Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/PKatGtGn_4jDPCCd1RinsL__o1s.roa
File: PKatGtGn_4jDPCCd1RinsL__o1s.roa (raw, json)
Hash identifier: 4xvJlI8eIrmNISyR5d2BZTol25JYT+++2DKV+e9EI/g=
Subject key identifier: 3C:A6:AD:1A:D1:A7:FF:88:C3:3C:20:9D:D5:18:A7:B0:BF:FF:A3:5B
Certificate issuer: /CN=19a6046e37c7e2075b41d6fef70d2312303c5f39
Certificate serial: 01923327A47673AC6C3CFEA0979077746CDB
Authority key identifier: 19:A6:04:6E:37:C7:E2:07:5B:41:D6:FE:F7:0D:23:12:30:3C:5F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/PKatGtGn_4jDPCCd1RinsL__o1s.roa
Signing time: Fri 27 Sep 2024 11:04:48 +0000
ROA not before: Fri 27 Sep 2024 11:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44827
IP address blocks: 91.203.24.0/22 maxlen: 22
91.203.24.0/24 maxlen: 24
91.203.25.0/24 maxlen: 24
91.203.26.0/24 maxlen: 24
91.203.27.0/24 maxlen: 24
109.95.40.0/21 maxlen: 21
109.95.40.0/24 maxlen: 24
109.95.42.0/24 maxlen: 24
109.95.43.0/24 maxlen: 24
109.95.44.0/24 maxlen: 24
109.95.45.0/24 maxlen: 24
109.95.46.0/24 maxlen: 24
109.95.47.0/24 maxlen: 24
176.120.112.0/21 maxlen: 21
176.120.112.0/24 maxlen: 24
176.120.113.0/24 maxlen: 24
176.120.114.0/24 maxlen: 24
176.120.115.0/24 maxlen: 24
176.120.116.0/24 maxlen: 24
176.120.117.0/24 maxlen: 24
176.120.118.0/24 maxlen: 24
176.120.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:27:a4:76:73:ac:6c:3c:fe:a0:97:90:77:74:6c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a6046e37c7e2075b41d6fef70d2312303c5f39
Validity
Not Before: Sep 27 11:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ca6ad1ad1a7ff88c33c209dd518a7b0bfffa35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:51:f3:38:ca:49:be:f1:ea:95:d0:c6:52:ca:
98:a9:a7:a8:7c:41:89:9b:15:2b:95:0a:95:8c:d2:
91:b6:9d:d3:fd:58:ad:21:cf:fb:e5:0a:8e:15:0d:
5b:73:e8:b2:6d:5b:2a:65:90:3c:1a:b8:db:7b:74:
97:6a:65:4e:05:4f:93:01:29:39:23:8c:ed:67:5b:
6f:2a:d9:15:48:6c:1e:dd:07:34:bc:36:4c:9f:ff:
b2:07:11:69:cc:1a:3b:79:65:6f:e5:91:3c:07:e7:
8e:82:73:97:fb:0d:1c:c9:a0:9d:fd:08:17:28:32:
52:a0:bc:95:80:dd:51:6e:af:01:97:1c:fb:e6:7b:
36:36:7b:62:ce:3e:cf:cf:80:2d:0e:38:76:06:76:
75:8d:b7:e9:31:c9:31:89:32:11:c1:03:11:94:27:
b4:7e:25:d9:c3:d4:8c:d9:df:29:25:9b:bc:e9:35:
ec:7b:f8:04:bf:9d:57:c1:92:22:a4:68:8b:ab:d0:
5a:8d:05:e3:e7:88:ab:e7:b2:3e:49:d9:1f:93:2f:
c9:67:e6:09:96:54:20:77:d5:74:c1:05:5a:f3:87:
42:54:ef:f4:f8:9f:f1:50:cc:0b:29:d3:53:4b:85:
a2:1a:d0:18:13:df:18:6c:1c:d2:e1:be:e8:b0:d4:
80:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A6:AD:1A:D1:A7:FF:88:C3:3C:20:9D:D5:18:A7:B0:BF:FF:A3:5B
X509v3 Authority Key Identifier:
keyid:19:A6:04:6E:37:C7:E2:07:5B:41:D6:FE:F7:0D:23:12:30:3C:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/PKatGtGn_4jDPCCd1RinsL__o1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/799e5c-1594-409f-8c54-3fec58614c4b/1/GaYEbjfH4gdbQdb-9w0jEjA8Xzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.24.0/22
109.95.40.0/21
176.120.112.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:b0:f8:87:6c:ec:8a:c8:22:32:47:09:cb:fe:6e:7a:d7:ed:
c1:33:a1:5d:3a:0e:8c:74:e2:37:06:41:91:c8:72:ed:d8:84:
37:21:8a:04:48:30:2c:64:92:aa:06:1c:42:ac:b4:f4:c4:9e:
20:87:86:5b:ef:b2:f4:4d:05:d6:ae:54:60:9a:53:6f:30:b7:
e3:26:05:0a:1f:ef:c7:dd:e2:6d:e0:c2:ce:4f:fb:73:7c:11:
62:a8:d2:97:55:be:a9:15:1d:2e:24:e0:0c:ec:3b:fe:81:92:
f0:02:33:cc:be:e5:b0:5c:ce:c4:bb:3b:a8:05:12:98:1a:fe:
28:84:3a:a4:82:20:c1:7c:ff:c8:fb:95:15:55:52:ed:cf:54:
c1:c8:2d:13:18:41:b7:a7:6a:39:52:84:17:d1:de:26:e3:91:
49:23:5c:c3:ae:97:99:2f:cb:49:33:42:5d:94:ff:78:10:09:
92:e3:f7:8d:ba:01:95:b1:4e:91:94:88:b5:d5:24:9a:da:95:
d7:69:89:75:ca:06:2e:a5:9d:0d:c3:10:e1:84:cc:47:1c:06:
49:45:6e:a1:84:46:ac:1f:98:ba:c6:d5:d0:77:bc:83:9a:24:
15:99:cb:fc:f3:ae:f2:32:66:b4:33:87:e1:4f:f1:51:ee:46:
a4:a5:3d:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIzJ6R2c6xsPP6gl5B3dGzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTYwNDZlMzdjN2UyMDc1YjQxZDZmZWY3MGQyMzEyMzAz
YzVmMzkwHhcNMjQwOTI3MTEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E2YWQxYWQxYTdmZjg4YzMzYzIwOWRkNTE4YTdiMGJmZmZhMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51HzOMpJvvHqldDGUsqYqaeofEGJ
mxUrlQqVjNKRtp3T/VitIc/75QqOFQ1bc+iybVsqZZA8Grjbe3SXamVOBU+TASk5
I4ztZ1tvKtkVSGwe3Qc0vDZMn/+yBxFpzBo7eWVv5ZE8B+eOgnOX+w0cyaCd/QgX
KDJSoLyVgN1Rbq8Blxz75ns2Nntizj7Pz4AtDjh2BnZ1jbfpMckxiTIRwQMRlCe0
fiXZw9SM2d8pJZu86TXse/gEv51XwZIipGiLq9BajQXj54ir57I+Sdkfky/JZ+YJ
llQgd9V0wQVa84dCVO/0+J/xUMwLKdNTS4WiGtAYE98YbBzS4b7osNSATQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDymrRrRp/+IwzwgndUYp7C//6NbMB8GA1UdIwQY
MBaAFBmmBG43x+IHW0HW/vcNIxIwPF85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FZRWJqZkg0Z2RiUWRiLTl3MGpFakE4WHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83OTllNWMtMTU5NC00MDlmLThjNTQt
M2ZlYzU4NjE0YzRiLzEvUEthdEd0R25fNGpEUENDZDFSaW5zTF9fbzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83OTllNWMtMTU5NC00MDlmLThjNTQtM2ZlYzU4NjE0YzRi
LzEvR2FZRWJqZkg0Z2RiUWRiLTl3MGpFakE4WHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8sYAwQD
bV8oAwQDsHhwMA0GCSqGSIb3DQEBCwUAA4IBAQAdsPiHbOyKyCIyRwnL/m561+3B
M6FdOg6MdOI3BkGRyHLt2IQ3IYoESDAsZJKqBhxCrLT0xJ4gh4Zb77L0TQXWrlRg
mlNvMLfjJgUKH+/H3eJt4MLOT/tzfBFiqNKXVb6pFR0uJOAM7Dv+gZLwAjPMvuWw
XM7EuzuoBRKYGv4ohDqkgiDBfP/I+5UVVVLtz1TByC0TGEG3p2o5UoQX0d4m45FJ
I1zDrpeZL8tJM0JdlP94EAmS4/eNugGVsU6RlIi11SSa2pXXaYl1ygYupZ0NwxDh
hMxHHAZJRW6hhEasH5i6xtXQd7yDmiQVmcv8867yMma0M4fhT/FR7kakpT18
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:47 2024 by rpki-client on console.sobornost.net