Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NGahIjWQOG-HDHPEBDiiOkL7ak0.roa
File: NGahIjWQOG-HDHPEBDiiOkL7ak0.roa (raw, json)
Hash identifier: w9ZM0vUiZ3tsHr43ufxpWWdU1JxIlKXXT+L4jDuXby0=
Subject key identifier: 34:66:A1:22:35:90:38:6F:87:0C:73:C4:04:38:A2:3A:42:FB:6A:4D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0193689279BC917E3C77E2204A75E8F4F91C
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NGahIjWQOG-HDHPEBDiiOkL7ak0.roa
Signing time: Tue 26 Nov 2024 13:04:10 +0000
ROA not before: Tue 26 Nov 2024 13:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 170.62.112.0/22 maxlen: 24
170.62.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:92:79:bc:91:7e:3c:77:e2:20:4a:75:e8:f4:f9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Nov 26 13:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3466a1223590386f870c73c40438a23a42fb6a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:f2:d9:42:0c:b3:08:4a:aa:95:2c:49:4f:
c2:d8:45:30:e5:57:2d:00:99:1c:4d:30:fe:cb:ad:
b2:0d:dc:98:65:b0:ab:89:1f:0a:b3:e3:4f:63:60:
88:00:d1:c7:f4:d6:51:2b:28:96:cb:75:ee:bb:fb:
84:a6:8f:02:72:3b:c2:90:f5:9b:8f:0a:b3:73:ee:
62:49:13:27:99:20:47:30:d7:8e:6f:ca:32:2e:23:
47:17:2b:25:bc:79:67:f1:f1:4a:54:c1:d0:7f:81:
b7:e7:51:cb:f4:cc:26:d3:3f:3e:11:9b:0f:e5:5e:
4b:50:06:da:9f:16:c6:42:12:fb:38:75:35:5c:1a:
bd:a0:16:fc:6c:b8:08:5f:33:e4:7e:a2:11:9e:c0:
e3:b5:3a:d3:97:83:b6:95:a5:0d:ee:70:77:ae:51:
13:af:9a:0d:2b:d1:fa:eb:07:2c:e6:19:b1:21:89:
33:dd:aa:17:e8:8c:de:74:3b:af:89:ad:2d:62:7d:
fe:78:c7:dd:2f:94:68:89:66:ab:7e:d1:5e:c0:2d:
a1:80:3a:c7:93:ae:69:08:2f:af:5e:03:d8:4a:37:
cf:0b:cd:fe:ff:c9:46:08:1a:84:5b:dd:0d:d0:1a:
b3:b4:fa:31:c5:4e:80:35:f5:8d:fd:c4:66:75:86:
dc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:66:A1:22:35:90:38:6F:87:0C:73:C4:04:38:A2:3A:42:FB:6A:4D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/NGahIjWQOG-HDHPEBDiiOkL7ak0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.112.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:74:62:77:91:08:44:68:a6:56:77:4e:d6:71:21:55:21:58:
4e:0d:9d:18:63:e8:30:2d:b6:47:ea:96:ba:30:3e:d7:f4:bb:
fe:07:47:23:31:03:48:3f:1e:1c:8e:74:65:16:18:de:e6:d9:
de:19:b3:2a:bb:50:c8:b0:6e:13:35:3f:a3:43:f4:38:84:1d:
8a:8a:af:9a:ef:0f:38:11:37:ae:81:25:c9:ab:9f:0d:0b:d5:
a6:6e:81:65:a3:fe:0d:54:93:29:2a:5c:79:18:84:dc:f6:45:
13:f3:bd:7b:f8:47:af:ab:24:71:a8:8f:65:84:fc:f7:b8:90:
9c:49:4f:cc:d0:46:e6:a7:d9:23:c0:14:7a:c8:52:76:1c:86:
29:01:dc:d3:6e:96:5a:17:26:23:05:37:67:cc:0a:7d:8e:d1:
71:d9:9e:b1:87:a2:20:6b:70:28:60:09:a6:5c:0a:6e:39:d0:
92:57:01:ae:62:00:96:6b:2c:de:b4:c6:a6:a3:52:6f:32:a7:
72:a0:b8:0b:07:46:72:cb:5b:11:27:81:0c:11:6d:32:ed:e4:
1d:56:14:4a:5b:9e:ef:c5:04:bc:81:de:d6:2a:48:ef:93:74:
23:3f:0d:89:b9:9b:33:f7:95:10:dc:3a:ad:c8:0c:e5:6b:02:
7b:03:52:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNoknm8kX48d+IgSnXo9PkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMTI2MTMwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY2YTEyMjM1OTAzODZmODcwYzczYzQwNDM4YTIzYTQyZmI2YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Dy2UIMswhKqpUsSU/C2EUw5Vct
AJkcTTD+y62yDdyYZbCriR8Ks+NPY2CIANHH9NZRKyiWy3Xuu/uEpo8CcjvCkPWb
jwqzc+5iSRMnmSBHMNeOb8oyLiNHFyslvHln8fFKVMHQf4G351HL9Mwm0z8+EZsP
5V5LUAbanxbGQhL7OHU1XBq9oBb8bLgIXzPkfqIRnsDjtTrTl4O2laUN7nB3rlET
r5oNK9H66wcs5hmxIYkz3aoX6IzedDuvia0tYn3+eMfdL5RoiWarftFewC2hgDrH
k65pCC+vXgPYSjfPC83+/8lGCBqEW90N0BqztPoxxU6ANfWN/cRmdYbcXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRmoSI1kDhvhwxzxAQ4ojpC+2pNMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTkdhaElqV1FPRy1IREhQRUJEaWlPa0w3YWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDqj5wMA0G
CSqGSIb3DQEBCwUAA4IBAQBOdGJ3kQhEaKZWd07WcSFVIVhODZ0YY+gwLbZH6pa6
MD7X9Lv+B0cjMQNIPx4cjnRlFhje5tneGbMqu1DIsG4TNT+jQ/Q4hB2Kiq+a7w84
ETeugSXJq58NC9WmboFlo/4NVJMpKlx5GITc9kUT8717+EevqyRxqI9lhPz3uJCc
SU/M0Ebmp9kjwBR6yFJ2HIYpAdzTbpZaFyYjBTdnzAp9jtFx2Z6xh6Iga3AoYAmm
XApuOdCSVwGuYgCWayzetMamo1JvMqdyoLgLB0Zyy1sRJ4EMEW0y7eQdVhRKW57v
xQS8gd7WKkjvk3QjPw2JuZsz95UQ3DqtyAzlawJ7A1Km
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:53 2024 by rpki-client on console.sobornost.net