Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KwW0a13v-16rO2m-BTqCxx8rpAo.roa
File: KwW0a13v-16rO2m-BTqCxx8rpAo.roa (raw, json)
Hash identifier: krFsjsEBadu6bDJqG1OXIARdZJq+ewHj8q4uQfOufeM=
Subject key identifier: 2B:05:B4:6B:5D:EF:FB:5E:AB:3B:69:BE:05:3A:82:C7:1F:2B:A4:0A
Certificate issuer: /CN=47662f9ff6b643c467a2b434b76f825ebb66fed4
Certificate serial: 01942747A7469A8344A65396B0995A2222EE
Authority key identifier: 47:66:2F:9F:F6:B6:43:C4:67:A2:B4:34:B7:6F:82:5E:BB:66:FE:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KwW0a13v-16rO2m-BTqCxx8rpAo.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42344
IP address blocks: 91.142.32.0/20 maxlen: 20
185.18.144.0/22 maxlen: 22
185.107.8.0/22 maxlen: 22
2a01:418::/32 maxlen: 32
2a06:3fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a7:46:9a:83:44:a6:53:96:b0:99:5a:22:22:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47662f9ff6b643c467a2b434b76f825ebb66fed4
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b05b46b5deffb5eab3b69be053a82c71f2ba40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:27:70:15:a1:3b:25:79:76:b6:b7:a8:2f:a5:
c5:55:3a:d0:09:a3:71:c3:f3:d9:00:39:d0:c5:37:
0f:99:79:0d:74:bb:9f:c2:73:6f:c5:ff:29:30:a6:
25:fe:b9:a5:d7:95:c3:bb:67:62:3f:4d:f5:dc:a2:
81:b5:b7:c9:ff:bc:58:43:b2:8e:97:63:36:13:e2:
7b:65:fa:b4:61:c2:66:d0:94:24:d8:47:36:c5:7f:
71:7c:30:f6:73:87:62:87:ec:b0:66:4a:49:02:c8:
6a:c3:8c:43:14:c8:53:56:22:19:df:57:4a:02:ac:
03:c3:9b:5d:16:84:72:07:20:6d:13:b2:9d:fd:aa:
1c:2b:d4:5d:11:db:0d:48:ac:7f:a1:7e:db:62:6b:
4c:d4:dc:30:e8:e5:b9:ec:53:ad:dd:c7:87:65:67:
0f:1b:78:a2:bc:51:20:c9:64:ce:47:33:ba:29:4a:
f3:22:de:23:99:4e:7c:d1:41:18:dc:7e:98:e7:75:
da:2b:d3:e9:8e:32:67:f7:fe:fc:d8:05:09:3b:62:
fb:7b:96:c5:5c:b5:40:73:62:f6:25:dd:22:6b:ae:
9a:72:56:9b:77:ed:b4:5b:23:1b:ff:c1:38:74:24:
98:f7:a4:59:2e:52:78:91:12:05:61:5d:4a:e5:c4:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:05:B4:6B:5D:EF:FB:5E:AB:3B:69:BE:05:3A:82:C7:1F:2B:A4:0A
X509v3 Authority Key Identifier:
keyid:47:66:2F:9F:F6:B6:43:C4:67:A2:B4:34:B7:6F:82:5E:BB:66:FE:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KwW0a13v-16rO2m-BTqCxx8rpAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.32.0/20
185.18.144.0/22
185.107.8.0/22
IPv6:
2a01:418::/32
2a06:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
21:f8:63:06:13:31:35:20:9b:c2:4c:8c:b0:74:d1:67:ad:cf:
3c:70:5e:46:01:08:7a:a3:65:6a:af:9e:85:04:f8:22:b4:77:
f1:28:1b:d4:32:e4:6d:64:66:08:51:f6:68:be:df:e7:ce:24:
b7:24:fc:c9:43:6e:32:86:8b:54:de:7a:25:cc:fd:ee:01:b5:
02:68:3e:0f:3c:2c:a4:8d:fe:c5:a4:8f:4b:37:e5:fa:d4:02:
36:66:1c:d2:8f:df:82:06:5f:f7:0b:57:7c:d3:1e:15:47:85:
85:a8:d0:03:0c:39:9b:ae:38:75:3e:98:ee:56:4d:33:05:6a:
76:99:be:1b:c8:76:55:48:dc:57:01:2d:70:d6:69:47:64:90:
27:af:a4:1c:23:6c:ff:14:0a:25:d3:b5:02:45:d9:3a:d7:5d:
9b:76:cf:a5:d2:cd:aa:0f:9a:46:8a:ae:77:a0:d0:49:e8:f9:
a6:82:5b:ac:46:fd:ed:38:e3:f8:09:72:8b:54:67:29:7d:4b:
38:2d:1f:ba:e2:39:ce:b4:2a:20:eb:87:1f:79:61:8c:6c:51:
f0:15:5c:fc:59:6b:f1:12:07:57:02:98:6d:62:78:e7:0c:98:
f7:79:5f:84:45:b2:c3:f6:db:99:1b:df:3f:76:c4:4b:46:47:
1d:30:53:e1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQnR6dGmoNEplOWsJlaIiLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjYyZjlmZjZiNjQzYzQ2N2EyYjQzNGI3NmY4MjVlYmI2
NmZlZDQwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjA1YjQ2YjVkZWZmYjVlYWIzYjY5YmUwNTNhODJjNzFmMmJhNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1idwFaE7JXl2treoL6XFVTrQCaNx
w/PZADnQxTcPmXkNdLufwnNvxf8pMKYl/rml15XDu2diP0313KKBtbfJ/7xYQ7KO
l2M2E+J7Zfq0YcJm0JQk2Ec2xX9xfDD2c4dih+ywZkpJAshqw4xDFMhTViIZ31dK
AqwDw5tdFoRyByBtE7Kd/aocK9RdEdsNSKx/oX7bYmtM1Nww6OW57FOt3ceHZWcP
G3iivFEgyWTORzO6KUrzIt4jmU580UEY3H6Y53XaK9PpjjJn9/782AUJO2L7e5bF
XLVAc2L2Jd0ia66aclabd+20WyMb/8E4dCSY96RZLlJ4kRIFYV1K5cRHYwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCsFtGtd7/teqztpvgU6gscfK6QKMB8GA1UdIwQY
MBaAFEdmL5/2tkPEZ6K0NLdvgl67Zv7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJZdm5fYTJROFJub3JRMHQyLUNYcnRtX3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iNWYxNzctYmJkZC00MGNmLTg3ZTUt
YjBiNGM0ZjJmZDkwLzEvS3dXMGExM3YtMTZyTzJtLUJUcUN4eDhycEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iNWYxNzctYmJkZC00MGNmLTg3ZTUtYjBiNGM0ZjJmZDkw
LzEvUjJZdm5fYTJROFJub3JRMHQyLUNYcnRtX3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEW44gAwQC
uRKQAwQCuWsIMBQEAgACMA4DBQAqAQQYAwUDKgY/wDANBgkqhkiG9w0BAQsFAAOC
AQEAIfhjBhMxNSCbwkyMsHTRZ63PPHBeRgEIeqNlaq+ehQT4IrR38Sgb1DLkbWRm
CFH2aL7f584ktyT8yUNuMoaLVN56Jcz97gG1Amg+DzwspI3+xaSPSzfl+tQCNmYc
0o/fggZf9wtXfNMeFUeFhajQAww5m644dT6Y7lZNMwVqdpm+G8h2VUjcVwEtcNZp
R2SQJ6+kHCNs/xQKJdO1AkXZOtddm3bPpdLNqg+aRoqud6DQSej5poJbrEb97Tjj
+Alyi1RnKX1LOC0fuuI5zrQqIOuHH3lhjGxR8BVc/Flr8RIHVwKYbWJ45wyY93lf
hEWyw/bbmRvfP3bES0ZHHTBT4Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net