Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/Jck5l0hhNCXG0UNmisEkVwh9wt4.roa
File: Jck5l0hhNCXG0UNmisEkVwh9wt4.roa (raw, json)
Hash identifier: COQwqQQ8RfIi9NFJsR1LEsndVxDjXYREePIGgVDAiZs=
Subject key identifier: 25:C9:39:97:48:61:34:25:C6:D1:43:66:8A:C1:24:57:08:7D:C2:DE
Certificate issuer: /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Certificate serial: 019197D4475F4D538C56628A7263827972DE
Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/Jck5l0hhNCXG0UNmisEkVwh9wt4.roa
Signing time: Wed 28 Aug 2024 07:12:37 +0000
ROA not before: Wed 28 Aug 2024 07:12:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 217.18.0.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:d4:47:5f:4d:53:8c:56:62:8a:72:63:82:79:72:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Validity
Not Before: Aug 28 07:12:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25c9399748613425c6d143668ac12457087dc2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1f:6d:73:e5:a6:d6:3e:23:2e:49:48:1f:98:
6a:87:1d:99:b3:a2:73:60:85:cc:28:fc:be:5f:d1:
02:cd:66:f2:7d:d7:20:dd:07:52:5c:11:ef:d4:7f:
08:37:a7:99:de:30:83:63:5b:a9:ea:ef:b0:f1:4a:
b4:fc:d6:15:dd:74:1d:5d:9a:e5:df:23:3e:23:56:
66:14:0b:f2:8d:8e:54:77:2f:33:a3:ea:9f:4d:ee:
85:59:d5:71:a0:03:dd:0d:6d:ae:31:eb:4e:b5:35:
88:b3:99:ec:17:f1:d7:03:4d:5c:0a:96:00:3e:a6:
6b:e7:b0:77:be:c1:10:12:db:45:87:74:04:67:8c:
aa:af:82:61:1c:50:e2:fa:bf:a5:5b:6d:8b:d6:a2:
68:7f:21:11:04:b6:42:51:78:b8:48:dc:a5:55:bf:
df:ad:36:98:8c:d7:88:90:a0:a3:d6:5b:1f:5d:78:
0c:92:d2:a8:a7:f1:78:87:b2:33:a8:49:a4:72:2e:
50:81:60:f6:9b:27:c4:35:c7:c4:0a:f9:c1:79:b2:
60:d5:a2:e3:94:fd:dd:9a:5c:9d:3d:9b:fa:48:03:
73:16:df:5d:35:0b:a3:24:e7:c0:65:59:a7:ef:0c:
51:c8:9f:ba:de:6a:08:78:aa:7c:5b:3c:69:dc:c4:
11:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C9:39:97:48:61:34:25:C6:D1:43:66:8A:C1:24:57:08:7D:C2:DE
X509v3 Authority Key Identifier:
keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/Jck5l0hhNCXG0UNmisEkVwh9wt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.0.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:3c:f4:10:c6:86:42:d7:9a:89:bd:cd:5d:f9:a0:f8:44:b5:
ac:63:45:d7:6e:6f:63:c7:6d:5a:f3:70:00:74:4d:81:f4:cb:
5c:09:73:ea:7f:18:15:87:58:72:56:d1:67:59:f0:14:df:a2:
f7:45:b1:f7:a2:52:8f:6d:26:45:75:1e:e6:2f:af:d6:65:6a:
73:e7:38:6c:68:39:82:31:9d:58:d3:a1:b3:26:17:73:2b:9c:
79:3b:9c:ff:05:c1:14:09:3b:6e:eb:d9:15:f9:e9:95:6b:2f:
3e:7a:e0:57:ed:c5:ff:46:5e:de:5e:24:e6:79:7c:a2:95:d9:
dc:bb:9f:77:ee:0c:b4:69:48:46:2e:2d:50:ae:60:3a:e1:4d:
67:8b:b7:02:0d:62:ce:ea:cc:8d:13:ae:44:37:de:fc:21:14:
c4:a6:d0:af:56:7e:94:ad:62:c7:1c:f9:af:93:5a:c2:98:3b:
9b:8f:be:59:b3:9c:19:0a:61:3b:fe:ac:68:d1:74:42:d9:c7:
17:d3:d7:66:99:4e:1c:8f:d2:e5:8e:cc:1a:b1:c6:8e:e2:55:
1a:6f:96:c2:8d:36:ff:bf:82:84:3a:a5:f8:58:f5:6e:b4:93:
4b:08:5c:82:17:97:58:c1:7a:31:b9:b5:58:bf:b3:44:27:0a:
0f:ee:95:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGX1EdfTVOMVmKKcmOCeXLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5
NzZhMmIwHhcNMjQwODI4MDcxMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM5Mzk5NzQ4NjEzNDI1YzZkMTQzNjY4YWMxMjQ1NzA4N2RjMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB9tc+Wm1j4jLklIH5hqhx2Zs6Jz
YIXMKPy+X9ECzWbyfdcg3QdSXBHv1H8IN6eZ3jCDY1up6u+w8Uq0/NYV3XQdXZrl
3yM+I1ZmFAvyjY5Udy8zo+qfTe6FWdVxoAPdDW2uMetOtTWIs5nsF/HXA01cCpYA
PqZr57B3vsEQEttFh3QEZ4yqr4JhHFDi+r+lW22L1qJofyERBLZCUXi4SNylVb/f
rTaYjNeIkKCj1lsfXXgMktKop/F4h7IzqEmkci5QgWD2myfENcfECvnBebJg1aLj
lP3dmlydPZv6SANzFt9dNQujJOfAZVmn7wxRyJ+63moIeKp8Wzxp3MQRgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXJOZdIYTQlxtFDZorBJFcIfcLeMB8GA1UdIwQY
MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt
MWQ1MWM0NjhkNTU2LzEvSmNrNWwwaGhOQ1hHMFVObWlzRWtWd2g5d3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2
LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RIAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOPPQQxoZC15qJvc1d+aD4RLWsY0XXbm9jx21a83AA
dE2B9MtcCXPqfxgVh1hyVtFnWfAU36L3RbH3olKPbSZFdR7mL6/WZWpz5zhsaDmC
MZ1Y06GzJhdzK5x5O5z/BcEUCTtu69kV+emVay8+euBX7cX/Rl7eXiTmeXyildnc
u5937gy0aUhGLi1QrmA64U1ni7cCDWLO6syNE65EN978IRTEptCvVn6UrWLHHPmv
k1rCmDubj75Zs5wZCmE7/qxo0XRC2ccX09dmmU4cj9LljswascaO4lUab5bCjTb/
v4KEOqX4WPVutJNLCFyCF5dYwXoxubVYv7NEJwoP7pU3
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:06 2024 by rpki-client on console.sobornost.net