Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/fw-G3SOOifs33sTSpPVc9AkrtiE.roa
File: fw-G3SOOifs33sTSpPVc9AkrtiE.roa (raw, json)
Hash identifier: wpsHzGTPZ7RSq828/W3OPfuYRbsN+2B5AtCzetzP8No=
Subject key identifier: 7F:0F:86:DD:23:8E:89:FB:37:DE:C4:D2:A4:F5:5C:F4:09:2B:B6:21
Certificate issuer: /CN=c5f9f50ca1c34a3be610048d138af3c0753af92b
Certificate serial: 0193ABBC4473BE2F2EA34328C89D3AB6B7CC
Authority key identifier: C5:F9:F5:0C:A1:C3:4A:3B:E6:10:04:8D:13:8A:F3:C0:75:3A:F9:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xfn1DKHDSjvmEASNE4rzwHU6-Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/fw-G3SOOifs33sTSpPVc9AkrtiE.roa
Signing time: Mon 09 Dec 2024 14:04:22 +0000
ROA not before: Mon 09 Dec 2024 14:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 128.65.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:bc:44:73:be:2f:2e:a3:43:28:c8:9d:3a:b6:b7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5f9f50ca1c34a3be610048d138af3c0753af92b
Validity
Not Before: Dec 9 14:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f0f86dd238e89fb37dec4d2a4f55cf4092bb621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:0a:2d:0a:8f:d5:09:49:d7:de:17:e1:07:
4b:6e:dc:7e:5f:ca:7e:a1:f7:fb:5e:50:c1:db:3f:
f6:b2:e8:0f:67:5e:f6:e8:56:31:b3:85:e8:69:76:
e0:1f:b1:7f:23:26:2a:5a:b1:60:e9:54:94:58:a8:
6f:e0:b8:df:2a:f1:c3:d3:d1:d0:f0:ca:62:42:b5:
b9:10:37:36:37:0d:9f:b3:89:8a:4f:ff:c9:da:97:
0f:48:8f:44:fa:5a:54:31:e7:78:27:55:bd:ff:14:
a0:5a:3b:55:1d:b8:f9:15:c1:36:5a:60:26:be:4b:
c5:89:fb:22:8e:6e:ed:40:9b:ff:0d:51:40:73:ed:
ba:83:03:25:66:f4:b7:a5:0b:85:46:b1:cc:2e:12:
77:91:ac:85:31:56:7e:fe:01:4c:7a:14:80:e6:aa:
3c:4b:78:de:5b:de:28:2a:80:f2:bb:4a:4d:ac:c2:
03:2c:6a:dc:c9:c3:7d:e7:75:14:f8:7c:c5:eb:32:
61:59:9f:a3:15:10:e5:9f:be:83:9e:d9:4d:5d:aa:
f3:4f:fb:38:ca:35:2b:30:37:db:a0:e9:41:a2:d2:
df:68:69:46:fe:18:32:f3:ac:30:2c:65:6b:56:e3:
95:36:f3:35:26:65:4b:d5:ef:d1:01:09:63:93:64:
77:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0F:86:DD:23:8E:89:FB:37:DE:C4:D2:A4:F5:5C:F4:09:2B:B6:21
X509v3 Authority Key Identifier:
keyid:C5:F9:F5:0C:A1:C3:4A:3B:E6:10:04:8D:13:8A:F3:C0:75:3A:F9:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfn1DKHDSjvmEASNE4rzwHU6-Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/fw-G3SOOifs33sTSpPVc9AkrtiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/xfn1DKHDSjvmEASNE4rzwHU6-Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:03:f7:57:06:c5:12:54:23:40:0a:c4:a5:9c:00:3d:e4:9a:
5d:88:95:ce:0f:a7:22:19:bf:27:a1:40:af:2a:de:6d:95:39:
11:8e:3b:fb:10:7e:59:2d:06:1f:66:2e:72:90:c0:77:8e:f2:
9e:aa:06:e1:bf:78:5c:a5:04:f1:d9:1c:ed:c5:2b:e9:be:6c:
0e:89:5e:10:96:a8:e2:3b:73:e6:97:38:02:2b:cc:c6:03:2e:
43:46:6e:3d:dc:c1:b0:0c:94:ee:8a:e2:cb:4c:77:10:a3:05:
90:41:19:9e:a2:7c:d7:35:f2:ba:eb:ac:62:4a:37:f0:6c:8c:
7a:9a:db:24:de:67:fc:bc:64:07:45:3f:22:ba:4f:86:c5:3a:
d4:ed:8c:c9:aa:17:58:3d:97:b3:67:0b:92:56:53:08:75:1b:
b6:63:be:c7:2d:4c:5e:3a:77:46:1f:60:0e:b7:2f:90:87:25:
32:68:c4:b4:07:ae:17:65:1a:2c:cd:77:5f:e4:fb:60:a2:6a:
72:be:94:e7:4b:30:58:2f:b6:d6:09:4e:f3:5b:bf:f4:e9:a1:
7c:47:56:c4:02:1b:09:1a:52:de:65:7c:ee:7d:c3:6d:ef:a9:
df:f4:1e:e8:72:d4:f5:6b:b2:79:1a:2d:e7:f4:a0:6f:fd:7a:
f0:3d:5d:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOrvERzvi8uo0MoyJ06trfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZjlmNTBjYTFjMzRhM2JlNjEwMDQ4ZDEzOGFmM2MwNzUz
YWY5MmIwHhcNMjQxMjA5MTQwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBmODZkZDIzOGU4OWZiMzdkZWM0ZDJhNGY1NWNmNDA5MmJiNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrcKLQqP1QlJ194X4QdLbtx+X8p+
off7XlDB2z/2sugPZ1726FYxs4XoaXbgH7F/IyYqWrFg6VSUWKhv4LjfKvHD09HQ
8MpiQrW5EDc2Nw2fs4mKT//J2pcPSI9E+lpUMed4J1W9/xSgWjtVHbj5FcE2WmAm
vkvFifsijm7tQJv/DVFAc+26gwMlZvS3pQuFRrHMLhJ3kayFMVZ+/gFMehSA5qo8
S3jeW94oKoDyu0pNrMIDLGrcycN953UU+HzF6zJhWZ+jFRDln76DntlNXarzT/s4
yjUrMDfboOlBotLfaGlG/hgy86wwLGVrVuOVNvM1JmVL1e/RAQljk2R34QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8Pht0jjon7N97E0qT1XPQJK7YhMB8GA1UdIwQY
MBaAFMX59Qyhw0o75hAEjROK88B1OvkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGZuMURLSERTanZtRUFTTkU0cnp3SFU2LVNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mMjE5NmEtMzg5ZS00Y2NlLTgxNzEt
OTBhZDBjYWRmZjc5LzEvZnctRzNTT09pZnMzM3NUU3BQVmM5QWtydGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mMjE5NmEtMzg5ZS00Y2NlLTgxNzEtOTBhZDBjYWRmZjc5
LzEveGZuMURLSERTanZtRUFTTkU0cnp3SFU2LVNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgEGkMA0G
CSqGSIb3DQEBCwUAA4IBAQDXA/dXBsUSVCNACsSlnAA95JpdiJXOD6ciGb8noUCv
Kt5tlTkRjjv7EH5ZLQYfZi5ykMB3jvKeqgbhv3hcpQTx2RztxSvpvmwOiV4Qlqji
O3PmlzgCK8zGAy5DRm493MGwDJTuiuLLTHcQowWQQRmeonzXNfK666xiSjfwbIx6
mtsk3mf8vGQHRT8iuk+GxTrU7YzJqhdYPZezZwuSVlMIdRu2Y77HLUxeOndGH2AO
ty+QhyUyaMS0B64XZRoszXdf5PtgompyvpTnSzBYL7bWCU7zW7/06aF8R1bEAhsJ
GlLeZXzufcNt76nf9B7octT1a7J5Gi3n9KBv/XrwPV2R
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:06 2024 by rpki-client on console.sobornost.net