Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/a6cd99-85cb-4153-bbf9-cf4270c6953d/1/0KnlNF1CueaCJWPptaThR9wSPiM.roa
File: 0KnlNF1CueaCJWPptaThR9wSPiM.roa (raw, json)
Hash identifier: 9mmq7lXmpKaDlQzfFS7OCNnfhBW/CFuEZD00ptNLy8c=
Subject key identifier: D0:A9:E5:34:5D:42:B9:E6:82:25:63:E9:B5:A4:E1:47:DC:12:3E:23
Certificate issuer: /CN=17e30280ae22443406f6b63cf5e0d8e061d6bbca
Certificate serial: 01856FB10D8226CD8256771EAF0AE2F9A775
Authority key identifier: 17:E3:02:80:AE:22:44:34:06:F6:B6:3C:F5:E0:D8:E0:61:D6:BB:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-MCgK4iRDQG9rY89eDY4GHWu8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/a6cd99-85cb-4153-bbf9-cf4270c6953d/1/0KnlNF1CueaCJWPptaThR9wSPiM.roa
Signing time: Sun 01 Jan 2023 23:35:52 +0000
ROA not before: Sun 01 Jan 2023 23:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 212.24.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:0d:82:26:cd:82:56:77:1e:af:0a:e2:f9:a7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17e30280ae22443406f6b63cf5e0d8e061d6bbca
Validity
Not Before: Jan 1 23:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0a9e5345d42b9e6822563e9b5a4e147dc123e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a0:b1:29:0f:da:5c:6b:d1:bd:cb:24:be:26:
0b:31:ff:0c:1e:6e:8e:6a:25:0d:a2:0e:4e:13:30:
1b:1a:1d:30:fe:f7:53:af:42:76:87:52:ec:13:c9:
63:99:81:50:1b:6b:aa:5e:be:3b:42:1d:b0:88:7e:
1f:7f:98:f6:64:21:6f:dd:7b:f7:70:07:9b:97:eb:
27:1c:75:08:ef:66:a0:61:d9:1b:9a:4f:01:00:a5:
2e:69:bf:7d:51:b0:10:ad:8b:b4:7f:74:e2:1a:53:
be:4c:d3:d1:9a:2f:df:5f:c1:cb:47:9e:8e:c6:92:
89:1d:05:94:35:c6:e6:c4:2f:60:53:a5:b9:fd:86:
24:24:cb:32:90:92:9d:b7:04:fd:ed:4a:f6:19:0e:
5a:a3:e9:26:af:b7:ac:6f:0f:70:39:93:b9:7e:dd:
6b:ab:cf:65:cf:7c:57:e3:0b:cb:61:80:c0:d8:75:
b0:de:5e:28:65:e0:24:e2:dc:ce:e2:4c:3b:f7:a6:
2c:f3:4c:51:3e:5c:65:94:22:33:f8:ed:5b:dd:d2:
9c:a9:c0:bd:2e:68:d4:23:85:e4:bd:6f:57:ea:53:
b3:8d:11:c6:64:4b:31:e1:d9:8f:d3:d1:76:87:44:
9f:c9:25:81:8a:87:ed:55:9c:5c:46:65:71:77:2a:
d8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A9:E5:34:5D:42:B9:E6:82:25:63:E9:B5:A4:E1:47:DC:12:3E:23
X509v3 Authority Key Identifier:
keyid:17:E3:02:80:AE:22:44:34:06:F6:B6:3C:F5:E0:D8:E0:61:D6:BB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-MCgK4iRDQG9rY89eDY4GHWu8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a6cd99-85cb-4153-bbf9-cf4270c6953d/1/0KnlNF1CueaCJWPptaThR9wSPiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a6cd99-85cb-4153-bbf9-cf4270c6953d/1/F-MCgK4iRDQG9rY89eDY4GHWu8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.123.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f6:8b:d3:18:c2:50:cc:8e:00:84:67:3f:98:2c:eb:c7:1f:
b9:db:bb:64:5f:9e:b0:56:03:3f:4f:43:21:b9:53:0f:6b:00:
9b:4e:f5:00:29:3b:40:8a:4f:50:e0:31:c9:0f:d8:93:46:6f:
f6:5b:1f:8b:be:7a:20:a7:ec:0a:7a:c9:9a:0a:d0:3c:ee:05:
5f:fd:54:da:ee:9e:ac:e7:b8:5f:4d:47:63:b7:48:2c:83:3a:
2e:42:f5:6e:38:34:2e:ae:03:fa:a0:9f:12:b6:f1:08:84:01:
2c:69:16:2e:f9:5a:a7:f5:ac:5c:44:14:27:e7:65:80:ea:0f:
2e:f8:34:76:79:a8:9f:3f:1c:d0:5c:9b:c0:53:d6:2a:bc:68:
9a:cb:63:98:9b:b8:1e:1c:68:42:85:18:e6:b2:df:35:99:99:
1d:27:c2:6b:75:58:41:4f:5e:4f:99:13:8f:62:5b:f1:b6:61:
56:8a:22:7a:42:4e:a5:0a:f1:09:f7:07:a9:88:be:8c:26:37:
6b:07:1c:43:98:52:d1:e7:d4:62:2c:2b:9f:bc:cc:c8:e3:ab:
06:d9:f2:ce:90:11:7a:f0:2f:5d:91:75:89:e8:0e:68:72:b6:
d0:5a:91:2b:bd:2b:70:61:a9:d7:b1:9d:f4:ef:a9:78:5c:61:
31:c9:eb:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvsQ2CJs2CVncerwri+ad1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZTMwMjgwYWUyMjQ0MzQwNmY2YjYzY2Y1ZTBkOGUwNjFk
NmJiY2EwHhcNMjMwMTAxMjMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE5ZTUzNDVkNDJiOWU2ODIyNTYzZTliNWE0ZTE0N2RjMTIzZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqCxKQ/aXGvRvcskviYLMf8MHm6O
aiUNog5OEzAbGh0w/vdTr0J2h1LsE8ljmYFQG2uqXr47Qh2wiH4ff5j2ZCFv3Xv3
cAebl+snHHUI72agYdkbmk8BAKUuab99UbAQrYu0f3TiGlO+TNPRmi/fX8HLR56O
xpKJHQWUNcbmxC9gU6W5/YYkJMsykJKdtwT97Ur2GQ5ao+kmr7esbw9wOZO5ft1r
q89lz3xX4wvLYYDA2HWw3l4oZeAk4tzO4kw796Ys80xRPlxllCIz+O1b3dKcqcC9
LmjUI4XkvW9X6lOzjRHGZEsx4dmP09F2h0SfySWBioftVZxcRmVxdyrYZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCp5TRdQrnmgiVj6bWk4UfcEj4jMB8GA1UdIwQY
MBaAFBfjAoCuIkQ0Bva2PPXg2OBh1rvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRi1NQ2dLNGlSRFFHOXJZODllRFk0R0hXdThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9hNmNkOTktODVjYi00MTUzLWJiZjkt
Y2Y0MjcwYzY5NTNkLzEvMEtubE5GMUN1ZWFDSldQcHRhVGhSOXdTUGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9hNmNkOTktODVjYi00MTUzLWJiZjktY2Y0MjcwYzY5NTNk
LzEvRi1NQ2dLNGlSRFFHOXJZODllRFk0R0hXdThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Bh7MA0G
CSqGSIb3DQEBCwUAA4IBAQB+9ovTGMJQzI4AhGc/mCzrxx+527tkX56wVgM/T0Mh
uVMPawCbTvUAKTtAik9Q4DHJD9iTRm/2Wx+Lvnogp+wKesmaCtA87gVf/VTa7p6s
57hfTUdjt0gsgzouQvVuODQurgP6oJ8StvEIhAEsaRYu+Vqn9axcRBQn52WA6g8u
+DR2eaifPxzQXJvAU9YqvGiay2OYm7geHGhChRjmst81mZkdJ8JrdVhBT15PmROP
YlvxtmFWiiJ6Qk6lCvEJ9wepiL6MJjdrBxxDmFLR59RiLCufvMzI46sG2fLOkBF6
8C9dkXWJ6A5ocrbQWpErvStwYanXsZ3076l4XGExyev1
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:12 2023 by rpki-client on console.sobornost.net