Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/nbU7dPf0oAt-kEYphLXf3ixUJKE.roa
File: nbU7dPf0oAt-kEYphLXf3ixUJKE.roa (raw, json)
Hash identifier: dfk7aDiVbEZeIWH5zieirLyhuCTQjVsf5TKAWu10uYU=
Subject key identifier: 9D:B5:3B:74:F7:F4:A0:0B:7E:90:46:29:84:B5:DF:DE:2C:54:24:A1
Certificate issuer: /CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Certificate serial: 018CC5DBE42A5650A036CC7A1F269F42240C
Authority key identifier: A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/nbU7dPf0oAt-kEYphLXf3ixUJKE.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12628
IP address blocks: 194.153.117.0/24 maxlen: 24
2001:67c:2738::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e4:2a:56:50:a0:36:cc:7a:1f:26:9f:42:24:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9db53b74f7f4a00b7e90462984b5dfde2c5424a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ad:66:7b:ef:dd:d8:49:44:00:c6:96:61:92:
b9:2d:1c:b5:0a:01:78:e6:38:7b:18:c9:cc:f5:48:
82:7e:92:38:74:ec:7f:22:1d:2b:ef:8b:34:b6:48:
74:7f:c5:21:d9:bd:d4:2e:30:6d:ad:c9:a1:26:42:
a2:2c:92:f6:d7:95:0b:ad:72:f0:08:32:fe:fc:cc:
7f:9b:05:40:6e:3f:8b:13:c5:a6:83:ac:6e:3a:99:
61:30:28:c4:5d:cb:e1:16:1b:c7:38:b1:6c:4f:b8:
ab:27:7d:18:48:1a:d3:f1:38:74:2b:8a:15:bd:59:
8b:02:d9:e2:b0:bd:f1:bc:58:ff:73:c1:a4:09:ea:
18:93:4a:d2:08:35:8a:0e:60:21:99:1d:e2:e5:f8:
ca:01:20:9b:2c:6d:e1:49:c1:6d:51:2e:2a:a7:36:
f1:13:0e:d5:8a:a4:ce:7e:c4:b7:af:2b:d6:8d:d3:
fa:b7:1a:db:d9:2b:fa:f8:49:d0:50:03:91:d2:c3:
ea:17:3c:0b:27:32:86:ae:a8:22:27:3f:52:b5:f5:
f0:01:25:04:e8:f7:af:cb:97:d6:30:d5:82:62:4b:
55:44:6e:59:2e:ac:7a:40:49:54:57:ae:86:40:82:
f9:ae:53:99:a7:bd:52:35:19:d4:85:cd:b1:78:84:
55:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B5:3B:74:F7:F4:A0:0B:7E:90:46:29:84:B5:DF:DE:2C:54:24:A1
X509v3 Authority Key Identifier:
keyid:A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/nbU7dPf0oAt-kEYphLXf3ixUJKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/pPEx4-FQWNk__dtgrHCDvvidLoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.117.0/24
IPv6:
2001:67c:2738::/48
Signature Algorithm: sha256WithRSAEncryption
12:07:06:f4:2f:21:ec:47:40:9a:9d:bf:73:ce:9b:cf:b2:32:
d3:e4:fc:55:4d:d5:34:db:0a:92:3a:c0:72:65:bc:de:bf:6f:
13:dd:1c:79:04:f3:9c:fb:ee:2c:66:1e:14:cc:97:ca:b0:46:
c2:ad:5a:7e:42:22:9d:67:c7:e4:92:91:a4:bd:71:45:3b:46:
c8:16:d0:5c:48:81:ee:12:6d:92:4d:5c:94:ed:b8:b0:4c:42:
d8:e1:7d:27:4d:94:60:a1:82:8e:30:b6:e9:b4:11:80:1a:4b:
f2:1a:6f:6b:9f:c9:a3:22:16:ff:ab:a6:34:53:32:ff:9b:3d:
f5:e1:ec:ff:9d:c8:ce:34:82:2f:56:0b:b8:49:09:26:f8:a4:
46:85:e6:a8:2a:81:3e:80:26:87:7b:c3:11:23:08:f1:c0:bd:
38:09:f2:25:9d:5f:19:9a:4a:31:81:5a:79:b0:b6:94:b9:79:
ed:34:61:ff:9a:77:22:a0:7e:f0:b9:3a:8d:de:56:7f:25:a9:
99:0b:33:31:2c:9c:c8:39:96:44:11:34:26:9c:52:d2:24:78:
4b:31:60:b9:9e:d4:38:c6:6a:cc:ac:c7:48:23:d1:f5:c4:7f:
6e:2c:16:47:54:ad:01:91:44:0e:74:fa:8a:0b:18:24:57:c0:
bb:75:80:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF2+QqVlCgNsx6HyafQiQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjEzMWUzZTE1MDU4ZDkzZmZkZGI2MGFjNzA4M2JlZjg5
ZDJlODYwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI1M2I3NGY3ZjRhMDBiN2U5MDQ2Mjk4NGI1ZGZkZTJjNTQyNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq1me+/d2ElEAMaWYZK5LRy1CgF4
5jh7GMnM9UiCfpI4dOx/Ih0r74s0tkh0f8Uh2b3ULjBtrcmhJkKiLJL215ULrXLw
CDL+/Mx/mwVAbj+LE8Wmg6xuOplhMCjEXcvhFhvHOLFsT7irJ30YSBrT8Th0K4oV
vVmLAtnisL3xvFj/c8GkCeoYk0rSCDWKDmAhmR3i5fjKASCbLG3hScFtUS4qpzbx
Ew7ViqTOfsS3ryvWjdP6txrb2Sv6+EnQUAOR0sPqFzwLJzKGrqgiJz9StfXwASUE
6Pevy5fWMNWCYktVRG5ZLqx6QElUV66GQIL5rlOZp71SNRnUhc2xeIRVJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ21O3T39KALfpBGKYS1394sVCShMB8GA1UdIwQY
MBaAFKTxMePhUFjZP/3bYKxwg774nS6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQt
ZjcxYTQ5ZWJhNDhhLzEvbmJVN2RQZjBvQXQta0VZcGhMWGYzaXhVSktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQtZjcxYTQ5ZWJhNDhh
LzEvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpl1MA8E
AgACMAkDBwAgAQZ8JzgwDQYJKoZIhvcNAQELBQADggEBABIHBvQvIexHQJqdv3PO
m8+yMtPk/FVN1TTbCpI6wHJlvN6/bxPdHHkE85z77ixmHhTMl8qwRsKtWn5CIp1n
x+SSkaS9cUU7RsgW0FxIge4SbZJNXJTtuLBMQtjhfSdNlGChgo4wtum0EYAaS/Ia
b2ufyaMiFv+rpjRTMv+bPfXh7P+dyM40gi9WC7hJCSb4pEaF5qgqgT6AJod7wxEj
CPHAvTgJ8iWdXxmaSjGBWnmwtpS5ee00Yf+adyKgfvC5Oo3eVn8lqZkLMzEsnMg5
lkQRNCacUtIkeEsxYLme1DjGasysx0gj0fXEf24sFkdUrQGRRA50+ooLGCRXwLt1
gBU=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:42 2024 by rpki-client on console.sobornost.net