Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TbWgizKsqNhwpFdWGXnbIwDrU3I.roa
File: TbWgizKsqNhwpFdWGXnbIwDrU3I.roa (raw, json)
Hash identifier: 5F6DtKuEWYpuURStNN/KoTQvkPtxeEDhbSkgYI+ch7Y=
Subject key identifier: 4D:B5:A0:8B:32:AC:A8:D8:70:A4:57:56:19:79:DB:23:00:EB:53:72
Certificate issuer: /CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Certificate serial: 01936CD8878C1E1A4AF20823566BFD778FEF
Authority key identifier: 86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TbWgizKsqNhwpFdWGXnbIwDrU3I.roa
Signing time: Wed 27 Nov 2024 08:59:09 +0000
ROA not before: Wed 27 Nov 2024 08:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13020
IP address blocks: 151.217.0.0/16 maxlen: 16
2001:67c:20a1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:d8:87:8c:1e:1a:4a:f2:08:23:56:6b:fd:77:8f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Validity
Not Before: Nov 27 08:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db5a08b32aca8d870a457561979db2300eb5372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d1:ee:87:66:2e:2e:65:92:60:b9:fe:ba:97:
17:3f:08:bf:a9:4c:22:81:96:f4:df:f1:53:40:47:
6f:ad:8a:77:e3:16:f7:ed:93:70:aa:62:f7:76:0a:
e2:0f:3f:26:57:1f:ff:e1:a1:ca:40:d6:33:c5:85:
12:f7:f2:67:dd:fd:ce:4f:d1:20:6c:d5:aa:c4:ff:
1a:10:e1:b1:5c:d2:a4:38:0f:83:21:87:c6:26:14:
c5:d6:06:93:87:09:c4:21:75:e3:43:9d:bf:a7:db:
2e:b7:bc:35:00:5e:2f:d5:59:cf:47:df:18:b1:00:
57:84:18:5f:00:d8:c6:03:b7:65:7e:bc:04:be:0f:
67:b1:ed:36:83:25:31:cc:07:9e:33:23:54:36:de:
5e:7e:7e:85:4d:d4:01:0a:77:cf:bc:29:3b:3f:0b:
05:d6:f1:a2:39:ed:d3:54:69:d5:d7:ef:f0:fd:cf:
4c:1a:f6:91:69:17:a3:da:a9:57:b2:fc:a5:9c:05:
7f:22:1d:ea:a8:e4:6a:f0:e3:67:be:e1:9c:04:71:
59:2a:e7:fa:cc:ec:52:ec:c9:20:f6:cd:c4:f0:52:
40:de:0a:82:10:92:2f:98:bd:a1:9c:28:48:28:27:
57:4c:6c:c0:8e:a6:4c:ba:3f:24:14:e3:94:19:f7:
89:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B5:A0:8B:32:AC:A8:D8:70:A4:57:56:19:79:DB:23:00:EB:53:72
X509v3 Authority Key Identifier:
keyid:86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TbWgizKsqNhwpFdWGXnbIwDrU3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.217.0.0/16
IPv6:
2001:67c:20a1::/48
Signature Algorithm: sha256WithRSAEncryption
04:64:d9:c3:3d:23:5e:2f:bd:52:52:b1:3e:6b:6d:24:95:d2:
d4:7c:19:e2:67:a6:0e:43:ee:21:5e:32:f5:08:50:67:30:e9:
fd:50:f0:90:74:75:c9:14:18:51:99:ae:e9:80:68:06:72:a3:
af:cd:84:6d:32:ea:47:e7:8f:ef:73:1d:70:de:14:88:fa:6e:
85:d7:b3:37:37:85:7c:1f:b7:a8:ea:42:aa:30:d7:4f:72:45:
48:7e:db:02:c1:7e:12:8d:cc:aa:76:5f:fc:2c:97:23:58:64:
ae:11:a4:be:3f:f5:82:22:c7:d1:2d:eb:64:b6:1a:d7:86:8f:
b1:5a:35:75:ab:4e:ec:b2:71:81:e2:2b:16:18:2e:dd:03:71:
c0:f3:2f:7d:68:14:fa:8e:4c:5d:e2:61:6f:9f:72:36:3d:e8:
c5:c9:1e:23:6f:17:88:e1:84:16:f8:7a:79:31:78:b7:d9:93:
4e:b6:e8:25:5a:55:06:84:b3:94:55:a6:2f:a3:00:46:22:7a:
30:80:2e:41:b3:38:e3:45:7b:52:98:e8:5b:52:06:59:da:61:
db:83:ab:d9:69:82:ab:0f:c2:a7:e1:a6:b6:26:59:d3:e5:74:
49:98:58:67:d1:16:63:a6:50:42:b1:0c:96:52:24:39:60:29:
50:37:fc:76
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZNs2IeMHhpK8ggjVmv9d4/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MGQ5ZjAxYTk4YjUxNGViZDNjMjcyM2Q3ZjdlYjQ0ODMy
NmY1ZTIwHhcNMjQxMTI3MDg1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI1YTA4YjMyYWNhOGQ4NzBhNDU3NTYxOTc5ZGIyMzAwZWI1MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Huh2YuLmWSYLn+upcXPwi/qUwi
gZb03/FTQEdvrYp34xb37ZNwqmL3dgriDz8mVx//4aHKQNYzxYUS9/Jn3f3OT9Eg
bNWqxP8aEOGxXNKkOA+DIYfGJhTF1gaThwnEIXXjQ52/p9sut7w1AF4v1VnPR98Y
sQBXhBhfANjGA7dlfrwEvg9nse02gyUxzAeeMyNUNt5efn6FTdQBCnfPvCk7PwsF
1vGiOe3TVGnV1+/w/c9MGvaRaRej2qlXsvylnAV/Ih3qqORq8ONnvuGcBHFZKuf6
zOxS7Mkg9s3E8FJA3gqCEJIvmL2hnChIKCdXTGzAjqZMuj8kFOOUGfeJqQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFE21oIsyrKjYcKRXVhl52yMA61NyMB8GA1UdIwQY
MBaAFIYNnwGpi1FOvTwnI9f360SDJvXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQt
NjFjYjQzYzJkYjg1LzEvVGJXZ2l6S3NxTmh3cEZkV0dYbmJJd0RyVTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQtNjFjYjQzYzJkYjg1
LzEvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAl9kwDwQC
AAIwCQMHACABBnwgoTANBgkqhkiG9w0BAQsFAAOCAQEABGTZwz0jXi+9UlKxPmtt
JJXS1HwZ4memDkPuIV4y9QhQZzDp/VDwkHR1yRQYUZmu6YBoBnKjr82EbTLqR+eP
73MdcN4UiPpuhdezNzeFfB+3qOpCqjDXT3JFSH7bAsF+Eo3MqnZf/CyXI1hkrhGk
vj/1giLH0S3rZLYa14aPsVo1datO7LJxgeIrFhgu3QNxwPMvfWgU+o5MXeJhb59y
Nj3oxckeI28XiOGEFvh6eTF4t9mTTrboJVpVBoSzlFWmL6MARiJ6MIAuQbM440V7
UpjoW1IGWdph24Or2WmCqw/Cp+GmtiZZ0+V0SZhYZ9EWY6ZQQrEMllIkOWApUDf8
dg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:27 2024 by rpki-client on console.sobornost.net