Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/J9fylWntBCsbRqgLuTV8YnhaPnw.roa
File: J9fylWntBCsbRqgLuTV8YnhaPnw.roa (raw, json)
Hash identifier: geB9oG6n4ut4Nyd7y/ogJzApthhu4H4M9vhO10UDiQE=
Subject key identifier: 27:D7:F2:95:69:ED:04:2B:1B:46:A8:0B:B9:35:7C:62:78:5A:3E:7C
Certificate issuer: /CN=4f21c5393d93fccf0b8e0cccdc8d5497e2d69209
Certificate serial: 01840F8F5A7E48A239D152143F940DFC768B
Authority key identifier: 4F:21:C5:39:3D:93:FC:CF:0B:8E:0C:CC:DC:8D:54:97:E2:D6:92:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/J9fylWntBCsbRqgLuTV8YnhaPnw.roa
Signing time: Tue 25 Oct 2022 14:32:43 +0000
ROA not before: Tue 25 Oct 2022 14:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328543
IP address blocks: 195.74.89.0/24 maxlen: 24
195.74.88.0/24 maxlen: 24
195.74.88.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:8f:5a:7e:48:a2:39:d1:52:14:3f:94:0d:fc:76:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f21c5393d93fccf0b8e0cccdc8d5497e2d69209
Validity
Not Before: Oct 25 14:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27d7f29569ed042b1b46a80bb9357c62785a3e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:3e:f3:fb:09:e3:4a:fc:d8:8e:64:dc:9a:
1e:a1:e1:7c:b8:bf:d8:78:05:e1:df:83:5b:0d:6c:
fe:e5:4e:a1:1f:30:55:ad:ac:37:65:39:47:a3:c5:
40:0a:c7:1a:41:60:6b:68:c0:a4:67:f2:a9:6d:9d:
be:29:8e:e4:0a:7f:b0:26:a9:71:7e:b1:97:ed:d2:
e5:c6:c3:05:a9:fd:95:1e:56:7e:f0:3a:03:f7:b0:
7b:a1:e2:85:b4:ad:33:dc:e1:7c:88:3d:9b:1e:3a:
ad:ed:c6:bd:f8:64:e2:22:e2:96:c7:a9:1c:1b:4b:
80:14:a7:2f:a0:42:7b:d8:7a:59:98:61:89:9e:05:
6c:32:d2:a6:6b:eb:16:83:fc:ae:e1:7b:68:a0:35:
0c:0a:21:cf:1c:17:17:47:7b:c7:7a:06:b6:75:b9:
f4:f0:43:18:39:d5:3a:ee:7b:3d:7c:ee:f7:18:24:
9a:bc:59:a1:9e:45:f0:8a:e3:1b:e3:93:03:73:a1:
cd:16:ce:c3:85:59:fa:48:28:55:2a:c4:e8:70:8e:
44:c0:d5:4a:5c:28:9c:8f:48:8a:a2:3b:d8:77:fc:
ec:ee:91:41:26:a3:48:e8:2a:31:bd:f6:44:df:39:
3a:93:58:c3:57:c3:05:e2:78:bb:5c:99:1c:31:90:
7b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D7:F2:95:69:ED:04:2B:1B:46:A8:0B:B9:35:7C:62:78:5A:3E:7C
X509v3 Authority Key Identifier:
keyid:4F:21:C5:39:3D:93:FC:CF:0B:8E:0C:CC:DC:8D:54:97:E2:D6:92:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/J9fylWntBCsbRqgLuTV8YnhaPnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.74.88.0/23
Signature Algorithm: sha256WithRSAEncryption
34:d6:d5:8d:ec:2f:57:4c:8c:66:46:13:a0:26:ce:1a:5b:80:
e8:31:26:33:8a:cd:53:00:b3:b4:75:36:aa:d9:1a:6c:aa:6c:
2d:4f:2d:d5:19:50:28:fd:9c:d9:f5:3d:f7:72:1f:ee:30:cc:
12:8b:1b:08:a3:0c:dc:1d:f3:7b:ec:6c:ef:02:69:95:b1:61:
b6:f3:3c:9a:e5:a0:4d:10:9b:1b:c8:c6:dc:5a:ff:a0:54:b3:
99:37:bb:d1:ac:d9:99:0a:8a:87:a6:42:56:d7:84:e0:d2:fe:
f6:30:00:2c:2a:c9:9f:0f:08:d5:48:1e:61:43:1b:88:46:d5:
81:9b:2e:aa:22:aa:97:25:b6:a1:9c:b3:32:b3:af:b3:f9:1a:
e6:29:4e:55:d9:cc:d4:3c:20:96:34:8b:a9:d4:0e:4d:a4:c8:
25:87:04:f9:84:5c:0e:d2:7d:ef:bb:0c:30:db:3a:97:0e:7e:
94:7c:7c:a8:18:10:2f:49:d8:25:05:fb:be:23:72:df:53:31:
77:d9:31:c0:ae:4e:c5:bf:03:fc:e9:0e:92:cb:72:12:35:19:
ac:f0:b7:51:6c:39:23:5f:bd:ab:2a:5e:37:18:69:bf:6e:03:
c9:0e:b0:d1:cd:88:4b:7d:e1:48:46:30:cd:04:ea:8a:8b:de:
c4:1a:85:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQPj1p+SKI50VIUP5QN/HaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjFjNTM5M2Q5M2ZjY2YwYjhlMGNjY2RjOGQ1NDk3ZTJk
NjkyMDkwHhcNMjIxMDI1MTQzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Q3ZjI5NTY5ZWQwNDJiMWI0NmE4MGJiOTM1N2M2Mjc4NWEzZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweY+8/sJ40r82I5k3JoeoeF8uL/Y
eAXh34NbDWz+5U6hHzBVraw3ZTlHo8VACscaQWBraMCkZ/KpbZ2+KY7kCn+wJqlx
frGX7dLlxsMFqf2VHlZ+8DoD97B7oeKFtK0z3OF8iD2bHjqt7ca9+GTiIuKWx6kc
G0uAFKcvoEJ72HpZmGGJngVsMtKma+sWg/yu4XtooDUMCiHPHBcXR3vHega2dbn0
8EMYOdU67ns9fO73GCSavFmhnkXwiuMb45MDc6HNFs7DhVn6SChVKsTocI5EwNVK
XCicj0iKojvYd/zs7pFBJqNI6CoxvfZE3zk6k1jDV8MF4ni7XJkcMZB7YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfX8pVp7QQrG0aoC7k1fGJ4Wj58MB8GA1UdIwQY
MBaAFE8hxTk9k/zPC44MzNyNVJfi1pIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlIRk9UMlRfTThMamd6TTNJMVVsLUxXa2drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kZjE1ZDUtYTBkMC00ZmFiLWJjOTYt
ZWQyMWY4MDg4NmEzLzEvSjlmeWxXbnRCQ3NiUnFnTHVUVjhZbmhhUG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kZjE1ZDUtYTBkMC00ZmFiLWJjOTYtZWQyMWY4MDg4NmEz
LzEvVHlIRk9UMlRfTThMamd6TTNJMVVsLUxXa2drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0pYMA0G
CSqGSIb3DQEBCwUAA4IBAQA01tWN7C9XTIxmRhOgJs4aW4DoMSYzis1TALO0dTaq
2RpsqmwtTy3VGVAo/ZzZ9T33ch/uMMwSixsIowzcHfN77GzvAmmVsWG28zya5aBN
EJsbyMbcWv+gVLOZN7vRrNmZCoqHpkJW14Tg0v72MAAsKsmfDwjVSB5hQxuIRtWB
my6qIqqXJbahnLMys6+z+RrmKU5V2czUPCCWNIup1A5NpMglhwT5hFwO0n3vuwww
2zqXDn6UfHyoGBAvSdglBfu+I3LfUzF32THArk7FvwP86Q6Sy3ISNRms8LdRbDkj
X72rKl43GGm/bgPJDrDRzYhLfeFIRjDNBOqKi97EGoV/
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net