Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/c_YHWs4SsqCmZrCwAyZVVLmXlds.roa
File: c_YHWs4SsqCmZrCwAyZVVLmXlds.roa (raw, json)
Hash identifier: 3513IjtLfcRZYBWIpuKGHj30xe/AJjs0xECMVwzdQ2A=
Subject key identifier: 73:F6:07:5A:CE:12:B2:A0:A6:66:B0:B0:03:26:55:54:B9:97:95:DB
Certificate issuer: /CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Certificate serial: 018B191346E1706C9B989002FCCB941856B7
Authority key identifier: 68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/c_YHWs4SsqCmZrCwAyZVVLmXlds.roa
Signing time: Tue 10 Oct 2023 10:12:55 +0000
ROA not before: Tue 10 Oct 2023 10:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136557
IP address blocks: 81.21.233.0/24 maxlen: 24
81.21.232.0/22 maxlen: 24
81.21.232.0/24 maxlen: 24
81.21.235.0/24 maxlen: 24
81.21.234.0/24 maxlen: 24
91.217.73.0/24 maxlen: 24
91.217.72.0/24 maxlen: 24
91.217.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:13:46:e1:70:6c:9b:98:90:02:fc:cb:94:18:56:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Validity
Not Before: Oct 10 10:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73f6075ace12b2a0a666b0b003265554b99795db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2a:83:81:4b:74:4f:4a:f2:21:9f:5a:37:90:
08:bc:0f:2b:8e:cd:dd:a4:1a:e6:cc:c4:13:69:e9:
ca:a5:48:a3:2c:08:c0:62:12:a5:f2:a9:0c:b7:27:
13:19:44:42:20:77:ce:0f:77:92:41:5e:33:49:d5:
25:7e:16:cb:90:59:86:aa:e7:34:f0:4f:d5:c3:77:
fa:a0:c3:6b:7b:8c:71:47:c7:7c:f8:c6:87:9c:98:
ac:29:2b:5e:dc:7a:c6:ea:fa:ba:95:5d:f8:5e:d0:
a7:78:dc:e0:75:31:2c:08:c5:10:0d:ce:a5:9b:b5:
a4:52:92:68:fd:82:fa:89:92:29:a5:6e:08:fe:8c:
3d:d0:0a:8f:da:a3:93:e4:44:7d:08:f8:c1:85:54:
17:4d:fb:9a:39:de:80:25:1f:de:d6:5c:4c:2d:c5:
4c:95:46:87:37:7c:ef:c6:78:6d:e9:22:c6:d3:2e:
31:f7:f3:75:55:63:61:b4:e2:21:c7:7c:cb:39:ee:
9c:7b:d3:7f:18:3e:c4:41:80:5b:a6:c0:06:05:cd:
50:15:ea:4e:7a:1b:b5:e0:b3:c2:8e:1f:34:20:2e:
74:54:22:4c:d8:13:3a:15:00:2a:2f:49:2b:e3:5e:
36:dd:05:97:ed:b4:eb:21:39:61:8d:b1:9c:fd:a6:
3c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F6:07:5A:CE:12:B2:A0:A6:66:B0:B0:03:26:55:54:B9:97:95:DB
X509v3 Authority Key Identifier:
keyid:68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/c_YHWs4SsqCmZrCwAyZVVLmXlds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/aDlfuPRSS4pvlFu_qTi49haUBS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.232.0/22
91.217.72.0/23
Signature Algorithm: sha256WithRSAEncryption
74:e6:93:97:9d:f9:62:2a:83:20:f8:e6:43:11:15:3a:44:b4:
97:aa:2e:99:53:4b:64:e9:06:a4:21:46:2e:24:ee:9c:c1:f3:
d7:a8:0f:a4:fb:40:c2:21:fd:08:b1:27:dd:fe:c3:3b:de:e4:
6d:d0:37:35:dc:49:f4:99:d5:3d:fa:55:bb:f8:1d:23:0e:f5:
73:ae:03:ea:e9:64:54:df:bd:13:7a:24:cd:01:47:2a:67:19:
e0:79:e0:3e:0c:60:37:1d:69:10:b9:a3:0a:bf:36:3e:59:bd:
ea:85:af:3e:fe:2e:69:ba:e0:4b:d0:3b:1d:a2:c6:20:72:75:
f5:19:be:79:c0:d2:ac:ea:cb:b5:71:c5:3f:91:45:70:1f:14:
86:0a:bd:ca:43:43:8a:56:dd:0e:55:63:e2:2b:14:0f:65:0c:
05:82:cc:bc:a3:5d:77:4f:5f:09:37:79:33:a2:0b:dc:42:c9:
9a:29:fe:59:63:8d:9d:99:2f:f6:d3:02:35:c6:2d:22:58:47:
75:2d:aa:15:c5:cd:ae:e0:c5:29:e0:c8:39:52:30:3d:2a:aa:
24:0a:5a:85:a8:83:14:de:42:1d:35:ee:ec:2a:13:17:ea:d4:
58:17:86:f6:41:6b:ca:60:35:aa:f7:07:9b:2e:7e:bb:6b:59:
91:a2:c2:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsZE0bhcGybmJAC/MuUGFa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Mzk1ZmI4ZjQ1MjRiOGE2Zjk0NWJiZmE5MzhiOGY2MTY5
NDA1MmYwHhcNMjMxMDEwMTAxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y2MDc1YWNlMTJiMmEwYTY2NmIwYjAwMzI2NTU1NGI5OTc5NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyqDgUt0T0ryIZ9aN5AIvA8rjs3d
pBrmzMQTaenKpUijLAjAYhKl8qkMtycTGURCIHfOD3eSQV4zSdUlfhbLkFmGquc0
8E/Vw3f6oMNre4xxR8d8+MaHnJisKSte3HrG6vq6lV34XtCneNzgdTEsCMUQDc6l
m7WkUpJo/YL6iZIppW4I/ow90AqP2qOT5ER9CPjBhVQXTfuaOd6AJR/e1lxMLcVM
lUaHN3zvxnht6SLG0y4x9/N1VWNhtOIhx3zLOe6ce9N/GD7EQYBbpsAGBc1QFepO
ehu14LPCjh80IC50VCJM2BM6FQAqL0kr41423QWX7bTrITlhjbGc/aY8aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHP2B1rOErKgpmawsAMmVVS5l5XbMB8GA1UdIwQY
MBaAFGg5X7j0UkuKb5Rbv6k4uPYWlAUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQt
YjZkNDI3YTNiMTA2LzEvY19ZSFdzNFNzcUNtWnJDd0F5WlZWTG1YbGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQtYjZkNDI3YTNiMTA2
LzEvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCURXoAwQB
W9lIMA0GCSqGSIb3DQEBCwUAA4IBAQB05pOXnfliKoMg+OZDERU6RLSXqi6ZU0tk
6QakIUYuJO6cwfPXqA+k+0DCIf0IsSfd/sM73uRt0Dc13En0mdU9+lW7+B0jDvVz
rgPq6WRU370TeiTNAUcqZxngeeA+DGA3HWkQuaMKvzY+Wb3qha8+/i5puuBL0Dsd
osYgcnX1Gb55wNKs6su1ccU/kUVwHxSGCr3KQ0OKVt0OVWPiKxQPZQwFgsy8o113
T18JN3kzogvcQsmaKf5ZY42dmS/20wI1xi0iWEd1LaoVxc2u4MUp4Mg5UjA9Kqok
ClqFqIMU3kIdNe7sKhMX6tRYF4b2QWvKYDWq9webLn67a1mRosKa
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net