Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/f38KqJumfD4amOQkAdP1vuiKpvE.roa
File: f38KqJumfD4amOQkAdP1vuiKpvE.roa (raw, json)
Hash identifier: 4wUU0h3VOjWI+WCEMZQL0DjcomcbbyuAeOOAJincwGU=
Subject key identifier: 7F:7F:0A:A8:9B:A6:7C:3E:1A:98:E4:24:01:D3:F5:BE:E8:8A:A6:F1
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01938E11C6F1D49D76B3124D76FD2ADFA4E8
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/f38KqJumfD4amOQkAdP1vuiKpvE.roa
Signing time: Tue 03 Dec 2024 19:49:09 +0000
ROA not before: Tue 03 Dec 2024 19:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8e:11:c6:f1:d4:9d:76:b3:12:4d:76:fd:2a:df:a4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Dec 3 19:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f7f0aa89ba67c3e1a98e42401d3f5bee88aa6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:14:06:99:c1:65:f0:84:f7:5d:82:4a:a0:fd:
7c:be:5f:ab:1d:bb:dc:89:4a:83:56:47:52:fe:f3:
bd:25:38:36:10:50:80:05:09:37:e3:8b:87:68:0b:
c8:fa:6c:af:67:2f:da:e9:cb:29:76:77:ca:08:16:
3f:a1:2d:7a:2b:67:2d:14:05:b0:6e:5f:9c:6f:79:
a6:e5:55:4e:97:6c:c2:11:94:84:ab:bb:bf:09:8d:
0f:30:32:12:7f:b5:03:56:15:a6:aa:ac:31:d1:da:
45:ca:23:54:2e:fb:ee:55:d2:83:19:46:88:a0:8d:
70:3d:b7:ab:dc:10:0d:ba:b4:f4:cb:42:b0:88:12:
35:c4:39:76:1d:60:5a:20:cc:4f:78:f5:6f:30:dc:
3d:c9:b5:39:19:13:c2:69:7d:fe:b9:c2:7a:60:71:
04:b3:b4:5c:95:78:f5:3d:cb:a6:5c:31:84:7c:fe:
e8:2c:65:d4:98:17:2e:84:14:e9:8f:c3:82:56:0b:
25:52:fd:06:1f:34:10:a9:6b:d5:f3:77:40:f0:a8:
81:e7:dd:a1:16:62:13:4d:03:6f:89:46:97:32:33:
00:65:44:4c:bb:4e:03:86:9c:73:46:37:14:b4:a3:
7c:8b:c8:6d:c3:08:03:25:a3:c1:c5:74:3f:7e:66:
f3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7F:0A:A8:9B:A6:7C:3E:1A:98:E4:24:01:D3:F5:BE:E8:8A:A6:F1
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/f38KqJumfD4amOQkAdP1vuiKpvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
Signature Algorithm: sha256WithRSAEncryption
94:3c:34:89:96:a6:f7:88:0e:90:8c:00:a8:77:a9:14:aa:4a:
43:72:95:01:6f:50:a6:ef:5a:84:d4:cd:11:7d:04:0b:64:54:
5b:55:81:87:71:78:91:ca:6c:15:e7:d1:82:a8:de:75:f0:09:
43:8f:ec:30:7b:14:d4:9d:9b:3f:29:f8:bb:ca:8a:aa:35:12:
bf:47:0d:6d:db:8e:12:4d:08:e9:3a:b8:c8:11:bf:47:0b:ae:
9d:bb:d4:9d:c6:69:b4:ac:25:b6:d9:c2:cf:46:9d:63:93:08:
3a:a0:64:19:d9:c1:3c:0a:10:8e:31:ca:cc:6a:f1:5e:41:70:
c3:11:e7:90:0a:25:25:18:5b:d6:19:eb:0d:9e:0d:7f:d8:b9:
20:6a:68:3b:04:0b:6e:2d:10:c2:c6:f6:fa:e1:07:a3:e6:08:
8f:32:83:f6:2b:6a:78:a7:ef:72:f4:3e:4a:40:4c:7c:f3:35:
35:ce:a1:cd:8c:c4:f0:8e:53:9a:8a:c3:9a:77:27:e9:9f:66:
b2:18:9b:f7:ee:e0:b1:25:3b:ec:c5:ea:04:87:4e:85:0e:dc:
86:84:be:cc:b5:52:ca:c6:4d:51:21:7b:6e:b6:44:5b:1c:46:
8b:74:66:5f:87:47:d9:71:40:c0:7c:cf:b3:28:a0:d0:db:db:
ae:2c:32:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOOEcbx1J12sxJNdv0q36ToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMjAzMTk0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdmMGFhODliYTY3YzNlMWE5OGU0MjQwMWQzZjViZWU4OGFhNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxQGmcFl8IT3XYJKoP18vl+rHbvc
iUqDVkdS/vO9JTg2EFCABQk344uHaAvI+myvZy/a6cspdnfKCBY/oS16K2ctFAWw
bl+cb3mm5VVOl2zCEZSEq7u/CY0PMDISf7UDVhWmqqwx0dpFyiNULvvuVdKDGUaI
oI1wPber3BANurT0y0KwiBI1xDl2HWBaIMxPePVvMNw9ybU5GRPCaX3+ucJ6YHEE
s7RclXj1PcumXDGEfP7oLGXUmBcuhBTpj8OCVgslUv0GHzQQqWvV83dA8KiB592h
FmITTQNviUaXMjMAZURMu04DhpxzRjcUtKN8i8htwwgDJaPBxXQ/fmbzHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH9/Cqibpnw+GpjkJAHT9b7oiqbxMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZjM4S3FKdW1mRDRhbU9Ra0FkUDF2dWlLcHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCqj5gAwQA
qj5lAwQAqj5pAwQAqj5tMA0GCSqGSIb3DQEBCwUAA4IBAQCUPDSJlqb3iA6QjACo
d6kUqkpDcpUBb1Cm71qE1M0RfQQLZFRbVYGHcXiRymwV59GCqN518AlDj+wwexTU
nZs/Kfi7yoqqNRK/Rw1t244STQjpOrjIEb9HC66du9Sdxmm0rCW22cLPRp1jkwg6
oGQZ2cE8ChCOMcrMavFeQXDDEeeQCiUlGFvWGesNng1/2Lkgamg7BAtuLRDCxvb6
4Qej5giPMoP2K2p4p+9y9D5KQEx88zU1zqHNjMTwjlOaisOadyfpn2ayGJv37uCx
JTvsxeoEh06FDtyGhL7MtVLKxk1RIXtutkRbHEaLdGZfh0fZcUDAfM+zKKDQ29uu
LDIQ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:53 2024 by rpki-client on console.sobornost.net