Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/jHUYOINqIWzFsweMk9EIsXv-bgM.roa
File: jHUYOINqIWzFsweMk9EIsXv-bgM.roa (raw, json)
Hash identifier: dgPi4Oobs7/UxkN2/3g5tDvK+IaJzBSkDKjui13nVjQ=
Subject key identifier: 8C:75:18:38:83:6A:21:6C:C5:B3:07:8C:93:D1:08:B1:7B:FE:6E:03
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 0193C219F975CF8E69AE40E0FE4BE7F7B125
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/jHUYOINqIWzFsweMk9EIsXv-bgM.roa
Signing time: Fri 13 Dec 2024 22:18:22 +0000
ROA not before: Fri 13 Dec 2024 22:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214036
IP address blocks: 31.171.131.0/24 maxlen: 24
109.235.48.0/24 maxlen: 24
2a00:dd0:eeee::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c2:19:f9:75:cf:8e:69:ae:40:e0:fe:4b:e7:f7:b1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Dec 13 22:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c751838836a216cc5b3078c93d108b17bfe6e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:cb:76:8b:81:70:2e:18:c0:43:e2:48:44:
c6:bc:6a:02:cf:f9:56:59:fe:67:a6:24:68:85:b1:
6c:33:86:f6:7f:8c:d1:5a:9b:87:d1:fa:a0:e2:3b:
86:7b:1d:f0:42:16:05:7b:30:ef:c1:78:44:49:c9:
eb:fc:64:a1:a0:4b:4a:a3:b7:4a:b1:9b:89:1b:0a:
46:66:3b:58:41:4b:3c:dc:96:c3:7e:bf:13:8e:e3:
dd:92:b7:43:e6:5c:80:82:49:17:c0:b7:39:3d:ed:
56:be:63:a5:45:46:82:19:64:63:85:fa:6e:7c:b4:
64:7e:23:a4:fa:54:e8:8b:94:7e:a2:db:51:76:ce:
23:48:af:7a:ac:6c:4d:07:0d:7e:6e:7f:55:6b:99:
4d:61:1d:6f:b2:c3:00:3f:2d:8d:03:df:cb:b5:d0:
12:f7:6c:be:a9:02:0a:d5:44:a4:49:8d:a3:b5:27:
d7:90:95:ad:ec:ec:ce:45:ac:5a:0b:de:57:91:00:
35:aa:98:0b:1b:43:6c:7d:3a:2a:12:3b:9c:fc:da:
30:b7:cb:34:19:a5:c7:cf:d5:82:1b:f8:6d:89:79:
71:9f:00:16:e0:f7:e4:39:4c:30:ff:d8:5e:81:cd:
cb:63:5c:a2:3a:12:12:93:b6:c4:b9:d0:03:ff:e0:
87:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:75:18:38:83:6A:21:6C:C5:B3:07:8C:93:D1:08:B1:7B:FE:6E:03
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/jHUYOINqIWzFsweMk9EIsXv-bgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.131.0/24
109.235.48.0/24
IPv6:
2a00:dd0:eeee::/48
Signature Algorithm: sha256WithRSAEncryption
3c:3d:d9:aa:50:32:82:e5:29:c4:b9:89:a1:4c:08:70:30:ce:
86:c9:1c:b8:40:b4:97:2b:03:f9:ae:96:d2:4d:7a:c7:ec:54:
42:69:ef:d2:84:79:2b:cb:27:92:21:f0:fc:29:18:0b:5a:fe:
c6:31:0d:73:86:80:a8:13:d5:17:74:1a:80:29:86:51:2f:24:
8e:e4:05:1f:f5:71:5d:91:49:53:e2:2f:b8:0c:cc:7d:77:e9:
41:6d:3a:85:66:38:f2:17:9d:3c:a6:ae:7d:59:d5:e8:d3:44:
d9:1a:f7:4f:71:93:0d:04:78:ae:32:80:3f:c9:7f:39:f0:a5:
d1:35:45:af:d6:98:9a:33:af:ec:ac:ce:10:76:1e:17:28:87:
63:63:d4:5e:15:ce:4d:ae:13:18:ee:e1:d3:c5:56:65:12:d9:
f9:02:bd:1e:5a:dc:42:9b:c9:08:3a:c2:16:6d:b6:50:db:d4:
a2:54:a0:11:41:2e:43:5b:46:1c:b2:48:81:25:53:84:e8:bd:
2d:74:4f:3e:a5:d0:ca:ed:2f:6b:5e:88:84:be:b2:f5:ce:c9:
e1:48:24:73:ee:fc:bb:43:ab:1f:71:68:21:7b:e2:88:e5:ba:
eb:42:73:47:45:4b:97:2d:c6:96:30:0b:df:e7:3a:42:b6:4c:
88:25:62:46
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZPCGfl1z45prkDg/kvn97ElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQxMjEzMjIxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzc1MTgzODgzNmEyMTZjYzViMzA3OGM5M2QxMDhiMTdiZmU2ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0fLdouBcC4YwEPiSETGvGoCz/lW
Wf5npiRohbFsM4b2f4zRWpuH0fqg4juGex3wQhYFezDvwXhEScnr/GShoEtKo7dK
sZuJGwpGZjtYQUs83JbDfr8TjuPdkrdD5lyAgkkXwLc5Pe1WvmOlRUaCGWRjhfpu
fLRkfiOk+lToi5R+ottRds4jSK96rGxNBw1+bn9Va5lNYR1vssMAPy2NA9/LtdAS
92y+qQIK1USkSY2jtSfXkJWt7OzORaxaC95XkQA1qpgLG0NsfToqEjuc/Nowt8s0
GaXHz9WCG/htiXlxnwAW4PfkOUww/9hegc3LY1yiOhISk7bEudAD/+CH/QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIx1GDiDaiFsxbMHjJPRCLF7/m4DMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvakhVWU9JTnFJV3pGc3dlTWs5RUlzWHYtYmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAH6uDAwQA
beswMA8EAgACMAkDBwAqAA3Q7u4wDQYJKoZIhvcNAQELBQADggEBADw92apQMoLl
KcS5iaFMCHAwzobJHLhAtJcrA/multJNesfsVEJp79KEeSvLJ5Ih8PwpGAta/sYx
DXOGgKgT1Rd0GoAphlEvJI7kBR/1cV2RSVPiL7gMzH136UFtOoVmOPIXnTymrn1Z
1ejTRNka909xkw0EeK4ygD/JfznwpdE1Ra/WmJozr+yszhB2Hhcoh2Nj1F4Vzk2u
Exju4dPFVmUS2fkCvR5a3EKbyQg6whZttlDb1KJUoBFBLkNbRhyySIElU4TovS10
Tz6l0MrtL2teiIS+svXOyeFIJHPu/LtDqx9xaCF74ojluutCc0dFS5ctxpYwC9/n
OkK2TIglYkY=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:47 2024 by rpki-client on console.sobornost.net