Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/CkamBf3CoaX9oVPaqLpbl15L37k.roa
File: CkamBf3CoaX9oVPaqLpbl15L37k.roa (raw, json)
Hash identifier: pTbDSzGIoxzR2WBdtQJ5I+ExlpRAtHYB4ikt0rD9/Bw=
Subject key identifier: 0A:46:A6:05:FD:C2:A1:A5:FD:A1:53:DA:A8:BA:5B:97:5E:4B:DF:B9
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01938BCC6B0E17901A564C93D88A80DF3F2E
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/CkamBf3CoaX9oVPaqLpbl15L37k.roa
Signing time: Tue 03 Dec 2024 09:14:09 +0000
ROA not before: Tue 03 Dec 2024 09:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47147
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.98.0/24 maxlen: 24
152.53.128.0/20 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:cc:6b:0e:17:90:1a:56:4c:93:d8:8a:80:df:3f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Dec 3 09:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a46a605fdc2a1a5fda153daa8ba5b975e4bdfb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f3:37:9e:ac:82:07:f9:8e:ce:b5:c8:78:cb:
7b:89:e8:fc:b0:b2:62:b1:66:60:02:18:13:44:05:
bd:3b:f9:67:d1:c3:d8:41:d7:96:67:85:4d:19:af:
ec:29:c6:37:5b:01:00:5d:40:e7:f6:a1:7d:63:e3:
4f:31:a3:84:5a:a0:01:6e:45:62:54:59:d4:43:2e:
62:27:61:05:c7:55:5e:c9:b3:c1:b9:31:9c:77:91:
78:3a:b5:3e:b7:ce:3e:74:74:75:03:da:d6:ef:06:
5a:02:32:a2:d3:63:6c:d4:b2:88:a5:d5:c6:f3:3f:
af:a3:d2:3f:d0:f8:52:c5:2e:ff:20:11:7f:e6:7c:
fd:43:6f:e2:35:b4:3a:fc:78:7d:7f:f0:20:8a:2f:
1d:ff:cd:6b:e9:b1:88:26:f7:06:f3:4e:7d:91:de:
8f:b6:80:ae:ab:05:99:0f:2b:04:92:a0:57:65:fa:
b7:9a:3c:5d:d2:22:1c:7a:41:b6:d7:d3:56:7e:23:
b0:1f:e4:b7:cb:c6:bb:82:c0:77:f6:20:0e:c4:50:
c3:a7:18:ac:d6:62:cf:c3:d2:49:17:04:d3:bf:c7:
fe:17:cf:a8:55:3f:f3:63:c1:9f:20:77:b6:6b:23:
54:1c:7a:32:18:c5:18:31:8d:84:67:bd:eb:17:78:
40:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:46:A6:05:FD:C2:A1:A5:FD:A1:53:DA:A8:BA:5B:97:5E:4B:DF:B9
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/CkamBf3CoaX9oVPaqLpbl15L37k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:8e:7f:bc:bf:69:be:ec:4d:81:fc:51:c8:f3:35:bd:0a:d9:
15:ad:72:37:42:6b:68:3f:66:2d:a9:04:71:98:2e:70:f9:5e:
1b:86:71:bf:7b:19:68:04:0e:a0:b9:14:9f:17:22:44:c9:86:
32:fb:c3:5f:93:a3:20:aa:3d:16:55:87:55:8d:37:4f:71:4c:
69:52:a4:8d:49:ec:6b:1d:07:69:1c:2c:11:f3:e1:2b:e1:5f:
94:4f:80:6e:37:f9:86:16:e4:d8:a7:49:66:f5:0f:e1:b3:db:
ac:cf:af:f1:13:f4:f6:17:d8:f5:7b:f7:35:cf:5a:7f:e5:79:
3e:6a:e0:d0:e1:9e:3a:3a:02:a7:65:b4:fa:17:72:db:d0:1f:
32:af:2f:83:26:41:8c:85:ac:db:9c:0b:a1:7a:cd:36:d1:0f:
e8:c7:b8:38:57:18:8b:0b:18:ff:1f:09:b5:62:94:e6:66:a6:
87:fa:98:3d:e8:f5:c7:d2:25:11:2e:14:88:30:a8:68:24:57:
81:cb:6e:ab:50:39:2f:62:7b:6b:57:5c:81:73:83:6f:2e:aa:
1f:b9:34:76:18:fa:df:7c:08:19:4d:49:e1:fa:2d:48:5c:40:
f3:d4:47:67:33:73:bf:7a:0d:da:5e:9d:25:67:69:a4:89:8b:
63:5e:5b:96
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZOLzGsOF5AaVkyT2IqA3z8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMjAzMDkxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ2YTYwNWZkYzJhMWE1ZmRhMTUzZGFhOGJhNWI5NzVlNGJkZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPM3nqyCB/mOzrXIeMt7iej8sLJi
sWZgAhgTRAW9O/ln0cPYQdeWZ4VNGa/sKcY3WwEAXUDn9qF9Y+NPMaOEWqABbkVi
VFnUQy5iJ2EFx1VeybPBuTGcd5F4OrU+t84+dHR1A9rW7wZaAjKi02Ns1LKIpdXG
8z+vo9I/0PhSxS7/IBF/5nz9Q2/iNbQ6/Hh9f/Agii8d/81r6bGIJvcG8059kd6P
toCuqwWZDysEkqBXZfq3mjxd0iIcekG219NWfiOwH+S3y8a7gsB39iAOxFDDpxis
1mLPw9JJFwTTv8f+F8+oVT/zY8GfIHe2ayNUHHoyGMUYMY2EZ73rF3hAnwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFApGpgX9wqGl/aFT2qi6W5deS9+5MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvQ2thbUJmM0NvYVg5b1ZQYXFMcGJsMTVMMzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAIOOf7y/ab7sTYH8UcjzNb0K2RWtcjdCa2g/Zi2pBHGY
LnD5XhuGcb97GWgEDqC5FJ8XIkTJhjL7w1+ToyCqPRZVh1WNN09xTGlSpI1J7Gsd
B2kcLBHz4SvhX5RPgG43+YYW5NinSWb1D+Gz26zPr/ET9PYX2PV79zXPWn/leT5q
4NDhnjo6AqdltPoXctvQHzKvL4MmQYyFrNucC6F6zTbRD+jHuDhXGIsLGP8fCbVi
lOZmpof6mD3o9cfSJREuFIgwqGgkV4HLbqtQOS9ie2tXXIFzg28uqh+5NHYY+t98
CBlNSeH6LUhcQPPUR2czc796DdpenSVnaaSJi2NeW5Y=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:14 2024 by rpki-client on console.sobornost.net