Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/PMzF5RcHAafG2DASsECPWviAWjQ.roa
File: PMzF5RcHAafG2DASsECPWviAWjQ.roa (raw, json)
Hash identifier: 77w+HSbxdXD6DtfFvp5WBuQe9iH/UkNyN1UKndERG8k=
Subject key identifier: 3C:CC:C5:E5:17:07:01:A7:C6:D8:30:12:B0:40:8F:5A:F8:80:5A:34
Certificate issuer: /CN=c9a36fdfa41c7469ce73dc8bbece9462dcb8c823
Certificate serial: 0187C7EB54E5B6A9427CCDFCFB6D5D564CD5
Authority key identifier: C9:A3:6F:DF:A4:1C:74:69:CE:73:DC:8B:BE:CE:94:62:DC:B8:C8:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yaNv36QcdGnOc9yLvs6UYty4yCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/PMzF5RcHAafG2DASsECPWviAWjQ.roa
Signing time: Fri 28 Apr 2023 12:51:41 +0000
ROA not before: Fri 28 Apr 2023 12:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3214
IP address blocks: 194.48.101.0/24 maxlen: 24
194.48.103.0/24 maxlen: 24
194.48.100.0/24 maxlen: 24
194.48.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:eb:54:e5:b6:a9:42:7c:cd:fc:fb:6d:5d:56:4c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a36fdfa41c7469ce73dc8bbece9462dcb8c823
Validity
Not Before: Apr 28 12:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cccc5e5170701a7c6d83012b0408f5af8805a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:b9:73:48:87:a3:29:5e:e3:24:87:09:f5:
a7:27:a7:84:86:a2:ee:b2:1a:f3:31:f6:6b:5b:78:
81:06:3b:fd:a9:40:19:e4:27:0c:96:e2:b8:b8:92:
b2:47:e9:c6:aa:87:42:06:58:f6:95:83:6d:b4:29:
59:b7:29:2d:1e:f3:91:4f:ad:3a:27:04:bb:cd:88:
03:1e:52:92:87:d5:ad:b1:68:e4:49:1c:8a:cd:02:
b1:00:32:57:f2:50:8b:f9:ec:54:21:99:3c:bc:4b:
01:15:aa:22:31:82:6e:05:56:7f:e3:8c:ea:42:89:
a7:6b:b1:b7:bd:23:ed:11:a7:4a:04:16:cc:03:63:
5b:ca:bc:b7:24:a7:04:fa:1d:dd:c9:c9:46:59:68:
90:ab:8d:a2:07:0b:e7:d3:c1:ad:4e:e9:23:00:27:
45:37:b6:66:8e:08:ee:83:fa:1f:60:16:c8:ce:d1:
75:9c:7f:0d:a9:5d:36:4c:ee:5c:ec:59:4d:80:ca:
95:ff:2a:a6:3b:38:ba:35:92:38:02:20:47:85:93:
14:ad:8e:93:8f:16:ec:19:27:3c:9c:2b:24:9a:39:
6b:1b:66:20:f6:91:ca:7d:38:7e:95:b4:6d:73:36:
79:4c:5f:ee:9a:7c:af:20:12:e5:2f:b1:4e:ef:9d:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CC:C5:E5:17:07:01:A7:C6:D8:30:12:B0:40:8F:5A:F8:80:5A:34
X509v3 Authority Key Identifier:
keyid:C9:A3:6F:DF:A4:1C:74:69:CE:73:DC:8B:BE:CE:94:62:DC:B8:C8:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yaNv36QcdGnOc9yLvs6UYty4yCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/PMzF5RcHAafG2DASsECPWviAWjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/yaNv36QcdGnOc9yLvs6UYty4yCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.100.0/22
Signature Algorithm: sha256WithRSAEncryption
30:e4:c6:f9:c0:4c:18:a6:c4:c2:d0:86:8a:5b:56:55:51:1f:
aa:3a:4b:55:5f:21:98:1c:33:ae:d2:d8:24:b6:a9:58:e0:7c:
73:f8:6b:de:88:d3:05:b1:15:1d:5c:b7:4a:ba:d7:05:f7:cb:
54:fc:10:9b:50:bf:5b:7a:03:ae:ce:7d:37:01:c9:9c:ac:f0:
54:1b:d3:bb:82:47:e4:6a:34:81:2e:df:d1:b3:a5:45:76:e6:
84:a0:bf:fc:ef:b9:87:16:46:bb:f7:24:f9:4c:0a:b2:71:19:
33:0d:11:b4:96:60:14:8c:da:dd:6a:48:43:94:6b:97:ad:64:
75:c2:14:d9:02:a5:e6:74:6a:fa:7f:2d:e0:39:c6:3f:b4:de:
24:3e:09:e5:56:58:83:97:10:d9:75:3d:60:c9:cb:05:60:ab:
2e:64:57:90:64:b5:0b:15:ec:36:d1:c0:de:d0:28:c3:08:f3:
d9:97:54:d8:57:3c:35:a0:a5:21:8a:73:13:dd:57:05:6e:ce:
00:3f:da:c0:dd:26:cc:df:7c:c9:a2:72:62:08:6e:8a:c2:78:
e7:18:a3:f7:c8:ca:85:75:89:00:7e:5c:ac:eb:5c:29:38:b3:
3e:1b:2c:35:bc:a6:89:29:a5:ad:a1:94:66:72:08:66:78:88:
3f:d0:6b:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfH61TltqlCfM38+21dVkzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTM2ZmRmYTQxYzc0NjljZTczZGM4YmJlY2U5NDYyZGNi
OGM4MjMwHhcNMjMwNDI4MTI1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NjYzVlNTE3MDcwMWE3YzZkODMwMTJiMDQwOGY1YWY4ODA1YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvS5c0iHoyle4ySHCfWnJ6eEhqLu
shrzMfZrW3iBBjv9qUAZ5CcMluK4uJKyR+nGqodCBlj2lYNttClZtyktHvORT606
JwS7zYgDHlKSh9WtsWjkSRyKzQKxADJX8lCL+exUIZk8vEsBFaoiMYJuBVZ/44zq
Qomna7G3vSPtEadKBBbMA2Nbyry3JKcE+h3dyclGWWiQq42iBwvn08GtTukjACdF
N7Zmjgjug/ofYBbIztF1nH8NqV02TO5c7FlNgMqV/yqmOzi6NZI4AiBHhZMUrY6T
jxbsGSc8nCskmjlrG2Yg9pHKfTh+lbRtczZ5TF/umnyvIBLlL7FO751JvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzMxeUXBwGnxtgwErBAj1r4gFo0MB8GA1UdIwQY
MBaAFMmjb9+kHHRpznPci77OlGLcuMgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFOdjM2UWNkR25PYzl5THZzNlVZdHk0eUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8yNWE4YmMtNTdmMC00M2Y4LWJjMDIt
ZjVhOWM0MzdiYjI4LzEvUE16RjVSY0hBYWZHMkRBU3NFQ1BXdmlBV2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8yNWE4YmMtNTdmMC00M2Y4LWJjMDItZjVhOWM0MzdiYjI4
LzEveWFOdjM2UWNkR25PYzl5THZzNlVZdHk0eUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjBkMA0G
CSqGSIb3DQEBCwUAA4IBAQAw5Mb5wEwYpsTC0IaKW1ZVUR+qOktVXyGYHDOu0tgk
tqlY4Hxz+GveiNMFsRUdXLdKutcF98tU/BCbUL9begOuzn03AcmcrPBUG9O7gkfk
ajSBLt/Rs6VFduaEoL/877mHFka79yT5TAqycRkzDRG0lmAUjNrdakhDlGuXrWR1
whTZAqXmdGr6fy3gOcY/tN4kPgnlVliDlxDZdT1gycsFYKsuZFeQZLULFew20cDe
0CjDCPPZl1TYVzw1oKUhinMT3VcFbs4AP9rA3SbM33zJonJiCG6KwnjnGKP3yMqF
dYkAflys61wpOLM+Gyw1vKaJKaWtoZRmcghmeIg/0Gv6
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:33 2023 by rpki-client on console.sobornost.net