Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/52hp8nB7AXAyqEAV8YTkITJEb6E.roa
File: 52hp8nB7AXAyqEAV8YTkITJEb6E.roa (raw, json)
Hash identifier: Xazwhm/OQQD1GuqIw2cYEe9MEV2J8Wq0n43R9zvLV8E=
Subject key identifier: E7:68:69:F2:70:7B:01:70:32:A8:40:15:F1:84:E4:21:32:44:6F:A1
Certificate issuer: /CN=57c0bd9f8331ea8438fd2a2f671b71af4a2dec17
Certificate serial: 018CC86FA1670C771914C4EBDA249BFD6387
Authority key identifier: 57:C0:BD:9F:83:31:EA:84:38:FD:2A:2F:67:1B:71:AF:4A:2D:EC:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/52hp8nB7AXAyqEAV8YTkITJEb6E.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3232
IP address blocks: 193.105.132.0/24 maxlen: 24
193.17.43.0/24 maxlen: 24
91.216.220.0/24 maxlen: 24
194.165.45.0/24 maxlen: 24
194.165.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a1:67:0c:77:19:14:c4:eb:da:24:9b:fd:63:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c0bd9f8331ea8438fd2a2f671b71af4a2dec17
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e76869f2707b017032a84015f184e42132446fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:89:4d:98:c1:e8:79:b2:68:14:fc:66:d6:9c:
32:f4:ad:c3:74:45:28:4a:50:66:ec:41:2d:7b:f2:
89:35:d0:c7:4d:36:94:be:d9:c1:a8:63:72:21:5b:
77:15:b9:ec:9a:97:7f:d0:ba:12:4f:91:93:c5:8d:
40:8e:56:e7:81:45:08:97:db:4b:6a:06:bb:95:0b:
59:a2:73:bc:16:f8:2d:05:4b:4d:b3:72:bc:df:50:
4f:36:cb:6e:c6:a3:3d:aa:7f:73:6a:c2:02:ef:80:
a8:1f:67:5a:04:2b:0c:cc:f1:bd:d0:71:76:61:20:
7c:a6:d0:4d:31:2a:8c:0a:ab:a8:8b:b3:27:64:21:
2b:7d:35:d8:85:13:65:66:b8:77:77:cd:10:63:89:
b3:49:de:a1:1a:68:a7:04:66:cf:7f:27:9a:f2:3a:
be:c0:72:3b:7a:76:56:05:73:53:9a:1d:35:f8:ec:
8d:87:a9:57:35:cd:ae:2f:1c:2d:8f:fa:c6:6b:be:
d7:59:41:4b:40:c6:5d:64:7d:d0:40:2a:02:c1:2f:
44:e8:e2:50:7f:3c:38:78:ee:d0:7f:ae:fa:ec:f2:
36:16:dc:e1:fe:14:1c:7a:0a:e2:40:38:f7:66:4d:
3f:e3:df:d5:99:f4:e0:b9:e2:42:85:94:40:56:54:
55:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:68:69:F2:70:7B:01:70:32:A8:40:15:F1:84:E4:21:32:44:6F:A1
X509v3 Authority Key Identifier:
keyid:57:C0:BD:9F:83:31:EA:84:38:FD:2A:2F:67:1B:71:AF:4A:2D:EC:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/52hp8nB7AXAyqEAV8YTkITJEb6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.220.0/24
193.17.43.0/24
193.105.132.0/24
194.165.45.0/24
194.165.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:7e:2a:16:f1:ee:fe:84:17:bb:8b:c5:ec:98:c5:51:ec:8a:
33:81:b0:59:f1:0c:ae:7e:71:ff:03:3f:ec:52:e5:35:39:17:
af:cd:fe:af:65:32:60:6a:93:8b:15:cc:35:10:e6:53:db:bb:
9e:0c:f3:01:e6:9f:53:11:86:22:b5:09:2b:da:9c:ca:68:b6:
4e:3d:30:36:3a:a6:d0:57:9a:2e:42:e0:81:2f:0d:e2:26:26:
80:8d:5a:51:30:46:49:74:b2:17:62:33:fe:1c:8c:7a:1d:7b:
ac:80:17:d7:50:a6:89:b2:86:be:cf:df:77:11:33:0f:57:a0:
a9:0d:72:28:8c:48:e8:de:70:d2:17:6d:13:b6:b7:f0:37:30:
dd:fc:cb:03:5d:2e:01:a1:d6:61:44:81:2c:fa:e9:5f:0e:09:
5b:0e:e3:e7:d1:23:e2:e1:32:78:2d:aa:62:88:3a:b7:78:48:
51:2c:ab:45:71:1e:7e:cc:6e:2a:78:f4:c1:f9:21:17:f0:d4:
cd:a4:b0:cb:0a:11:91:e1:3c:a7:3c:42:58:d1:aa:49:10:56:
42:54:81:70:ec:cd:07:1e:ce:79:4a:cb:85:a4:a1:9f:81:80:
fa:79:47:9d:bc:87:98:18:8e:c2:af:3b:82:20:af:11:ad:fe:
ae:ab:63:1c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb6FnDHcZFMTr2iSb/WOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzBiZDlmODMzMWVhODQzOGZkMmEyZjY3MWI3MWFmNGEy
ZGVjMTcwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzY4NjlmMjcwN2IwMTcwMzJhODQwMTVmMTg0ZTQyMTMyNDQ2ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4lNmMHoebJoFPxm1pwy9K3DdEUo
SlBm7EEte/KJNdDHTTaUvtnBqGNyIVt3Fbnsmpd/0LoST5GTxY1AjlbngUUIl9tL
aga7lQtZonO8FvgtBUtNs3K831BPNstuxqM9qn9zasIC74CoH2daBCsMzPG90HF2
YSB8ptBNMSqMCquoi7MnZCErfTXYhRNlZrh3d80QY4mzSd6hGminBGbPfyea8jq+
wHI7enZWBXNTmh01+OyNh6lXNc2uLxwtj/rGa77XWUFLQMZdZH3QQCoCwS9E6OJQ
fzw4eO7Qf6767PI2Ftzh/hQcegriQDj3Zk0/49/VmfTgueJChZRAVlRVaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOdoafJwewFwMqhAFfGE5CEyRG+hMB8GA1UdIwQY
MBaAFFfAvZ+DMeqEOP0qL2cbca9KLewXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhDOW40TXg2b1E0X1Nvdlp4dHhyMG90N0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kNWU5ZjYtM2Y2ZC00Njk0LTg5Yjgt
YTA5M2QxMDA4NzRjLzEvNTJocDhuQjdBWEF5cUVBVjhZVGtJVEpFYjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kNWU5ZjYtM2Y2ZC00Njk0LTg5YjgtYTA5M2QxMDA4NzRj
LzEvVjhDOW40TXg2b1E0X1Nvdlp4dHhyMG90N0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW9jcAwQA
wRErAwQAwWmEAwQAwqUtAwQAwqU1MA0GCSqGSIb3DQEBCwUAA4IBAQAffioW8e7+
hBe7i8XsmMVR7IozgbBZ8QyufnH/Az/sUuU1ORevzf6vZTJgapOLFcw1EOZT27ue
DPMB5p9TEYYitQkr2pzKaLZOPTA2OqbQV5ouQuCBLw3iJiaAjVpRMEZJdLIXYjP+
HIx6HXusgBfXUKaJsoa+z993ETMPV6CpDXIojEjo3nDSF20TtrfwNzDd/MsDXS4B
odZhRIEs+ulfDglbDuPn0SPi4TJ4LapiiDq3eEhRLKtFcR5+zG4qePTB+SEX8NTN
pLDLChGR4TynPEJY0apJEFZCVIFw7M0HHs55SsuFpKGfgYD6eUedvIeYGI7CrzuC
IK8Rrf6uq2Mc
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:17:07 2024 by rpki-client on console.sobornost.net