
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/U3msX1HOlWoD0p2yCVjgxzGcadk.roa
File: U3msX1HOlWoD0p2yCVjgxzGcadk.roa (raw, json)
Hash identifier: r5yrnf0IyqNz6UoJpUOpCUm1qoodXLSCVx9FqdHdNYs=
Subject key identifier: 53:79:AC:5F:51:CE:95:6A:03:D2:9D:B2:09:58:E0:C7:31:9C:69:D9
Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial: 018CC7271BF1023D03BA5D696CB51416CCC9
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/U3msX1HOlWoD0p2yCVjgxzGcadk.roa
Signing time: Mon 01 Jan 2024 22:31:18 +0000
ROA not before: Mon 01 Jan 2024 22:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 193.28.159.0/24 maxlen: 24
91.223.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1b:f1:02:3d:03:ba:5d:69:6c:b5:14:16:cc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Validity
Not Before: Jan 1 22:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5379ac5f51ce956a03d29db20958e0c7319c69d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:aa:9a:63:46:fc:8d:8f:91:b3:44:6d:85:
55:9f:57:7f:38:45:88:7a:a7:89:b9:82:38:b7:60:
7a:ff:b4:32:e1:0c:a1:13:88:90:f6:c1:8c:d6:39:
df:1a:5d:0e:8b:57:91:9f:44:d9:1c:23:d4:30:10:
7e:b1:fd:a8:c1:92:66:e1:f2:80:bd:5e:83:61:01:
e2:64:6a:96:72:de:27:fb:64:d8:94:c3:95:0e:4c:
bd:f2:f9:0e:bf:d5:64:34:01:75:34:ce:b4:b0:8d:
71:1a:b2:b4:f7:92:d1:6b:56:15:f0:73:08:71:03:
c1:41:0d:7c:c8:08:29:68:95:59:c0:65:1a:c4:72:
36:b6:ff:7f:da:a7:cc:64:a8:f6:3b:c5:21:92:ef:
26:ae:a6:4d:cc:69:a5:fb:5b:47:c4:c0:a2:30:ad:
e8:cc:2d:64:7a:87:a0:bb:d6:41:ec:03:b5:5e:05:
31:54:d9:de:66:a2:33:7b:36:1c:04:2c:57:b6:57:
19:8c:1a:03:50:35:f0:e3:0b:3a:82:31:d7:29:dd:
ae:ff:74:77:b8:1c:30:f6:d3:cd:4e:3d:55:c9:cc:
c2:3e:d7:ee:58:b2:64:ae:e9:39:3a:7d:a5:48:1f:
ed:93:a6:08:9a:cf:2b:bd:5b:55:d6:70:1d:44:90:
46:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:79:AC:5F:51:CE:95:6A:03:D2:9D:B2:09:58:E0:C7:31:9C:69:D9
X509v3 Authority Key Identifier:
keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/U3msX1HOlWoD0p2yCVjgxzGcadk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.161.0/24
193.28.159.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6f:94:55:6c:ee:16:9c:c0:e8:54:d3:21:35:59:9a:6a:0c:
23:38:39:10:1b:51:9b:07:31:1c:1c:05:a6:de:80:69:c4:50:
b6:62:58:f9:41:db:92:e5:d4:d4:89:f7:72:b8:26:be:6e:a7:
6a:c7:ab:16:0e:01:10:ff:3e:a0:5e:90:82:75:b7:50:6f:ec:
9f:53:43:ed:11:c1:65:e8:84:89:c0:d4:fa:e8:04:3e:09:8f:
58:cf:b2:55:c7:80:f6:f9:02:95:3f:5e:4f:11:69:46:b4:99:
b7:bc:07:d7:33:29:2d:a0:ac:cf:0e:47:0b:8a:6a:03:cb:a9:
b3:bb:d3:58:69:17:a7:f5:ee:3a:e8:67:25:b8:8f:4e:a2:e8:
29:da:f8:5f:9a:b8:3b:3d:20:99:bd:1e:b8:16:54:7f:06:c1:
a2:60:7a:06:4e:da:01:ea:1a:7e:de:b1:84:20:72:73:39:54:
b3:3b:6a:da:c1:a1:b9:7d:73:fe:9f:2f:be:3a:a0:a4:3b:f8:
38:69:0c:db:95:c6:72:47:22:b6:c7:fc:5a:be:04:2c:be:b6:
7c:0b:92:bc:99:13:29:39:98:e0:35:07:c9:25:4e:53:03:c1:
8e:8b:5a:f6:2c:67:a8:51:0e:d0:4d:d5:7e:14:70:5d:7d:88:
45:78:af:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJxvxAj0Dul1pbLUUFszJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjQwMTAxMjIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc5YWM1ZjUxY2U5NTZhMDNkMjlkYjIwOTU4ZTBjNzMxOWM2OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAWqmmNG/I2PkbNEbYVVn1d/OEWI
eqeJuYI4t2B6/7Qy4QyhE4iQ9sGM1jnfGl0Oi1eRn0TZHCPUMBB+sf2owZJm4fKA
vV6DYQHiZGqWct4n+2TYlMOVDky98vkOv9VkNAF1NM60sI1xGrK095LRa1YV8HMI
cQPBQQ18yAgpaJVZwGUaxHI2tv9/2qfMZKj2O8Uhku8mrqZNzGml+1tHxMCiMK3o
zC1keoegu9ZB7AO1XgUxVNneZqIzezYcBCxXtlcZjBoDUDXw4ws6gjHXKd2u/3R3
uBww9tPNTj1VyczCPtfuWLJkruk5On2lSB/tk6YIms8rvVtV1nAdRJBG9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFN5rF9RzpVqA9KdsglY4McxnGnZMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvVTNtc1gxSE9sV29EMHAyeUNWamd4ekdjYWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj
LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9+hAwQA
wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQBTb5RVbO4WnMDoVNMhNVmaagwjODkQG1Gb
BzEcHAWm3oBpxFC2Ylj5QduS5dTUifdyuCa+bqdqx6sWDgEQ/z6gXpCCdbdQb+yf
U0PtEcFl6ISJwNT66AQ+CY9Yz7JVx4D2+QKVP15PEWlGtJm3vAfXMyktoKzPDkcL
imoDy6mzu9NYaRen9e466GcluI9Oougp2vhfmrg7PSCZvR64FlR/BsGiYHoGTtoB
6hp+3rGEIHJzOVSzO2rawaG5fXP+ny++OqCkO/g4aQzblcZyRyK2x/xavgQsvrZ8
C5K8mRMpOZjgNQfJJU5TA8GOi1r2LGeoUQ7QTdV+FHBdfYhFeK8U
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:28 2024 by rpki-client on console.sobornost.net