Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/u5Yj7oyXI4qvBjbxgtzlODQkogg.roa
File: u5Yj7oyXI4qvBjbxgtzlODQkogg.roa (raw, json)
Hash identifier: rDeTJ+dodsHpnjSYH8Tu5IF78etZ/GpO7qMEBIebRTw=
Subject key identifier: BB:96:23:EE:8C:97:23:8A:AF:06:36:F1:82:DC:E5:38:34:24:A2:08
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 0190BACCFECDFC9768200D71090331CC8A26
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/u5Yj7oyXI4qvBjbxgtzlODQkogg.roa
Signing time: Tue 16 Jul 2024 09:08:34 +0000
ROA not before: Tue 16 Jul 2024 09:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41540
IP address blocks: 31.172.143.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.190.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:cc:fe:cd:fc:97:68:20:0d:71:09:03:31:cc:8a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jul 16 09:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb9623ee8c97238aaf0636f182dce5383424a208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:30:0b:ee:48:c3:33:be:33:d5:a1:90:c4:de:
4b:e9:e0:c7:22:27:ac:2c:97:dc:fa:b3:36:d5:46:
47:d4:23:87:db:53:00:1c:40:23:71:6b:b3:fd:65:
3a:b5:0e:95:dd:6f:67:4a:0f:d0:2a:31:1d:3c:57:
e7:9e:8d:28:37:08:ce:cf:5c:e4:38:02:63:53:57:
0f:b0:6e:ee:31:21:1d:4b:61:a1:73:4a:f5:72:dc:
82:6a:ad:33:88:29:e8:aa:63:23:65:89:95:fe:fa:
c1:60:98:57:20:ca:b1:81:b7:39:65:e5:3e:61:82:
3f:ab:cc:bc:a4:ac:b7:b1:87:09:48:f8:55:28:7e:
ec:95:6a:35:63:75:17:ca:dd:d0:4e:1d:7b:27:7e:
5c:29:a1:10:9a:7b:43:6d:22:4f:e7:e3:14:83:c0:
f3:c9:24:38:9c:7c:9d:bb:b4:52:04:55:ac:08:da:
c3:f7:da:02:b9:f8:a1:58:c4:0c:80:d8:57:59:8d:
d4:ca:89:e0:76:be:e2:1b:fb:57:66:b2:a9:80:f0:
52:30:1e:b8:bd:67:29:03:db:a1:c8:b7:b6:37:b4:
cd:e0:a7:e1:84:e7:f0:19:77:e2:93:7e:fb:fc:43:
a1:58:77:28:f1:60:84:cf:45:eb:38:9f:9a:78:3e:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:96:23:EE:8C:97:23:8A:AF:06:36:F1:82:DC:E5:38:34:24:A2:08
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/u5Yj7oyXI4qvBjbxgtzlODQkogg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.143.0/24
91.231.127.0/24
92.60.190.0/23
Signature Algorithm: sha256WithRSAEncryption
99:ab:79:c8:e7:49:64:17:ba:2f:a3:b4:84:de:28:d2:cf:ad:
3a:67:8e:7d:7f:ea:ec:b6:39:0c:50:6a:ac:6b:27:31:a7:c7:
8c:6c:c9:b0:cb:e9:9e:3a:4e:4b:e1:3b:45:43:e5:e1:bb:38:
e7:64:9a:bb:ea:2d:98:60:62:69:86:bb:b6:5b:77:67:1d:55:
56:1d:73:8d:6b:dc:91:e5:ef:f6:d9:2f:92:35:63:18:f1:68:
f5:07:f2:11:1c:d0:6e:86:17:6a:44:1e:ba:8e:4e:83:34:96:
a8:a7:f7:64:93:eb:1d:53:76:a4:e0:b6:e0:2c:58:82:2c:e5:
c4:6e:61:b2:4a:8e:92:78:0b:38:32:62:47:ac:55:d0:a7:b2:
f8:70:4c:25:5e:2a:d9:86:f4:6b:26:ec:4e:eb:ba:fc:9c:17:
76:90:69:ba:3c:e8:0c:5d:dc:60:1c:97:41:2d:ac:b1:0b:22:
4d:e4:dc:91:53:f9:99:34:97:6f:dc:1e:86:1d:0e:59:2a:a4:
ba:c7:54:62:7e:c2:47:48:16:65:20:b6:4d:15:65:9b:3f:51:
c0:c2:90:d2:06:34:7a:6a:9d:47:6d:48:2b:44:45:f4:33:ac:
76:0d:33:7e:71:7d:bb:50:7f:29:1b:cd:26:53:d1:cc:2c:b5:
7f:f0:21:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC6zP7N/JdoIA1xCQMxzIomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwNzE2MDkwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk2MjNlZThjOTcyMzhhYWYwNjM2ZjE4MmRjZTUzODM0MjRhMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TAL7kjDM74z1aGQxN5L6eDHIies
LJfc+rM21UZH1COH21MAHEAjcWuz/WU6tQ6V3W9nSg/QKjEdPFfnno0oNwjOz1zk
OAJjU1cPsG7uMSEdS2Ghc0r1ctyCaq0ziCnoqmMjZYmV/vrBYJhXIMqxgbc5ZeU+
YYI/q8y8pKy3sYcJSPhVKH7slWo1Y3UXyt3QTh17J35cKaEQmntDbSJP5+MUg8Dz
ySQ4nHydu7RSBFWsCNrD99oCufihWMQMgNhXWY3Uyongdr7iG/tXZrKpgPBSMB64
vWcpA9uhyLe2N7TN4KfhhOfwGXfik377/EOhWHco8WCEz0XrOJ+aeD4BcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuWI+6MlyOKrwY28YLc5Tg0JKIIMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvdTVZajdveVhJNHF2QmpieGd0emxPRFFrb2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6yPAwQA
W+d/AwQBXDy+MA0GCSqGSIb3DQEBCwUAA4IBAQCZq3nI50lkF7ovo7SE3ijSz606
Z459f+rstjkMUGqsaycxp8eMbMmwy+meOk5L4TtFQ+XhuzjnZJq76i2YYGJphru2
W3dnHVVWHXONa9yR5e/22S+SNWMY8Wj1B/IRHNBuhhdqRB66jk6DNJaop/dkk+sd
U3ak4LbgLFiCLOXEbmGySo6SeAs4MmJHrFXQp7L4cEwlXirZhvRrJuxO67r8nBd2
kGm6POgMXdxgHJdBLayxCyJN5NyRU/mZNJdv3B6GHQ5ZKqS6x1RifsJHSBZlILZN
FWWbP1HAwpDSBjR6ap1HbUgrREX0M6x2DTN+cX27UH8pG80mU9HMLLV/8CGB
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:47:52 2024 by rpki-client on console.sobornost.net