Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a3ff72-37a7-47f8-950e-2d4bf9104099/1/T9XPGiDCvj3qydDMj0tnZj21Kc0.roa
File: T9XPGiDCvj3qydDMj0tnZj21Kc0.roa (raw, json)
Hash identifier: FpRU7d/R/TzoNRzrp6Mhsu+qCue6WACPSaDHrh5wBKU=
Subject key identifier: 4F:D5:CF:1A:20:C2:BE:3D:EA:C9:D0:CC:8F:4B:67:66:3D:B5:29:CD
Certificate issuer: /CN=b9247a6d39ec8c90f6727bea2dbc80f1410999ad
Certificate serial: 018571DE8A339B41BDB3E86E9CD9E30617C3
Authority key identifier: B9:24:7A:6D:39:EC:8C:90:F6:72:7B:EA:2D:BC:80:F1:41:09:99:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uSR6bTnsjJD2cnvqLbyA8UEJma0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/a3ff72-37a7-47f8-950e-2d4bf9104099/1/T9XPGiDCvj3qydDMj0tnZj21Kc0.roa
Signing time: Mon 02 Jan 2023 09:44:47 +0000
ROA not before: Mon 02 Jan 2023 09:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 146.255.188.0/24 maxlen: 24
2a11:c880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8a:33:9b:41:bd:b3:e8:6e:9c:d9:e3:06:17:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9247a6d39ec8c90f6727bea2dbc80f1410999ad
Validity
Not Before: Jan 2 09:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fd5cf1a20c2be3deac9d0cc8f4b67663db529cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c1:64:32:df:1e:73:7b:d6:9b:5a:7d:13:75:
e2:67:76:45:a2:90:d2:98:79:27:e1:95:55:a2:e9:
07:56:7b:fa:dd:c7:3b:d1:1a:07:0e:0d:61:0a:69:
14:c7:54:c4:ee:db:72:2b:bc:61:6e:e7:39:66:b9:
65:2b:93:dd:7a:e8:db:80:4f:ca:2f:6f:14:86:a2:
64:5a:16:1b:50:03:1c:0b:d8:ce:23:b8:68:7d:37:
3d:81:95:4f:01:70:20:0c:b1:26:ff:f3:13:8d:ba:
ca:b0:4c:1b:6d:de:72:7a:78:b2:21:ca:6e:b8:1d:
c3:66:e2:62:3e:ac:87:c3:bd:2d:28:6d:5b:bf:48:
6e:aa:82:2b:eb:81:ce:8c:1a:17:4f:ed:c1:7b:7f:
27:dd:da:ff:0c:27:3f:29:35:1d:af:84:13:91:01:
4f:c2:e8:51:c6:d5:06:ff:2e:bb:65:60:80:57:36:
1f:fd:cc:dc:0e:d8:4f:00:e7:31:7d:f4:33:23:c3:
2b:c4:5c:56:28:82:2d:75:a4:48:77:e5:c5:4c:b3:
2d:6e:28:af:4f:ee:11:be:1a:e3:54:d5:e6:81:38:
bf:1f:39:be:cb:0d:f8:ab:e8:34:94:48:eb:e4:84:
51:bf:7b:91:33:44:d9:7f:27:58:18:d1:05:f7:01:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D5:CF:1A:20:C2:BE:3D:EA:C9:D0:CC:8F:4B:67:66:3D:B5:29:CD
X509v3 Authority Key Identifier:
keyid:B9:24:7A:6D:39:EC:8C:90:F6:72:7B:EA:2D:BC:80:F1:41:09:99:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uSR6bTnsjJD2cnvqLbyA8UEJma0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a3ff72-37a7-47f8-950e-2d4bf9104099/1/T9XPGiDCvj3qydDMj0tnZj21Kc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a3ff72-37a7-47f8-950e-2d4bf9104099/1/uSR6bTnsjJD2cnvqLbyA8UEJma0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.188.0/24
IPv6:
2a11:c880::/29
Signature Algorithm: sha256WithRSAEncryption
80:ea:b3:77:1f:9f:ee:37:06:b6:42:12:aa:44:a9:d9:19:31:
72:40:4c:8e:f8:a7:db:ac:de:cb:47:07:bf:bd:4e:cf:a7:e3:
b1:88:d6:b6:61:f2:76:f5:7b:6a:cb:1e:ad:83:e5:3c:b2:a1:
02:87:8c:58:42:93:60:db:80:ad:78:05:4a:3d:ce:cf:5a:e6:
ff:47:ea:92:fd:a7:18:39:cc:6e:54:04:6a:a0:38:c7:b7:6c:
92:b1:5a:f9:33:6f:d1:c0:3b:89:e1:93:e4:ea:19:af:ce:72:
51:dc:33:af:a4:f9:b9:c7:b9:c3:7f:cc:81:de:91:8e:a6:2c:
0a:96:38:85:e9:b9:59:06:9b:ad:0b:bc:c4:b1:a6:9c:11:f8:
2c:20:39:bf:38:9c:e2:db:ae:cb:ca:87:d7:12:1a:65:fd:85:
1f:23:db:30:d8:52:4c:3e:dc:d3:88:c4:b2:8e:65:6c:86:39:
6e:ce:50:71:d3:69:a7:1d:c6:ed:ed:7b:fa:a6:45:7b:2c:28:
57:2c:43:d8:c2:9b:95:a1:97:67:ca:af:dc:e7:26:e5:fb:6c:
e8:0e:31:ff:93:96:05:22:36:3b:d3:3c:fc:29:72:de:20:8b:
c6:7c:ee:f6:5a:c5:af:bb:98:c7:a6:d8:c5:0e:66:db:3f:3d:
0a:89:b3:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3oozm0G9s+hunNnjBhfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MjQ3YTZkMzllYzhjOTBmNjcyN2JlYTJkYmM4MGYxNDEw
OTk5YWQwHhcNMjMwMTAyMDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ1Y2YxYTIwYzJiZTNkZWFjOWQwY2M4ZjRiNjc2NjNkYjUyOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8FkMt8ec3vWm1p9E3XiZ3ZFopDS
mHkn4ZVVoukHVnv63cc70RoHDg1hCmkUx1TE7ttyK7xhbuc5ZrllK5PdeujbgE/K
L28UhqJkWhYbUAMcC9jOI7hofTc9gZVPAXAgDLEm//MTjbrKsEwbbd5yeniyIcpu
uB3DZuJiPqyHw70tKG1bv0huqoIr64HOjBoXT+3Be38n3dr/DCc/KTUdr4QTkQFP
wuhRxtUG/y67ZWCAVzYf/czcDthPAOcxffQzI8MrxFxWKIItdaRId+XFTLMtbiiv
T+4RvhrjVNXmgTi/Hzm+yw34q+g0lEjr5IRRv3uRM0TZfydYGNEF9wFvKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE/Vzxogwr496snQzI9LZ2Y9tSnNMB8GA1UdIwQY
MBaAFLkkem057IyQ9nJ76i28gPFBCZmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVNSNmJUbnNqSkQyY252cUxieUE4VUVKbWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hM2ZmNzItMzdhNy00N2Y4LTk1MGUt
MmQ0YmY5MTA0MDk5LzEvVDlYUEdpREN2ajNxeWRETWowdG5aajIxS2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hM2ZmNzItMzdhNy00N2Y4LTk1MGUtMmQ0YmY5MTA0MDk5
LzEvdVNSNmJUbnNqSkQyY252cUxieUE4VUVKbWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkv+8MA0E
AgACMAcDBQMqEciAMA0GCSqGSIb3DQEBCwUAA4IBAQCA6rN3H5/uNwa2QhKqRKnZ
GTFyQEyO+KfbrN7LRwe/vU7Pp+OxiNa2YfJ29Xtqyx6tg+U8sqECh4xYQpNg24Ct
eAVKPc7PWub/R+qS/acYOcxuVARqoDjHt2ySsVr5M2/RwDuJ4ZPk6hmvznJR3DOv
pPm5x7nDf8yB3pGOpiwKljiF6blZBputC7zEsaacEfgsIDm/OJzi267LyofXEhpl
/YUfI9sw2FJMPtzTiMSyjmVshjluzlBx02mnHcbt7Xv6pkV7LChXLEPYwpuVoZdn
yq/c5ybl+2zoDjH/k5YFIjY70zz8KXLeIIvGfO72WsWvu5jHptjFDmbbPz0KibPB
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:27 2023 by rpki-client on console.sobornost.net