Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/PII7IG1ziknjfC_tdIaoBfOFElM.roa
File: PII7IG1ziknjfC_tdIaoBfOFElM.roa (raw, json)
Hash identifier: npdmlk9JIXRgXl8/vjBBFkd8fsyw6jLkZzOf5UpWlII=
Subject key identifier: 3C:82:3B:20:6D:73:8A:49:E3:7C:2F:ED:74:86:A8:05:F3:85:12:53
Certificate issuer: /CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Certificate serial: 0193D4889A6B2C15C9CE30E9996DEE37AF1A
Authority key identifier: 22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/PII7IG1ziknjfC_tdIaoBfOFElM.roa
Signing time: Tue 17 Dec 2024 12:12:22 +0000
ROA not before: Tue 17 Dec 2024 12:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 217.169.192.0/20 maxlen: 24
217.169.192.0/24 maxlen: 24
217.169.194.0/24 maxlen: 24
217.169.195.0/24 maxlen: 24
217.169.196.0/24 maxlen: 24
217.169.197.0/24 maxlen: 24
217.169.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:88:9a:6b:2c:15:c9:ce:30:e9:99:6d:ee:37:af:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220f413fb0af0bd8fe130820d3049d0e71ed4bb0
Validity
Not Before: Dec 17 12:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c823b206d738a49e37c2fed7486a805f3851253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2f:6c:dc:41:fe:31:72:21:41:1a:48:73:ee:
0f:9a:ba:fb:44:e8:39:9b:a4:59:ca:52:c7:13:ec:
8e:f8:d8:55:33:e2:0e:d6:df:2d:f5:d3:df:f2:19:
c6:ea:45:7d:33:57:a8:38:4c:dc:d8:76:03:fc:99:
98:4d:da:ca:0a:9b:3f:42:4f:b8:7a:4a:c1:98:94:
5d:3c:bf:d1:e0:83:29:63:91:9d:48:ac:22:f9:ba:
69:21:12:b9:ab:ab:6d:a0:18:4e:88:da:70:c6:75:
6a:48:a4:9e:6c:f1:6e:e1:6b:96:cd:12:80:c4:60:
0f:c9:e2:e5:a0:30:5a:3b:0c:20:2e:9a:d2:bf:50:
6d:19:16:37:64:1d:29:c5:81:4f:75:a1:7b:73:76:
72:66:43:3f:e2:f3:55:14:e5:d1:a3:bf:2d:39:b9:
b7:67:2f:6d:56:3d:20:ef:75:c8:0d:10:f8:75:c9:
e4:71:35:84:1b:dc:5a:be:e9:61:da:0a:0a:22:30:
00:e1:6f:60:07:76:2e:6f:98:f8:9f:b1:a6:fb:68:
08:e6:cd:af:49:80:aa:dc:05:70:0d:ec:94:42:47:
3c:8c:89:d4:84:4a:d7:54:df:4b:ec:e8:17:81:e8:
e5:c3:a1:9a:89:af:e4:69:1d:61:c6:c2:5b:40:08:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:82:3B:20:6D:73:8A:49:E3:7C:2F:ED:74:86:A8:05:F3:85:12:53
X509v3 Authority Key Identifier:
keyid:22:0F:41:3F:B0:AF:0B:D8:FE:13:08:20:D3:04:9D:0E:71:ED:4B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/PII7IG1ziknjfC_tdIaoBfOFElM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db357d-b170-40a5-a669-82eba0cb3b0d/1/Ig9BP7CvC9j-Ewgg0wSdDnHtS7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.192.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:49:13:ba:81:2f:54:cc:10:1c:31:ca:73:06:db:3c:98:62:
bc:42:0e:c5:eb:da:16:0e:e9:95:30:9d:86:bd:76:1d:13:71:
60:6c:b9:b7:f7:34:75:18:2a:ed:aa:ee:62:a1:0e:b2:2c:0c:
ed:f1:80:b0:77:a8:ab:1e:0e:fd:78:e1:0a:2d:28:8b:99:60:
83:72:a2:f9:03:ad:2b:8c:19:6a:33:09:63:e2:50:3c:bb:66:
7e:80:e6:7b:5a:88:4b:1c:76:58:a0:ca:23:46:e2:18:5e:e6:
9d:e9:5c:50:e9:61:40:a0:78:f5:3a:b6:9a:75:72:54:12:fc:
c1:07:bb:c1:53:f9:3f:80:77:7e:36:61:36:38:1f:df:4e:0b:
36:e7:72:d3:db:27:63:db:b7:c8:d8:0b:6a:39:b2:97:46:dc:
6e:ab:65:45:7e:2f:c3:69:a7:f8:3a:e1:6a:01:58:53:a7:b3:
8e:1b:0c:ed:54:6a:d6:fc:8c:17:23:c1:fa:63:6e:45:eb:07:
cf:22:15:e3:9f:06:b5:51:c4:12:cb:20:36:88:12:03:fb:d2:
b0:9d:dd:d2:05:f1:ed:b7:03:e2:e1:7e:1e:a1:76:eb:6a:c7:
95:07:32:1b:c3:0f:aa:2b:6e:b1:d1:3a:db:c5:73:d8:77:2b:
58:74:a0:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPUiJprLBXJzjDpmW3uN68aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGY0MTNmYjBhZjBiZDhmZTEzMDgyMGQzMDQ5ZDBlNzFl
ZDRiYjAwHhcNMjQxMjE3MTIxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzgyM2IyMDZkNzM4YTQ5ZTM3YzJmZWQ3NDg2YTgwNWYzODUxMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC9s3EH+MXIhQRpIc+4Pmrr7ROg5
m6RZylLHE+yO+NhVM+IO1t8t9dPf8hnG6kV9M1eoOEzc2HYD/JmYTdrKCps/Qk+4
ekrBmJRdPL/R4IMpY5GdSKwi+bppIRK5q6ttoBhOiNpwxnVqSKSebPFu4WuWzRKA
xGAPyeLloDBaOwwgLprSv1BtGRY3ZB0pxYFPdaF7c3ZyZkM/4vNVFOXRo78tObm3
Zy9tVj0g73XIDRD4dcnkcTWEG9xavulh2goKIjAA4W9gB3Yub5j4n7Gm+2gI5s2v
SYCq3AVwDeyUQkc8jInUhErXVN9L7OgXgejlw6Gaia/kaR1hxsJbQAgCNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyCOyBtc4pJ43wv7XSGqAXzhRJTMB8GA1UdIwQY
MBaAFCIPQT+wrwvY/hMIINMEnQ5x7UuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2Njkt
ODJlYmEwY2IzYjBkLzEvUElJN0lHMXppa25qZkNfdGRJYW9CZk9GRWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjM1N2QtYjE3MC00MGE1LWE2NjktODJlYmEwY2IzYjBk
LzEvSWc5QlA3Q3ZDOWotRXdnZzB3U2REbkh0UzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2anAMA0G
CSqGSIb3DQEBCwUAA4IBAQBqSRO6gS9UzBAcMcpzBts8mGK8Qg7F69oWDumVMJ2G
vXYdE3FgbLm39zR1GCrtqu5ioQ6yLAzt8YCwd6irHg79eOEKLSiLmWCDcqL5A60r
jBlqMwlj4lA8u2Z+gOZ7WohLHHZYoMojRuIYXuad6VxQ6WFAoHj1OraadXJUEvzB
B7vBU/k/gHd+NmE2OB/fTgs253LT2ydj27fI2AtqObKXRtxuq2VFfi/Daaf4OuFq
AVhTp7OOGwztVGrW/IwXI8H6Y25F6wfPIhXjnwa1UcQSyyA2iBID+9Kwnd3SBfHt
twPi4X4eoXbraseVBzIbww+qK26x0TrbxXPYdytYdKA4
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:44 2024 by rpki-client on console.sobornost.net