Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1-5cQWjC1sKMrt971P91YYszKP-o.roa
File: 1-5cQWjC1sKMrt971P91YYszKP-o.roa (raw, json)
Hash identifier: 4ToTcaAf508AyEqhvY0l5ROKQaOs1ztgK20yhPm+4cU=
Subject key identifier: FB:97:10:5A:30:B5:B0:A3:2B:B7:DE:F5:3F:DD:58:62:CC:CA:3F:EA
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0193207FDA00A35290EE28E18A36F1FFD281
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1-5cQWjC1sKMrt971P91YYszKP-o.roa
Signing time: Tue 12 Nov 2024 13:11:09 +0000
ROA not before: Tue 12 Nov 2024 13:11:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397368
IP address blocks: 176.116.4.0/24 maxlen: 24
217.114.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:7f:da:00:a3:52:90:ee:28:e1:8a:36:f1:ff:d2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Nov 12 13:11:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb97105a30b5b0a32bb7def53fdd5862ccca3fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bc:94:2d:d0:ea:eb:ec:13:50:e7:ed:ad:ed:
ca:70:6c:e1:56:f0:3e:95:29:d1:b7:0a:93:3f:ba:
bb:32:d2:72:8e:56:a9:7d:a1:8a:cd:c0:f0:0d:b6:
b7:18:5f:9a:f6:ee:8a:13:b6:57:6f:c4:9a:f7:0d:
4d:d3:97:41:cb:52:a7:99:f9:22:ef:f6:2e:0f:78:
af:8f:51:f1:d8:08:21:fe:64:b5:8e:7a:df:ab:01:
9c:14:a8:56:7e:bf:fb:ac:2d:66:b7:45:3b:45:e8:
7b:d5:c7:50:d3:4e:82:2b:e8:3c:ec:3e:c8:52:f8:
72:32:c4:f8:cd:2b:fd:b8:5b:5d:c1:7d:01:af:86:
12:f7:4a:78:c9:66:eb:19:16:65:d0:21:04:7e:88:
1d:de:5a:85:f3:b4:4d:21:12:47:08:98:cb:67:c7:
bf:8a:e0:39:9a:84:ff:20:cb:6e:f7:e5:d2:4f:82:
86:e4:1b:42:7c:33:9c:d3:f0:5f:06:72:95:71:0d:
48:56:f3:d7:ca:20:52:19:24:e7:5c:8b:36:b2:1e:
64:39:0f:d6:13:06:c5:28:f2:0a:01:16:2f:34:06:
d0:c7:3b:85:67:56:28:2a:5a:58:42:db:82:1d:b8:
18:86:b9:e2:e0:57:fa:43:2e:34:e5:0c:91:30:ac:
7a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:97:10:5A:30:B5:B0:A3:2B:B7:DE:F5:3F:DD:58:62:CC:CA:3F:EA
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1-5cQWjC1sKMrt971P91YYszKP-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.4.0/24
217.114.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:82:ee:89:b5:53:f0:76:28:d7:52:6e:57:d3:e3:d4:58:9b:
25:f1:5b:46:1c:08:95:9f:0d:17:71:de:87:74:c5:c5:58:4e:
98:24:c9:17:10:32:cc:79:62:0a:a0:fe:4b:5e:01:7a:86:cc:
5d:6c:6b:20:69:76:e2:5e:d3:18:33:e9:24:55:3d:08:06:5f:
16:88:60:6c:03:ae:99:97:ea:e7:ef:b8:5c:0f:2c:78:3f:79:
9b:0b:d2:93:f2:0b:6c:a3:0c:fc:0e:67:42:8d:be:86:50:0a:
83:e3:d0:00:c4:06:5a:eb:fd:f3:c0:51:3b:a1:f8:fe:e1:2a:
b5:81:20:f4:a1:43:38:ff:47:af:7b:80:6e:c7:1e:97:0e:7a:
a4:62:11:35:10:89:f2:ba:e2:fe:db:16:10:bd:81:8b:f7:88:
20:d6:03:65:cd:a1:26:44:9b:bc:f4:11:1e:2f:3a:82:81:37:
44:45:db:47:c9:57:b0:c9:58:10:07:fe:9f:50:be:0c:26:8e:
e4:80:27:de:08:91:19:bf:d2:1a:fc:d4:da:e9:c2:99:c7:6a:
4d:6b:20:6d:90:30:a6:fd:bf:e3:77:4a:62:c2:7a:0a:b0:74:
cf:84:62:32:3c:c3:48:96:fd:c2:c7:94:6e:15:6e:45:1d:f5:
a3:f7:9f:31
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZMgf9oAo1KQ7ijhijbx/9KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjQxMTEyMTMxMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk3MTA1YTMwYjViMGEzMmJiN2RlZjUzZmRkNTg2MmNjY2EzZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1byULdDq6+wTUOftre3KcGzhVvA+
lSnRtwqTP7q7MtJyjlapfaGKzcDwDba3GF+a9u6KE7ZXb8Sa9w1N05dBy1Knmfki
7/YuD3ivj1Hx2Agh/mS1jnrfqwGcFKhWfr/7rC1mt0U7Reh71cdQ006CK+g87D7I
UvhyMsT4zSv9uFtdwX0Br4YS90p4yWbrGRZl0CEEfogd3lqF87RNIRJHCJjLZ8e/
iuA5moT/IMtu9+XST4KG5BtCfDOc0/BfBnKVcQ1IVvPXyiBSGSTnXIs2sh5kOQ/W
EwbFKPIKARYvNAbQxzuFZ1YoKlpYQtuCHbgYhrni4Ff6Qy405QyRMKx6aQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPuXEFowtbCjK7fe9T/dWGLMyj/qMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvMS01Y1FXakMxc0tNcnQ5NzFQOTFZWXN6S1Atby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODgvYWJlMTZiLTkyY2MtNDhlMy1iNWI5LTg2YTJmMDY3YjRl
OC8xL3RBVE1EZ09Pc09hWDdHNTY1SjBDaGhSdURCby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALB0BAME
ANlyIzANBgkqhkiG9w0BAQsFAAOCAQEAqILuibVT8HYo11JuV9Pj1FibJfFbRhwI
lZ8NF3Heh3TFxVhOmCTJFxAyzHliCqD+S14BeobMXWxrIGl24l7TGDPpJFU9CAZf
FohgbAOumZfq5++4XA8seD95mwvSk/ILbKMM/A5nQo2+hlAKg+PQAMQGWuv988BR
O6H4/uEqtYEg9KFDOP9Hr3uAbscelw56pGIRNRCJ8rri/tsWEL2Bi/eIINYDZc2h
JkSbvPQRHi86goE3REXbR8lXsMlYEAf+n1C+DCaO5IAn3giRGb/SGvzU2unCmcdq
TWsgbZAwpv2/43dKYsJ6CrB0z4RiMjzDSJb9wseUbhVuRR31o/efMQ==
-----END CERTIFICATE-----
Generated at Thu Nov 14 17:22:46 2024 by rpki-client on console.sobornost.net