Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/tzzSp7NcM-PSESqcobcnnPGUdpM.roa
File: tzzSp7NcM-PSESqcobcnnPGUdpM.roa (raw, json)
Hash identifier: j91sCHLIGQdEiVN+43VX1s0ml2f/7NijHTen+cRY49k=
Subject key identifier: B7:3C:D2:A7:B3:5C:33:E3:D2:11:2A:9C:A1:B7:27:9C:F1:94:76:93
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 019422FC281DCE3B433542FFA256507A04A6
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/tzzSp7NcM-PSESqcobcnnPGUdpM.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 91.197.71.0/24 maxlen: 24
94.131.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:28:1d:ce:3b:43:35:42:ff:a2:56:50:7a:04:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b73cd2a7b35c33e3d2112a9ca1b7279cf1947693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:db:53:c2:7a:f5:38:c7:49:6d:d1:97:ee:
60:f4:7b:5d:24:e6:34:6a:74:20:d6:7b:82:a8:1e:
9c:d0:81:a0:d9:2d:a3:fe:b0:ed:fe:e4:38:68:7e:
17:71:79:80:d9:05:5a:36:f2:d1:ed:8a:42:e7:ce:
21:2a:68:e0:3b:f4:0f:6d:d8:ad:9f:56:1d:cc:16:
22:60:59:ab:20:20:d8:96:ca:5c:85:23:56:ea:11:
7e:25:6c:85:99:5a:78:3a:7a:47:56:47:97:8b:22:
fa:02:6a:64:ae:11:6b:1b:97:e6:e9:ce:9b:b9:4b:
95:a5:30:2e:0b:97:bb:0b:9c:7b:5c:ef:36:22:24:
92:dd:3b:44:6a:d0:58:c8:7a:8c:ee:ac:a3:22:5a:
d4:90:3e:db:d6:02:35:16:50:72:e2:60:9d:e3:11:
7f:ae:c2:85:cc:d5:81:8e:3b:96:70:39:28:5b:36:
a6:9a:4f:b7:a2:2f:5f:f9:03:65:62:ae:84:8f:f8:
95:28:15:c3:ad:24:b2:0a:7a:72:0f:6d:3b:70:c5:
16:44:f4:95:b2:80:81:13:c0:79:b8:4d:bc:32:47:
25:83:35:01:41:d3:7e:b3:c4:ee:5f:1a:73:90:cd:
77:40:bf:b8:1a:aa:98:2f:f9:2a:bc:8f:c4:a8:c6:
ae:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3C:D2:A7:B3:5C:33:E3:D2:11:2A:9C:A1:B7:27:9C:F1:94:76:93
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/tzzSp7NcM-PSESqcobcnnPGUdpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.71.0/24
94.131.218.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d3:70:c6:33:0d:1a:b4:a6:3d:04:8f:3f:c8:f8:f0:3b:5e:
86:6f:55:d5:e7:ef:af:05:d9:9d:21:54:3f:bd:e6:ec:22:da:
0a:92:a9:8e:d9:ed:08:21:52:96:c0:00:97:af:a0:1d:aa:a2:
fa:73:e7:e4:b2:f5:3f:38:c5:10:76:4d:5e:93:b6:73:4f:9b:
4d:dc:3b:ce:f2:c3:30:8e:77:17:97:f1:a2:00:fa:62:80:68:
a8:21:be:aa:c2:e1:d3:69:0e:24:5d:24:a0:60:af:76:a7:23:
24:56:81:57:f3:8f:f8:95:e7:80:90:9f:21:0d:35:f4:6e:68:
c0:84:e6:2d:b3:34:5b:07:bf:22:d5:ce:7e:8b:c6:e5:83:0c:
52:b7:e4:c7:e6:91:d7:31:fd:fc:41:fd:cb:0e:a8:df:d3:f2:
4e:97:03:df:d0:c0:c3:ae:99:a7:7d:19:08:00:83:f5:0d:7a:
d0:43:89:01:7f:ec:1a:21:8c:9c:2b:07:c6:95:02:cc:b4:71:
e3:9e:34:cc:d4:26:bf:86:8a:b9:aa:19:58:19:9e:4f:a3:5c:
85:c5:3a:3a:8e:3f:45:84:a2:a5:ec:24:7e:e3:22:86:7c:f9:
da:f7:7b:f0:93:c9:c7:10:8c:72:1a:dd:34:03:18:af:08:6f:
99:ee:64:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/CgdzjtDNUL/olZQegSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNjZDJhN2IzNWMzM2UzZDIxMTJhOWNhMWI3Mjc5Y2YxOTQ3NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq/bU8J69TjHSW3Rl+5g9HtdJOY0
anQg1nuCqB6c0IGg2S2j/rDt/uQ4aH4XcXmA2QVaNvLR7YpC584hKmjgO/QPbdit
n1YdzBYiYFmrICDYlspchSNW6hF+JWyFmVp4OnpHVkeXiyL6AmpkrhFrG5fm6c6b
uUuVpTAuC5e7C5x7XO82IiSS3TtEatBYyHqM7qyjIlrUkD7b1gI1FlBy4mCd4xF/
rsKFzNWBjjuWcDkoWzammk+3oi9f+QNlYq6Ej/iVKBXDrSSyCnpyD207cMUWRPSV
soCBE8B5uE28MkclgzUBQdN+s8TuXxpzkM13QL+4GqqYL/kqvI/EqMauqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLc80qezXDPj0hEqnKG3J5zxlHaTMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvdHp6U3A3TmNNLVBTRVNxY29iY25uUEdVZHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8VHAwQA
XoPaMA0GCSqGSIb3DQEBCwUAA4IBAQB303DGMw0atKY9BI8/yPjwO16Gb1XV5++v
BdmdIVQ/vebsItoKkqmO2e0IIVKWwACXr6AdqqL6c+fksvU/OMUQdk1ek7ZzT5tN
3DvO8sMwjncXl/GiAPpigGioIb6qwuHTaQ4kXSSgYK92pyMkVoFX84/4leeAkJ8h
DTX0bmjAhOYtszRbB78i1c5+i8blgwxSt+TH5pHXMf38Qf3LDqjf0/JOlwPf0MDD
rpmnfRkIAIP1DXrQQ4kBf+waIYycKwfGlQLMtHHjnjTM1Ca/hoq5qhlYGZ5Po1yF
xTo6jj9FhKKl7CR+4yKGfPna93vwk8nHEIxyGt00AxivCG+Z7mTJ
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:05 2025 by rpki-client on console.sobornost.net