Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/Nkzflt3ApEgwQpUXtIsgkGaRPS8.roa
File: Nkzflt3ApEgwQpUXtIsgkGaRPS8.roa (raw, json)
Hash identifier: ie+4GxncL7+l/pgspE+wQtNMTUS4TaMK7mA21ZHWAJI=
Subject key identifier: 36:4C:DF:96:DD:C0:A4:48:30:42:95:17:B4:8B:20:90:66:91:3D:2F
Certificate issuer: /CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Certificate serial: 01904A190E4D2214A2FDDD30465D777A48DB
Authority key identifier: 4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/Nkzflt3ApEgwQpUXtIsgkGaRPS8.roa
Signing time: Mon 24 Jun 2024 11:54:34 +0000
ROA not before: Mon 24 Jun 2024 11:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41023
IP address blocks: 5.102.64.0/23 maxlen: 23
5.102.66.0/23 maxlen: 23
5.102.68.0/22 maxlen: 22
5.102.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:19:0e:4d:22:14:a2:fd:dd:30:46:5d:77:7a:48:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Validity
Not Before: Jun 24 11:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=364cdf96ddc0a44830429517b48b209066913d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:ef:f8:90:fc:60:98:67:18:d9:5d:a3:41:
f2:1a:8a:db:f4:77:5e:fd:0f:fe:ae:97:82:e2:6b:
fb:1c:5d:4d:dd:c0:2b:b4:b1:c2:4d:1e:46:9f:1d:
57:61:02:f8:ea:f5:bd:a7:cb:66:0e:80:3a:dc:be:
d0:df:00:07:b4:33:37:22:80:3a:3d:eb:37:64:87:
bb:47:ec:46:ea:13:f3:57:cf:7a:0a:40:36:35:ec:
ca:92:dd:9b:4e:39:dd:39:99:78:8e:05:1d:45:df:
2b:7b:d3:12:16:e6:50:42:49:5c:ed:1d:49:03:cb:
6c:91:fa:a9:db:ad:9b:4a:b1:46:1a:0e:55:6b:e6:
e3:1d:e8:d1:7b:65:cc:2c:5c:29:6d:80:ce:5c:40:
77:64:48:5b:26:be:b8:77:8f:fd:da:79:74:26:f7:
48:3f:d1:12:a4:2a:78:d7:fe:65:ee:a3:8d:ec:bc:
68:f1:a0:b3:33:13:f3:24:e4:09:d6:8a:16:84:3e:
5f:4a:1f:c7:cd:7d:eb:85:ca:2f:34:b9:ee:0a:f5:
1a:68:ee:4e:20:41:6a:a5:22:40:cb:1d:ae:84:15:
31:1d:ec:04:11:2e:1f:28:5b:70:d8:7c:40:ce:68:
3e:a3:73:e7:eb:69:87:2f:b2:5a:4f:27:ad:6c:b0:
7f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4C:DF:96:DD:C0:A4:48:30:42:95:17:B4:8B:20:90:66:91:3D:2F
X509v3 Authority Key Identifier:
keyid:4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/Nkzflt3ApEgwQpUXtIsgkGaRPS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/TtaClltaFeoMReqF7z20vnFnlpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.64.0/21
Signature Algorithm: sha256WithRSAEncryption
80:a7:6a:7f:03:fe:ee:d9:0e:06:58:22:53:23:45:1d:62:7d:
60:34:e4:80:12:7d:9d:8b:0b:7a:e7:77:a0:a3:ac:96:cd:67:
bd:00:71:fc:a5:7d:a4:88:36:5b:b5:c8:f4:aa:5b:35:41:10:
ca:d6:27:e2:3d:17:77:1b:46:2c:f0:4a:ea:0a:ff:2a:83:fd:
b7:56:58:21:93:28:43:8a:d0:81:24:90:78:ad:86:24:c2:26:
a4:b3:fb:7c:f9:69:28:ed:7f:37:da:3e:f3:92:6d:24:94:ad:
71:91:be:a5:13:e9:80:05:df:d8:37:1f:bf:fa:46:b2:18:cc:
51:02:83:c1:6d:05:61:a2:0e:33:0a:63:20:d0:ad:a0:c3:59:
5e:25:43:f2:05:24:1a:77:72:33:33:06:03:84:9f:2e:40:25:
02:e6:7a:6d:cc:24:72:bc:e9:22:1f:27:4c:e7:f7:06:14:b5:
4f:ff:3c:b0:6a:ae:f0:a2:3f:da:4d:c5:de:c7:fa:f5:15:85:
55:8e:62:8b:02:3b:1f:fb:9e:28:70:8f:37:8e:68:7c:95:2e:
5a:34:71:40:83:71:8e:22:64:66:dc:2a:ca:6e:2c:c3:17:96:
ae:54:d5:eb:04:93:5e:88:24:cb:4e:aa:88:33:2d:8a:44:a0:
fd:3a:52:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBKGQ5NIhSi/d0wRl13ekjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDY4Mjk2NWI1YTE1ZWEwYzQ1ZWE4NWVmM2RiNGJlNzE2
Nzk2OTYwHhcNMjQwNjI0MTE1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRjZGY5NmRkYzBhNDQ4MzA0Mjk1MTdiNDhiMjA5MDY2OTEzZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIzv+JD8YJhnGNldo0HyGorb9Hde
/Q/+rpeC4mv7HF1N3cArtLHCTR5Gnx1XYQL46vW9p8tmDoA63L7Q3wAHtDM3IoA6
Pes3ZIe7R+xG6hPzV896CkA2NezKkt2bTjndOZl4jgUdRd8re9MSFuZQQklc7R1J
A8tskfqp262bSrFGGg5Va+bjHejRe2XMLFwpbYDOXEB3ZEhbJr64d4/92nl0JvdI
P9ESpCp41/5l7qON7Lxo8aCzMxPzJOQJ1ooWhD5fSh/HzX3rhcovNLnuCvUaaO5O
IEFqpSJAyx2uhBUxHewEES4fKFtw2HxAzmg+o3Pn62mHL7JaTyetbLB/XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZM35bdwKRIMEKVF7SLIJBmkT0vMB8GA1UdIwQY
MBaAFE7WgpZbWhXqDEXqhe89tL5xZ5aWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYt
MTMzZTdlNmY2MDY5LzEvTmt6Zmx0M0FwRWd3UXBVWHRJc2drR2FSUFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYtMTMzZTdlNmY2MDY5
LzEvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBWZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCAp2p/A/7u2Q4GWCJTI0UdYn1gNOSAEn2diwt653eg
o6yWzWe9AHH8pX2kiDZbtcj0qls1QRDK1ifiPRd3G0Ys8ErqCv8qg/23VlghkyhD
itCBJJB4rYYkwiaks/t8+Wko7X832j7zkm0klK1xkb6lE+mABd/YNx+/+kayGMxR
AoPBbQVhog4zCmMg0K2gw1leJUPyBSQad3IzMwYDhJ8uQCUC5nptzCRyvOkiHydM
5/cGFLVP/zywaq7woj/aTcXex/r1FYVVjmKLAjsf+54ocI83jmh8lS5aNHFAg3GO
ImRm3CrKbizDF5auVNXrBJNeiCTLTqqIMy2KRKD9OlKB
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:54 2024 by rpki-client on console.sobornost.net