Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jfk-Ep_-BeZ_fCE5EZ8pTgpMHbU.roa
File: jfk-Ep_-BeZ_fCE5EZ8pTgpMHbU.roa (raw, json)
Hash identifier: CL3BtggEHxVr2f+h71vFx2QXm53ik/KXtVuPVSrblb8=
Subject key identifier: 8D:F9:3E:12:9F:FE:05:E6:7F:7C:21:39:11:9F:29:4E:0A:4C:1D:B5
Certificate issuer: /CN=8ec3bb12f5f62a1088b07a9816c46306d1161e1d
Certificate serial: 01938C5B3DD94034DC19B8CE1C7CCF0E0BA9
Authority key identifier: 8E:C3:BB:12:F5:F6:2A:10:88:B0:7A:98:16:C4:63:06:D1:16:1E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsO7EvX2KhCIsHqYFsRjBtEWHh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jfk-Ep_-BeZ_fCE5EZ8pTgpMHbU.roa
Signing time: Tue 03 Dec 2024 11:50:10 +0000
ROA not before: Tue 03 Dec 2024 11:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216302
IP address blocks: 31.24.248.0/24 maxlen: 24
2a12:48c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:5b:3d:d9:40:34:dc:19:b8:ce:1c:7c:cf:0e:0b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec3bb12f5f62a1088b07a9816c46306d1161e1d
Validity
Not Before: Dec 3 11:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8df93e129ffe05e67f7c2139119f294e0a4c1db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:1f:7f:6d:4e:a8:a2:3a:36:da:0f:de:d6:
9f:38:ff:7a:fe:83:84:31:c5:60:12:7c:6a:22:94:
a7:03:57:54:5b:9a:50:72:d1:80:39:65:f2:5f:e6:
0b:69:93:b3:ed:b0:07:73:fc:fb:ea:c5:fb:78:23:
8c:79:a9:67:d6:92:1c:4f:b6:d4:b7:24:28:81:ab:
f5:17:64:26:9a:2e:d2:d8:42:a4:39:b5:e2:33:91:
e7:8a:a5:d9:1d:7d:15:24:cb:b6:5a:60:41:50:8e:
6a:da:6c:08:ec:c8:e5:fb:be:c1:13:36:5d:2f:4a:
c1:4d:b0:56:50:8f:de:52:12:a4:bf:bc:95:12:e4:
90:1d:bc:77:5e:1b:46:45:04:66:57:08:20:cd:07:
b8:77:2c:12:71:8e:08:98:77:ec:f1:de:ce:3b:b9:
1a:04:3c:9a:3c:c1:23:e4:dc:2f:ec:1a:e6:f8:0d:
ef:03:b6:90:89:20:7a:bb:e0:70:c0:cf:a2:a8:43:
fd:1f:a6:21:08:d4:8f:92:38:82:97:ba:e1:2e:5d:
1f:6a:25:48:c2:1f:69:89:f1:1d:83:ec:84:7f:5d:
d1:cc:87:a7:fc:aa:65:c2:b5:91:22:0b:ee:b2:6f:
57:0b:ea:b9:77:a9:1d:24:c8:e1:85:d9:86:5c:e7:
55:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F9:3E:12:9F:FE:05:E6:7F:7C:21:39:11:9F:29:4E:0A:4C:1D:B5
X509v3 Authority Key Identifier:
keyid:8E:C3:BB:12:F5:F6:2A:10:88:B0:7A:98:16:C4:63:06:D1:16:1E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsO7EvX2KhCIsHqYFsRjBtEWHh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jfk-Ep_-BeZ_fCE5EZ8pTgpMHbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jsO7EvX2KhCIsHqYFsRjBtEWHh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.248.0/24
IPv6:
2a12:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:41:08:5f:26:8f:a7:6a:2c:c7:62:a8:de:69:48:95:d9:7c:
6c:41:9c:6d:6d:b6:1d:45:ff:a4:73:03:c4:82:76:fa:e9:8f:
23:d6:9a:79:5e:2f:bc:a6:6e:7c:83:dd:4d:3d:f8:75:85:7c:
36:c9:48:e3:9d:0c:6c:58:a6:67:38:1c:23:f9:81:0a:97:e9:
25:ab:3d:c4:3a:b8:ac:03:52:66:70:13:54:24:f8:e0:2a:79:
eb:6b:81:95:4f:ff:5c:b6:85:85:78:2d:7b:c5:f3:11:82:b1:
80:4d:4d:78:61:17:61:03:d9:4f:df:74:65:49:2f:4a:9d:ed:
83:73:66:fe:c5:3e:08:1e:6c:c2:9d:49:f6:fe:a2:29:c5:4b:
ec:c2:d7:96:f4:7d:ba:50:3d:ee:93:35:e2:75:03:e4:ac:68:
d4:8b:35:61:ce:f5:01:3c:3e:47:77:c4:36:bb:66:1b:c4:5b:
ce:70:23:d6:9d:5c:33:51:21:39:b6:88:45:33:8c:07:00:e9:
1a:76:8a:04:18:b0:93:dc:8d:04:98:f2:3e:89:fa:6f:54:29:
17:bd:e5:b0:92:e4:af:3e:2e:b1:a3:44:ea:de:7e:d4:59:f5:
2c:d9:c9:cc:27:3d:ba:1a:ae:28:7c:b9:de:b4:bd:6d:f2:97:
03:3c:4d:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOMWz3ZQDTcGbjOHHzPDgupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzNiYjEyZjVmNjJhMTA4OGIwN2E5ODE2YzQ2MzA2ZDEx
NjFlMWQwHhcNMjQxMjAzMTE1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY5M2UxMjlmZmUwNWU2N2Y3YzIxMzkxMTlmMjk0ZTBhNGMxZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAAff21OqKI6NtoP3tafOP96/oOE
McVgEnxqIpSnA1dUW5pQctGAOWXyX+YLaZOz7bAHc/z76sX7eCOMealn1pIcT7bU
tyQogav1F2Qmmi7S2EKkObXiM5HniqXZHX0VJMu2WmBBUI5q2mwI7Mjl+77BEzZd
L0rBTbBWUI/eUhKkv7yVEuSQHbx3XhtGRQRmVwggzQe4dywScY4ImHfs8d7OO7ka
BDyaPMEj5Nwv7Brm+A3vA7aQiSB6u+BwwM+iqEP9H6YhCNSPkjiCl7rhLl0faiVI
wh9pifEdg+yEf13RzIen/KplwrWRIgvusm9XC+q5d6kdJMjhhdmGXOdVZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI35PhKf/gXmf3whORGfKU4KTB21MB8GA1UdIwQY
MBaAFI7DuxL19ioQiLB6mBbEYwbRFh4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNPN0V2WDJLaENJc0hxWUZzUmpCdEVXSGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9jMGU0ZDYtZTdkYy00MWI0LWI1NjMt
YmJjNzYxMjljODliLzEvamZrLUVwXy1CZVpfZkNFNUVaOHBUZ3BNSGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9jMGU0ZDYtZTdkYy00MWI0LWI1NjMtYmJjNzYxMjljODli
LzEvanNPN0V2WDJLaENJc0hxWUZzUmpCdEVXSGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHxj4MA0E
AgACMAcDBQMqEkjAMA0GCSqGSIb3DQEBCwUAA4IBAQCgQQhfJo+naizHYqjeaUiV
2XxsQZxtbbYdRf+kcwPEgnb66Y8j1pp5Xi+8pm58g91NPfh1hXw2yUjjnQxsWKZn
OBwj+YEKl+klqz3EOrisA1JmcBNUJPjgKnnra4GVT/9ctoWFeC17xfMRgrGATU14
YRdhA9lP33RlSS9Kne2Dc2b+xT4IHmzCnUn2/qIpxUvswteW9H26UD3ukzXidQPk
rGjUizVhzvUBPD5Hd8Q2u2YbxFvOcCPWnVwzUSE5tohFM4wHAOkadooEGLCT3I0E
mPI+ifpvVCkXveWwkuSvPi6xo0Tq3n7UWfUs2cnMJz26Gq4ofLnetL1t8pcDPE1Q
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:29 2024 by rpki-client on console.sobornost.net