Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/qPGbJrv5yHu3tnpJruG5nhIyARc.roa
File: qPGbJrv5yHu3tnpJruG5nhIyARc.roa (raw, json)
Hash identifier: oyTyxyEIE4PPThR4s9igUE3A+OWAjfPpG+OSP9pqapo=
Subject key identifier: A8:F1:9B:26:BB:F9:C8:7B:B7:B6:7A:49:AE:E1:B9:9E:12:32:01:17
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 01939B6D833BAEBA8950770B0DA3500A4DC2
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/qPGbJrv5yHu3tnpJruG5nhIyARc.roa
Signing time: Fri 06 Dec 2024 10:04:25 +0000
ROA not before: Fri 06 Dec 2024 10:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 78.136.252.0/24 maxlen: 24
78.136.253.0/24 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:6d:83:3b:ae:ba:89:50:77:0b:0d:a3:50:0a:4d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Dec 6 10:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8f19b26bbf9c87bb7b67a49aee1b99e12320117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:44:f1:80:9c:db:9d:38:e4:76:9f:e3:82:
03:c6:49:de:2c:a4:4f:77:19:a6:17:4d:f7:38:e5:
d3:bf:3b:af:db:35:27:e2:60:ac:58:ac:05:97:02:
2c:a9:d7:ce:3c:63:14:a4:c4:b6:ec:f0:e3:1a:15:
d2:80:35:d3:8b:89:95:ef:a2:c9:cb:3e:7c:bf:e0:
dc:bd:b3:94:56:89:e6:0c:81:88:5e:2b:90:93:00:
b3:03:c9:32:0e:33:b6:90:3c:28:65:a3:4f:6f:f5:
46:73:b3:32:47:7e:87:70:d6:be:5d:ad:87:66:71:
8d:91:87:95:e7:44:2c:9e:7f:fc:c6:d6:74:1f:41:
c7:41:5a:19:01:86:fa:f8:06:64:7d:25:ed:7c:a4:
3b:79:f5:4b:2f:45:14:7b:24:d4:37:df:86:84:29:
00:e4:6c:a0:5c:b9:0a:fc:97:92:f2:f2:a4:3d:ea:
10:30:5f:98:1b:37:e9:85:c5:8a:4f:f6:d0:ec:f6:
6d:9f:f0:8e:4c:40:ac:bd:22:45:fb:05:3b:1d:b9:
83:2a:46:51:c8:ca:08:aa:6b:b2:ee:30:93:2f:08:
b4:7b:58:44:d5:10:36:36:83:22:78:7d:24:ba:25:
9f:d4:fb:bd:f7:c5:8e:ba:40:f9:2b:4c:8d:23:cb:
4c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F1:9B:26:BB:F9:C8:7B:B7:B6:7A:49:AE:E1:B9:9E:12:32:01:17
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/qPGbJrv5yHu3tnpJruG5nhIyARc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.252.0-78.136.254.255
Signature Algorithm: sha256WithRSAEncryption
2e:e5:e8:82:82:9a:59:ab:a1:08:ac:bc:25:98:d1:ff:37:9a:
d9:b0:61:c6:ec:53:32:26:bf:f7:cb:5f:2b:28:86:49:28:38:
7d:bd:38:3a:28:61:fe:4c:19:ab:fd:26:16:3f:77:e2:cb:2f:
24:68:62:b5:0c:15:21:12:b5:bd:4a:83:93:bf:5d:ca:9b:51:
fb:ad:6d:ff:6d:5f:2f:d4:fe:00:e4:83:82:e2:ce:4f:6f:54:
f7:b1:d5:23:29:77:5a:b0:2d:f1:f8:ab:23:26:80:58:34:b5:
c1:e9:22:0e:0a:f1:a3:bc:8f:f2:9b:b0:19:2e:2b:6e:57:dd:
d4:29:de:ed:83:6f:cd:5d:87:d6:50:80:29:37:3e:56:94:2c:
a2:f8:54:cb:05:7b:44:fc:48:53:12:3e:aa:5d:7e:b8:50:36:
d1:4e:af:73:1d:94:53:ab:db:16:52:18:4f:6c:cb:de:e1:31:
24:fa:a8:e1:13:a0:40:50:d4:e0:67:ea:ae:18:83:cb:57:2b:
99:e6:8d:58:4f:42:48:82:39:d3:47:25:dc:a0:50:89:03:75:
35:10:5d:b9:db:fb:68:9d:0e:f6:a9:25:32:16:14:e4:63:0e:
37:f9:38:07:52:3f:dc:78:d9:31:50:75:c6:77:d5:ad:f2:6d:
0d:ce:96:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZObbYM7rrqJUHcLDaNQCk3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjQxMjA2MTAwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGYxOWIyNmJiZjljODdiYjdiNjdhNDlhZWUxYjk5ZTEyMzIwMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW1E8YCc25045Haf44IDxkneLKRP
dxmmF033OOXTvzuv2zUn4mCsWKwFlwIsqdfOPGMUpMS27PDjGhXSgDXTi4mV76LJ
yz58v+DcvbOUVonmDIGIXiuQkwCzA8kyDjO2kDwoZaNPb/VGc7MyR36HcNa+Xa2H
ZnGNkYeV50Qsnn/8xtZ0H0HHQVoZAYb6+AZkfSXtfKQ7efVLL0UUeyTUN9+GhCkA
5GygXLkK/JeS8vKkPeoQMF+YGzfphcWKT/bQ7PZtn/COTECsvSJF+wU7HbmDKkZR
yMoIqmuy7jCTLwi0e1hE1RA2NoMieH0kuiWf1Pu998WOukD5K0yNI8tMFQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKjxmya7+ch7t7Z6Sa7huZ4SMgEXMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvcVBHYkpydjV5SHUzdG5wSnJ1RzVuaEl5QVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJOiPwD
BABOiP4wDQYJKoZIhvcNAQELBQADggEBAC7l6IKCmlmroQisvCWY0f83mtmwYcbs
UzImv/fLXysohkkoOH29ODooYf5MGav9JhY/d+LLLyRoYrUMFSEStb1Kg5O/Xcqb
Ufutbf9tXy/U/gDkg4Lizk9vVPex1SMpd1qwLfH4qyMmgFg0tcHpIg4K8aO8j/Kb
sBkuK25X3dQp3u2Db81dh9ZQgCk3PlaULKL4VMsFe0T8SFMSPqpdfrhQNtFOr3Md
lFOr2xZSGE9sy97hMST6qOEToEBQ1OBn6q4Yg8tXK5nmjVhPQkiCOdNHJdygUIkD
dTUQXbnb+2idDvapJTIWFORjDjf5OAdSP9x42TFQdcZ31a3ybQ3OluI=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:26 2024 by rpki-client on console.sobornost.net