNdEvDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTRlNTcxMGE0NjUzNmJlZjJhZjM2YmY2M2YxOTQwYmMz
N2JkNDIwHhcNMjUwMTAyMDE0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGEwMDI4MmY0ZWJlNDRkOGE5YWE4YTUxMGY5YzIzMmQwZDU1YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpZj7we3x9fC0kXAQYhZshtlFxtu
RCOA0wGYRnQGlYktpBcBDXf/1mBBZoH6Bi+3bCIlivMEzBHo6vwy2jQvPxfBXXxg
CPQTj3j13OhBeNeDDwGocPvpTkXxe+vLUaO9NtQ0kJ0nNcYrFSNt+UfQr38G8wFD
hQeXMHKC1h0E1HnVgBrWgkDkaXsD5N7CMEV4o124dGNMjJQV+3JYDR7oZTsLbiqB
FDs4XSrIfMNul5SpY2F5vn9r8wm0/SduZIGhLC7rKw3/rmfaR+3nHTkonDRc6U4F
mbOLBf5nKS5S9YHzDlru2ZFXN1WH715Ymt+f3GMq5FCEvyne4a8oKD6bZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLCgAoL06+RNipqopRD5wjLQ1VqdMB8GA1UdIwQY
MBaAFFqk5XEKRlNr7yrza/Y/GUC8N71CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmIt
NDRkYzUyYTE5Y2U1LzEvc0tBQ2d2VHI1RTJLbXFpbEVQbkNNdERWV3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmItNDRkYzUyYTE5Y2U1
LzEvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1gMA8E
AgACMAkDBwAgAQZ8KMAwDQYJKoZIhvcNAQELBQADggEBAA+JjDlaxdiJNAfA8uO6
WhU+bAPE2Evo9Q8JyepVjQTT+z62/Ayk6U4EbCixz2ziVskpalouN7hUb8ZedQZS
FT5H58H7Gjum5nzApQiOZEFV7FmpK+UPHWq03/Jep6N1NEwbP3NNj0nuyFZishBw
FQAUQOLBhw34ARu4xHA6zYur9DaaTbk/uYJqwNLcFv8GnhmWczQH4+kBlaOhN4HH
Io4yzptK+cTzPZyPbH829dV5kxdPfkhId6Aqn9p0U8lMP3Nw9k4PVXKCH/UPVQ9c
idhZuXHewXjFnuRj9iLyjgFAmEd4OdEndc3cG4UnRD4X5QJwDBMBqNGN4Nz+NC6n
4kE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:34 2025 by rpki-client on console.sobornost.net