Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/_qiZ1EEiVSQNRtoj985ujRG9ZvU.roa
File: _qiZ1EEiVSQNRtoj985ujRG9ZvU.roa (raw, json)
Hash identifier: /Ki07BfX3IK9SzcklOA66KzazlhoL0l1zFcyKvHPagw=
Subject key identifier: FE:A8:99:D4:41:22:55:24:0D:46:DA:23:F7:CE:6E:8D:11:BD:66:F5
Certificate issuer: /CN=34db1bb29a4aea85e19c2892d0c839e2fb945ed0
Certificate serial: 0192BF7B8792BE3102CB765152B05338129D
Authority key identifier: 34:DB:1B:B2:9A:4A:EA:85:E1:9C:28:92:D0:C8:39:E2:FB:94:5E:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNsbsppK6oXhnCiS0Mg54vuUXtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/_qiZ1EEiVSQNRtoj985ujRG9ZvU.roa
Signing time: Thu 24 Oct 2024 17:03:16 +0000
ROA not before: Thu 24 Oct 2024 17:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21256
IP address blocks: 193.109.144.0/22 maxlen: 22
194.187.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:7b:87:92:be:31:02:cb:76:51:52:b0:53:38:12:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34db1bb29a4aea85e19c2892d0c839e2fb945ed0
Validity
Not Before: Oct 24 17:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fea899d4412255240d46da23f7ce6e8d11bd66f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cc:fa:ec:d1:f1:71:b4:ea:1f:b3:1a:cf:66:
18:77:80:c5:57:09:0c:78:2a:b9:c9:34:46:c8:b0:
8b:2d:21:da:0e:90:ef:bc:37:8f:53:d0:75:af:85:
46:16:7d:f4:21:d5:46:a7:d0:af:b8:10:f1:e3:9c:
54:21:fe:87:b3:ba:3e:e6:b8:d2:ed:86:69:14:85:
c2:14:d4:d7:f8:36:b7:b6:a1:0f:0f:44:12:05:4f:
a6:09:b3:ff:3d:66:e4:c9:51:de:96:a4:66:9d:a4:
de:e0:aa:a8:30:ef:e4:9b:20:63:ed:55:63:0a:d4:
2b:a6:ca:4e:55:e0:5f:6d:69:88:15:d2:55:c1:1b:
bd:15:58:2b:03:64:5a:19:01:a4:c3:36:1f:7a:5f:
ff:8e:9c:8a:0f:4a:fc:03:c5:68:8f:5e:24:92:d7:
3b:0c:33:bc:5e:06:7d:67:1f:51:d8:71:3f:4e:36:
59:a2:f0:23:2f:05:d8:21:d8:dd:56:19:82:41:88:
ab:f9:18:86:85:f4:92:bb:30:2a:81:ac:a6:24:ba:
e8:54:9f:87:a0:ce:17:16:b3:f3:2c:dd:82:a6:30:
c8:3a:da:d6:42:c2:f1:ab:ae:66:4f:76:53:41:54:
2c:19:96:49:46:9e:57:c0:58:49:8d:91:79:97:56:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A8:99:D4:41:22:55:24:0D:46:DA:23:F7:CE:6E:8D:11:BD:66:F5
X509v3 Authority Key Identifier:
keyid:34:DB:1B:B2:9A:4A:EA:85:E1:9C:28:92:D0:C8:39:E2:FB:94:5E:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNsbsppK6oXhnCiS0Mg54vuUXtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/_qiZ1EEiVSQNRtoj985ujRG9ZvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/NNsbsppK6oXhnCiS0Mg54vuUXtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.144.0/22
194.187.104.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:1e:7f:2e:09:76:a4:75:3e:44:48:29:70:f7:6d:4a:4e:d8:
82:4d:af:2c:7c:2d:99:46:a6:27:77:26:c0:f1:2a:2b:18:c2:
d3:7f:75:8b:92:13:57:c8:87:9e:b4:e5:e1:64:8a:3f:ec:c7:
54:fb:0e:29:8f:31:81:f7:a9:9d:70:d5:3c:b3:ea:0d:3c:a6:
c2:f0:31:d4:bf:b5:e1:d0:fe:23:70:7f:b6:90:37:22:80:ee:
a9:d4:e1:2e:ea:98:f5:70:9f:49:49:3a:a0:25:41:d4:7e:45:
2e:eb:1d:26:40:ef:c5:d8:46:47:fa:65:40:35:a0:46:83:54:
16:cb:54:49:8c:a8:87:38:eb:2c:24:6a:63:05:5d:41:83:ca:
95:fe:63:16:eb:a6:49:78:ff:0e:d5:32:a3:75:68:82:9a:a1:
30:72:8e:c8:ba:68:f2:87:f4:ce:c8:7d:f3:69:28:91:8c:a4:
1b:7f:ec:6c:c7:cf:2f:56:43:a5:d0:46:36:6f:e5:1f:35:84:
cf:2d:9d:eb:34:8f:1d:c7:70:f5:a2:4e:e3:a9:8f:19:d7:ee:
16:53:1a:7d:5e:65:d0:b8:4d:ed:ed:eb:fd:ec:09:55:05:26:
3c:c9:63:ff:35:fa:65:b9:73:e8:87:a5:d9:ff:e3:38:ac:eb:
26:6e:bc:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK/e4eSvjECy3ZRUrBTOBKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGIxYmIyOWE0YWVhODVlMTljMjg5MmQwYzgzOWUyZmI5
NDVlZDAwHhcNMjQxMDI0MTcwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWE4OTlkNDQxMjI1NTI0MGQ0NmRhMjNmN2NlNmU4ZDExYmQ2NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cz67NHxcbTqH7Maz2YYd4DFVwkM
eCq5yTRGyLCLLSHaDpDvvDePU9B1r4VGFn30IdVGp9CvuBDx45xUIf6Hs7o+5rjS
7YZpFIXCFNTX+Da3tqEPD0QSBU+mCbP/PWbkyVHelqRmnaTe4KqoMO/kmyBj7VVj
CtQrpspOVeBfbWmIFdJVwRu9FVgrA2RaGQGkwzYfel//jpyKD0r8A8Voj14kktc7
DDO8XgZ9Zx9R2HE/TjZZovAjLwXYIdjdVhmCQYir+RiGhfSSuzAqgaymJLroVJ+H
oM4XFrPzLN2CpjDIOtrWQsLxq65mT3ZTQVQsGZZJRp5XwFhJjZF5l1YjbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP6omdRBIlUkDUbaI/fObo0RvWb1MB8GA1UdIwQY
MBaAFDTbG7KaSuqF4ZwoktDIOeL7lF7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5zYnNwcEs2b1hobkNpUzBNZzU0dnVVWHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZGI4ZDItNmIxMS00ZDE5LThlOGQt
NTJhMTA0MjViMTM2LzEvX3FpWjFFRWlWU1FOUnRvajk4NXVqUkc5WnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZGI4ZDItNmIxMS00ZDE5LThlOGQtNTJhMTA0MjViMTM2
LzEvTk5zYnNwcEs2b1hobkNpUzBNZzU0dnVVWHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwW2QAwQC
wrtoMA0GCSqGSIb3DQEBCwUAA4IBAQB8Hn8uCXakdT5ESClw921KTtiCTa8sfC2Z
RqYndybA8SorGMLTf3WLkhNXyIeetOXhZIo/7MdU+w4pjzGB96mdcNU8s+oNPKbC
8DHUv7Xh0P4jcH+2kDcigO6p1OEu6pj1cJ9JSTqgJUHUfkUu6x0mQO/F2EZH+mVA
NaBGg1QWy1RJjKiHOOssJGpjBV1Bg8qV/mMW66ZJeP8O1TKjdWiCmqEwco7Iumjy
h/TOyH3zaSiRjKQbf+xsx88vVkOl0EY2b+UfNYTPLZ3rNI8dx3D1ok7jqY8Z1+4W
Uxp9XmXQuE3t7ev97AlVBSY8yWP/NfpluXPoh6XZ/+M4rOsmbrxc
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:17 2024 by rpki-client on console.sobornost.net