Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/d28e01-ad19-48e2-9689-e659d1af68fe/1/t3kI7J3n8cKf6fmEEYMGR1-l22E.roa
File: t3kI7J3n8cKf6fmEEYMGR1-l22E.roa (raw, json)
Hash identifier: CHAEQE3Vav/ML9bj0s0UuvA+PPVSPGfBTf7BV/vaUtE=
Subject key identifier: B7:79:08:EC:9D:E7:F1:C2:9F:E9:F9:84:11:83:06:47:5F:A5:DB:61
Certificate issuer: /CN=4568316500ba6538420a9d55c65d9c88dd32a99e
Certificate serial: 01915BFD746776C2B8631B232BE1309CB77D
Authority key identifier: 45:68:31:65:00:BA:65:38:42:0A:9D:55:C6:5D:9C:88:DD:32:A9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWgxZQC6ZThCCp1Vxl2ciN0yqZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/d28e01-ad19-48e2-9689-e659d1af68fe/1/t3kI7J3n8cKf6fmEEYMGR1-l22E.roa
Signing time: Fri 16 Aug 2024 16:20:22 +0000
ROA not before: Fri 16 Aug 2024 16:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12325
IP address blocks: 193.26.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:fd:74:67:76:c2:b8:63:1b:23:2b:e1:30:9c:b7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4568316500ba6538420a9d55c65d9c88dd32a99e
Validity
Not Before: Aug 16 16:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b77908ec9de7f1c29fe9f984118306475fa5db61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:2b:a1:64:32:c5:ff:f4:5e:43:cb:28:5d:
7f:1d:29:39:e0:d1:db:01:a5:bc:d3:a1:6c:7d:6e:
eb:6a:2f:ab:c5:8b:5a:bf:d4:97:8b:f8:6c:bd:77:
0d:49:05:0e:cd:34:be:1c:64:63:eb:e5:89:17:d1:
e6:9d:ac:7a:98:3f:b1:67:d7:49:07:2b:c9:f4:04:
ce:15:58:f9:fa:8d:8e:1a:c4:7e:9c:66:59:ff:ef:
a8:c8:62:de:25:d5:fc:54:49:a1:e5:93:29:e0:5c:
bd:0f:7e:21:63:5a:16:7e:65:ec:ff:77:58:ba:6d:
15:74:13:e7:68:bc:09:55:e0:1e:b8:05:16:7a:95:
ad:c0:81:e7:15:2d:ee:36:d1:62:3d:30:c4:77:1c:
ad:a1:1e:1f:9f:cf:58:63:17:56:59:f5:4d:6d:dd:
5a:f2:41:3e:70:4f:8d:f0:98:18:ad:72:10:10:99:
47:77:71:bc:6f:c7:76:cc:47:3c:3e:06:5b:ca:3d:
d6:8d:30:03:0f:24:79:70:6b:48:6e:14:10:da:34:
f4:0a:ca:d8:ce:f4:16:8d:78:02:b1:37:c0:cf:b9:
ff:b4:26:2e:43:4d:0b:ec:79:c3:2b:66:74:e8:f0:
8e:20:df:83:66:a7:30:b6:60:d5:dd:19:1d:ee:2c:
8c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:79:08:EC:9D:E7:F1:C2:9F:E9:F9:84:11:83:06:47:5F:A5:DB:61
X509v3 Authority Key Identifier:
keyid:45:68:31:65:00:BA:65:38:42:0A:9D:55:C6:5D:9C:88:DD:32:A9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWgxZQC6ZThCCp1Vxl2ciN0yqZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/d28e01-ad19-48e2-9689-e659d1af68fe/1/t3kI7J3n8cKf6fmEEYMGR1-l22E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/d28e01-ad19-48e2-9689-e659d1af68fe/1/RWgxZQC6ZThCCp1Vxl2ciN0yqZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.136.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:e0:cb:c7:b2:8b:7b:de:c7:40:95:44:6f:28:f5:4c:ee:ae:
44:36:c8:40:a6:12:cc:c5:4d:f7:16:36:c0:f4:9c:8e:74:f6:
39:96:4c:28:1f:06:86:11:4f:f2:6b:5d:7a:2d:a8:c2:dd:12:
b6:e3:73:37:4e:8c:07:e5:a6:54:e5:5b:14:e7:c3:7d:3d:01:
9c:03:19:59:62:e7:d6:e5:7c:a4:30:dc:bf:ee:c7:d6:7e:7d:
0c:35:b1:b3:11:64:26:5c:03:a6:85:57:71:97:b8:2e:e9:5d:
c4:28:25:ef:f7:07:05:17:d2:7b:e7:3a:c4:f5:13:21:87:64:
36:3f:46:19:35:e9:b8:1c:c0:db:a5:cc:a4:6c:0b:ae:74:17:
98:cc:a7:a6:c0:ce:7a:52:46:8b:0c:d1:1b:0f:38:44:bd:2c:
4d:a4:66:b0:5e:c1:c2:fe:04:c2:f5:01:a4:a9:20:86:66:ee:
fd:a5:c6:22:24:e3:8e:bc:da:74:28:95:96:b0:9e:9d:95:d7:
a1:1e:2d:e4:6b:09:af:2a:7b:fc:c4:31:90:7a:1c:bd:1b:af:
bb:d5:98:a5:41:8d:36:8f:a2:b7:a8:38:27:25:a4:b3:c0:91:
73:0d:18:5b:2c:31:86:4b:ea:cc:1b:fe:16:62:5b:73:86:1f:
c6:fd:98:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFb/XRndsK4YxsjK+EwnLd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjgzMTY1MDBiYTY1Mzg0MjBhOWQ1NWM2NWQ5Yzg4ZGQz
MmE5OWUwHhcNMjQwODE2MTYyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzc5MDhlYzlkZTdmMWMyOWZlOWY5ODQxMTgzMDY0NzVmYTVkYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPwroWQyxf/0XkPLKF1/HSk54NHb
AaW806FsfW7rai+rxYtav9SXi/hsvXcNSQUOzTS+HGRj6+WJF9Hmnax6mD+xZ9dJ
ByvJ9ATOFVj5+o2OGsR+nGZZ/++oyGLeJdX8VEmh5ZMp4Fy9D34hY1oWfmXs/3dY
um0VdBPnaLwJVeAeuAUWepWtwIHnFS3uNtFiPTDEdxytoR4fn89YYxdWWfVNbd1a
8kE+cE+N8JgYrXIQEJlHd3G8b8d2zEc8PgZbyj3WjTADDyR5cGtIbhQQ2jT0CsrY
zvQWjXgCsTfAz7n/tCYuQ00L7HnDK2Z06PCOIN+DZqcwtmDV3Rkd7iyMGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLd5COyd5/HCn+n5hBGDBkdfpdthMB8GA1UdIwQY
MBaAFEVoMWUAumU4QgqdVcZdnIjdMqmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldneFpRQzZaVGhDQ3AxVnhsMmNpTjB5cVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kMjhlMDEtYWQxOS00OGUyLTk2ODkt
ZTY1OWQxYWY2OGZlLzEvdDNrSTdKM244Y0tmNmZtRUVZTUdSMS1sMjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kMjhlMDEtYWQxOS00OGUyLTk2ODktZTY1OWQxYWY2OGZl
LzEvUldneFpRQzZaVGhDQ3AxVnhsMmNpTjB5cVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRqIMA0G
CSqGSIb3DQEBCwUAA4IBAQB94MvHsot73sdAlURvKPVM7q5ENshAphLMxU33FjbA
9JyOdPY5lkwoHwaGEU/ya116LajC3RK243M3TowH5aZU5VsU58N9PQGcAxlZYufW
5XykMNy/7sfWfn0MNbGzEWQmXAOmhVdxl7gu6V3EKCXv9wcFF9J75zrE9RMhh2Q2
P0YZNem4HMDbpcykbAuudBeYzKemwM56UkaLDNEbDzhEvSxNpGawXsHC/gTC9QGk
qSCGZu79pcYiJOOOvNp0KJWWsJ6dldehHi3kawmvKnv8xDGQehy9G6+71ZilQY02
j6K3qDgnJaSzwJFzDRhbLDGGS+rMG/4WYltzhh/G/ZiX
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:19:03 2024 by rpki-client on console.sobornost.net