Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/ai_RgbT0zKstqqt2SbvFvSaAldI.roa
File: ai_RgbT0zKstqqt2SbvFvSaAldI.roa (raw, json)
Hash identifier: +RxVDzpwxX0PVjGcCVeFRTO/OITdBFvoCwZmWeh/ZW4=
Subject key identifier: 6A:2F:D1:81:B4:F4:CC:AB:2D:AA:AB:76:49:BB:C5:BD:26:80:95:D2
Certificate issuer: /CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Certificate serial: 0194252191C56D8578500B3EC1F7D29D40C0
Authority key identifier: 27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/ai_RgbT0zKstqqt2SbvFvSaAldI.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41741
IP address blocks: 91.102.24.0/21 maxlen: 24
91.102.28.0/22 maxlen: 22
91.102.29.0/24 maxlen: 24
2a03:6180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:91:c5:6d:85:78:50:0b:3e:c1:f7:d2:9d:40:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a2fd181b4f4ccab2daaab7649bbc5bd268095d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:a8:69:cd:1c:2c:e6:04:6f:52:61:6f:60:
3a:1f:54:52:b8:af:4e:80:f9:f6:4d:81:a7:03:a3:
60:c2:38:63:f1:92:5b:c1:76:db:cc:c1:81:2b:17:
f0:b4:15:87:01:57:12:50:68:d1:ac:d2:4c:d6:a2:
7c:f8:92:ce:4a:2b:49:be:e8:0d:28:62:66:39:74:
b2:ed:a8:c9:19:73:6d:94:fa:2b:f6:fd:f5:e0:1e:
84:5f:64:14:59:03:23:78:36:e2:7c:75:df:77:f0:
b2:e2:6f:47:f0:75:57:32:aa:3c:ff:68:32:05:c3:
12:2e:f8:67:ee:ad:f9:a4:34:22:f4:29:61:3d:20:
0e:61:51:09:b9:93:ec:be:27:27:41:78:39:b8:54:
61:39:fa:b3:33:32:77:d9:fc:c5:5b:61:f5:d8:cb:
bf:43:e4:2a:80:52:9d:5b:3d:c7:53:b6:a9:ea:7f:
b6:b4:c9:e9:03:0d:fe:57:c2:ca:64:b1:f0:3c:f1:
b6:8c:4d:87:2a:f2:47:72:d4:b0:99:68:16:e3:96:
59:53:4b:e9:08:0a:8f:0f:70:b7:fc:ed:66:10:c2:
02:0d:b1:13:0a:1a:36:7b:da:1f:1c:fa:3e:7f:0b:
8d:94:9e:b0:6f:bf:9e:2e:57:f8:46:3f:0e:f6:78:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2F:D1:81:B4:F4:CC:AB:2D:AA:AB:76:49:BB:C5:BD:26:80:95:D2
X509v3 Authority Key Identifier:
keyid:27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/ai_RgbT0zKstqqt2SbvFvSaAldI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.24.0/21
IPv6:
2a03:6180::/32
Signature Algorithm: sha256WithRSAEncryption
7b:ba:71:b3:b0:fa:25:97:e0:fd:af:22:b9:03:aa:e8:38:74:
fa:0f:1a:b2:4e:ea:6e:c4:fe:a3:a3:a4:74:24:2b:b5:90:c0:
38:9a:24:ab:5e:62:84:e8:80:67:bc:3f:e8:35:36:c5:86:bd:
a0:72:cf:1a:11:3d:72:4f:32:8d:d5:39:5d:e4:3b:78:43:4f:
d2:ca:80:b2:2a:b8:b9:d2:b8:e4:5c:6d:5b:83:a8:7b:8d:ef:
43:98:93:62:31:4f:e8:ec:9c:4c:fa:c7:5c:9f:f7:fc:98:79:
d2:5a:03:88:25:80:78:fa:b7:cb:02:ec:4a:b5:97:2c:c2:13:
70:90:93:2c:85:83:6c:be:73:c9:66:cd:6a:ee:c6:78:f2:a3:
0e:a7:1f:5a:bb:c2:9e:80:8d:22:ab:c9:7d:9b:e9:2b:19:cb:
ce:fd:6c:fd:64:6a:f7:c9:17:7f:b7:63:14:6b:5e:93:fe:d4:
8b:d3:80:27:1e:a8:04:be:ab:08:1d:c6:2d:09:ea:27:49:83:
f8:0f:ec:12:8a:e6:9e:cc:bb:45:1f:35:53:a0:78:a9:4b:3c:
27:d7:49:4e:60:d4:ef:a8:c3:c6:62:7e:c1:5d:eb:47:8b:49:
f9:d9:29:6c:bc:68:fe:d9:35:9d:36:1a:e5:b1:33:7d:51:27:
23:4e:40:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIZHFbYV4UAs+wffSnUDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5MGY1ZjMxZjIzOGRmM2U4ZjNiZGZjYzA1NzUxY2My
ZjE5MmMwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJmZDE4MWI0ZjRjY2FiMmRhYWFiNzY0OWJiYzViZDI2ODA5NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqaoac0cLOYEb1Jhb2A6H1RSuK9O
gPn2TYGnA6Ngwjhj8ZJbwXbbzMGBKxfwtBWHAVcSUGjRrNJM1qJ8+JLOSitJvugN
KGJmOXSy7ajJGXNtlPor9v314B6EX2QUWQMjeDbifHXfd/Cy4m9H8HVXMqo8/2gy
BcMSLvhn7q35pDQi9ClhPSAOYVEJuZPsvicnQXg5uFRhOfqzMzJ32fzFW2H12Mu/
Q+QqgFKdWz3HU7ap6n+2tMnpAw3+V8LKZLHwPPG2jE2HKvJHctSwmWgW45ZZU0vp
CAqPD3C3/O1mEMICDbETCho2e9ofHPo+fwuNlJ6wb7+eLlf4Rj8O9nh7nwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGov0YG09MyrLaqrdkm7xb0mgJXSMB8GA1UdIwQY
MBaAFCcCkPXzHyON8+jzvfzAV1HMLxksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAt
YjE0Y2M5MWM3NzZjLzEvYWlfUmdiVDB6S3N0cXF0MlNidkZ2U2FBbGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAtYjE0Y2M5MWM3NzZj
LzEvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDW2YYMA0E
AgACMAcDBQAqA2GAMA0GCSqGSIb3DQEBCwUAA4IBAQB7unGzsPoll+D9ryK5A6ro
OHT6DxqyTupuxP6jo6R0JCu1kMA4miSrXmKE6IBnvD/oNTbFhr2gcs8aET1yTzKN
1Tld5Dt4Q0/SyoCyKri50rjkXG1bg6h7je9DmJNiMU/o7JxM+sdcn/f8mHnSWgOI
JYB4+rfLAuxKtZcswhNwkJMshYNsvnPJZs1q7sZ48qMOpx9au8KegI0iq8l9m+kr
GcvO/Wz9ZGr3yRd/t2MUa16T/tSL04AnHqgEvqsIHcYtCeonSYP4D+wSiuaezLtF
HzVToHipSzwn10lOYNTvqMPGYn7BXetHi0n52SlsvGj+2TWdNhrlsTN9UScjTkD/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:48 2025 by rpki-client on console.sobornost.net