Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/SxIeYanOu43qGE_3xaQ5gbfVY8U.roa
File: SxIeYanOu43qGE_3xaQ5gbfVY8U.roa (raw, json)
Hash identifier: V1mTc8Jlf1ggUOQcEAziF5JsyoJSFe+DVzVsXNFAV/Q=
Subject key identifier: 4B:12:1E:61:A9:CE:BB:8D:EA:18:4F:F7:C5:A4:39:81:B7:D5:63:C5
Certificate issuer: /CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Certificate serial: 018BA615EB058B8A10D99BF99B13F9D8846A
Authority key identifier: 68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/SxIeYanOu43qGE_3xaQ5gbfVY8U.roa
Signing time: Mon 06 Nov 2023 19:22:16 +0000
ROA not before: Mon 06 Nov 2023 19:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136557
IP address blocks: 81.21.232.0/22 maxlen: 22
81.21.232.0/24 maxlen: 24
81.21.233.0/24 maxlen: 24
81.21.235.0/24 maxlen: 24
81.21.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:15:eb:05:8b:8a:10:d9:9b:f9:9b:13:f9:d8:84:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Validity
Not Before: Nov 6 19:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b121e61a9cebb8dea184ff7c5a43981b7d563c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0c:eb:f1:e3:7b:cb:6c:3b:f8:43:a0:58:9c:
f3:5f:6c:ce:69:24:54:0d:6e:cb:24:54:6c:96:84:
04:80:a6:44:0b:93:f1:03:ec:db:b5:90:dc:30:9e:
46:10:3b:91:12:ef:ef:e1:13:b0:98:e0:5c:f9:7d:
7d:2f:d0:26:1a:18:df:d8:d2:42:91:db:dd:a2:8f:
58:f6:74:00:ae:dd:38:f3:da:8e:89:28:44:6c:59:
15:6a:4d:20:b9:79:0a:f2:2b:28:d9:be:4b:6a:f2:
c0:13:39:34:43:bd:b3:46:83:15:9d:5e:0c:41:a9:
af:ad:cc:48:b8:d4:68:41:f1:f8:f1:37:64:cd:74:
8c:ec:00:0a:e8:85:50:02:00:a3:a1:5f:28:b5:01:
ad:90:14:e7:ec:dd:74:d1:8e:e7:db:08:9f:61:59:
d2:16:d8:29:73:6a:8a:2c:85:41:d7:a9:8f:74:7b:
e8:fd:50:3c:e1:e9:5c:d7:4c:6f:cd:a3:b7:9d:41:
10:bd:49:e6:8a:b4:0c:28:0e:3f:07:40:6d:30:3e:
fa:57:a0:e9:cf:fc:e0:47:c7:b8:1a:99:62:2c:1a:
00:69:0e:69:2b:51:9d:63:23:15:72:93:6d:ab:3c:
09:ec:53:53:59:4f:99:44:8e:2c:8c:bc:f9:67:75:
1e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:12:1E:61:A9:CE:BB:8D:EA:18:4F:F7:C5:A4:39:81:B7:D5:63:C5
X509v3 Authority Key Identifier:
keyid:68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/SxIeYanOu43qGE_3xaQ5gbfVY8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/aDlfuPRSS4pvlFu_qTi49haUBS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:7c:64:b0:ca:45:d9:59:b2:a9:37:69:6f:bf:47:ae:cb:b2:
83:8d:26:98:b5:2e:10:51:7c:95:55:a9:3f:d0:c7:77:78:3f:
39:f0:5b:39:48:0a:bb:f1:7a:21:1b:27:5d:cf:a7:45:6d:b0:
39:09:2b:29:18:ef:a2:53:a2:3f:b4:ef:be:43:29:c9:e2:5a:
27:9f:ec:0b:70:66:c1:ec:b4:b0:a7:3c:89:b2:9b:fc:a5:d8:
98:bb:09:ee:f0:29:25:3b:43:85:74:9a:70:44:3c:03:65:6c:
f1:e4:64:cd:24:70:12:1d:1f:4e:04:02:41:ec:b3:cf:be:9e:
a1:46:b1:89:ff:42:8d:56:49:f7:41:08:3d:ea:4e:ef:9c:5a:
8d:cf:6c:d7:55:ec:1b:6f:28:1c:71:04:e3:23:42:9c:9e:1c:
e7:53:f2:ec:94:37:fb:60:23:7a:3d:14:b1:cf:04:bd:85:04:
c3:d1:ab:b3:5b:e0:8c:61:29:72:65:f3:08:ed:1d:62:43:1f:
6f:18:aa:da:1d:08:8e:d5:7f:76:51:ab:c0:9f:70:94:eb:78:
b0:78:80:56:2a:b0:3c:f9:64:e5:c9:67:ed:9a:80:91:f2:d4:
90:d0:c3:c1:f7:1d:7f:39:af:79:98:ca:10:70:b3:c6:8c:6d:
b1:d8:c5:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYumFesFi4oQ2Zv5mxP52IRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Mzk1ZmI4ZjQ1MjRiOGE2Zjk0NWJiZmE5MzhiOGY2MTY5
NDA1MmYwHhcNMjMxMTA2MTkyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEyMWU2MWE5Y2ViYjhkZWExODRmZjdjNWE0Mzk4MWI3ZDU2M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAzr8eN7y2w7+EOgWJzzX2zOaSRU
DW7LJFRsloQEgKZEC5PxA+zbtZDcMJ5GEDuREu/v4ROwmOBc+X19L9AmGhjf2NJC
kdvdoo9Y9nQArt0489qOiShEbFkVak0guXkK8iso2b5LavLAEzk0Q72zRoMVnV4M
QamvrcxIuNRoQfH48TdkzXSM7AAK6IVQAgCjoV8otQGtkBTn7N100Y7n2wifYVnS
Ftgpc2qKLIVB16mPdHvo/VA84elc10xvzaO3nUEQvUnmirQMKA4/B0BtMD76V6Dp
z/zgR8e4GpliLBoAaQ5pK1GdYyMVcpNtqzwJ7FNTWU+ZRI4sjLz5Z3UenwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsSHmGpzruN6hhP98WkOYG31WPFMB8GA1UdIwQY
MBaAFGg5X7j0UkuKb5Rbv6k4uPYWlAUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQt
YjZkNDI3YTNiMTA2LzEvU3hJZVlhbk91NDNxR0VfM3hhUTVnYmZWWThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQtYjZkNDI3YTNiMTA2
LzEvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURXoMA0G
CSqGSIb3DQEBCwUAA4IBAQC5fGSwykXZWbKpN2lvv0euy7KDjSaYtS4QUXyVVak/
0Md3eD858Fs5SAq78XohGyddz6dFbbA5CSspGO+iU6I/tO++QynJ4lonn+wLcGbB
7LSwpzyJspv8pdiYuwnu8CklO0OFdJpwRDwDZWzx5GTNJHASHR9OBAJB7LPPvp6h
RrGJ/0KNVkn3QQg96k7vnFqNz2zXVewbbygccQTjI0KcnhznU/LslDf7YCN6PRSx
zwS9hQTD0auzW+CMYSlyZfMI7R1iQx9vGKraHQiO1X92UavAn3CU63iweIBWKrA8
+WTlyWftmoCR8tSQ0MPB9x1/Oa95mMoQcLPGjG2x2MUK
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net