Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/IhTgC_b0XbFf3uZLAv2hCc7gzTg.roa
File: IhTgC_b0XbFf3uZLAv2hCc7gzTg.roa (raw, json)
Hash identifier: qhPzxIkTMzCpBXMPZFnPya7N+vIG/Gqi0HJgnBMm370=
Subject key identifier: 22:14:E0:0B:F6:F4:5D:B1:5F:DE:E6:4B:02:FD:A1:09:CE:E0:CD:38
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0193BAE61A57532BD14519ADF4EB47CD13A0
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/IhTgC_b0XbFf3uZLAv2hCc7gzTg.roa
Signing time: Thu 12 Dec 2024 12:44:22 +0000
ROA not before: Thu 12 Dec 2024 12:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21343
IP address blocks: 91.223.19.0/24 maxlen: 24
185.158.208.0/22 maxlen: 24
194.110.204.0/24 maxlen: 24
195.234.112.0/22 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:e6:1a:57:53:2b:d1:45:19:ad:f4:eb:47:cd:13:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Dec 12 12:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2214e00bf6f45db15fdee64b02fda109cee0cd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:dc:32:f3:88:28:21:78:b5:bb:7d:ee:fd:
58:19:48:56:ba:b2:79:1a:96:64:55:1a:61:a1:aa:
95:ac:d1:fa:3f:d8:55:51:f3:ce:42:5b:ff:af:2c:
3a:52:04:57:e3:48:43:af:8e:d2:21:cf:3f:f2:5e:
02:df:a4:7e:ae:33:9a:3f:86:b8:7d:bb:c4:52:25:
9b:c3:ed:d5:8e:8a:71:f6:e4:98:eb:5d:5a:8d:52:
fa:e0:98:e1:39:52:5e:40:50:00:04:b5:05:b9:6f:
88:c8:33:e6:68:d8:79:6f:c6:00:72:e7:c1:07:41:
1b:f0:9b:19:91:b4:cc:14:50:5a:d9:d6:20:cb:4e:
4b:ff:ba:1e:8e:85:45:b7:4c:82:e5:f0:2f:e3:9a:
67:13:82:fb:cb:ef:58:8c:bc:55:c2:b4:a0:ff:c4:
ce:40:06:f2:9f:68:cc:2f:fa:7c:dd:ef:0d:f8:b1:
95:8a:cc:74:b6:d9:fe:aa:9e:16:69:74:99:67:80:
82:42:0d:9a:66:33:c7:8c:40:a0:2b:3f:f0:23:21:
24:cc:44:9e:28:96:49:31:9b:8f:d9:55:1f:ba:c0:
53:6f:56:bc:c7:b2:17:9a:11:ad:80:83:94:f2:bf:
4b:1b:d4:ba:79:67:8d:91:31:a9:03:68:4a:e2:34:
40:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:14:E0:0B:F6:F4:5D:B1:5F:DE:E6:4B:02:FD:A1:09:CE:E0:CD:38
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/IhTgC_b0XbFf3uZLAv2hCc7gzTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.19.0/24
185.158.208.0/22
194.110.204.0/24
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
ac:d1:72:1d:ad:fa:87:a6:bd:77:7c:25:f6:28:dd:ca:8c:40:
e0:f9:a1:6d:33:36:85:7c:29:c5:6e:07:c3:45:8f:fb:da:b1:
1e:03:6e:70:04:b6:ba:42:eb:9e:a7:3b:8a:71:91:ce:e8:64:
6d:15:8a:63:73:67:9b:59:b8:d2:89:d9:63:15:ca:04:cf:6c:
78:e4:cd:d8:7f:a7:36:49:30:9e:34:20:34:53:59:7c:99:e7:
fa:48:cd:63:c1:01:48:dd:bb:89:52:fe:f5:c3:fa:f9:74:c7:
6c:1c:68:46:1e:82:80:9e:e3:43:07:c9:ff:74:0c:d6:65:d7:
16:a6:a8:71:29:2d:c0:ce:e0:c4:82:4d:80:d0:42:56:5b:b1:
b3:d7:cf:e4:0f:8d:fc:34:82:20:ce:6c:3c:c1:23:c1:3a:87:
3f:94:57:59:a8:f5:9d:49:f4:17:ea:80:dd:2d:23:9f:39:51:
1f:0d:93:2c:45:78:fb:83:57:d9:37:b8:d9:fe:f3:0e:bc:03:
66:da:e1:16:62:3f:fe:1b:7b:3f:ba:ac:55:aa:82:39:b9:3c:
80:40:b9:50:97:a8:fd:46:54:0e:b2:e1:62:6b:40:64:5f:a4:
bd:7b:ba:9a:68:7d:2c:cb:a3:47:8b:33:57:a3:53:96:26:16:
a2:a5:73:d8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZO65hpXUyvRRRmt9OtHzROgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjQxMjEyMTI0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE0ZTAwYmY2ZjQ1ZGIxNWZkZWU2NGIwMmZkYTEwOWNlZTBjZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAvcMvOIKCF4tbt97v1YGUhWurJ5
GpZkVRphoaqVrNH6P9hVUfPOQlv/ryw6UgRX40hDr47SIc8/8l4C36R+rjOaP4a4
fbvEUiWbw+3Vjopx9uSY611ajVL64JjhOVJeQFAABLUFuW+IyDPmaNh5b8YAcufB
B0Eb8JsZkbTMFFBa2dYgy05L/7oejoVFt0yC5fAv45pnE4L7y+9YjLxVwrSg/8TO
QAbyn2jML/p83e8N+LGVisx0ttn+qp4WaXSZZ4CCQg2aZjPHjECgKz/wIyEkzESe
KJZJMZuP2VUfusBTb1a8x7IXmhGtgIOU8r9LG9S6eWeNkTGpA2hK4jRAqQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCIU4Av29F2xX97mSwL9oQnO4M04MB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvSWhUZ0NfYjBYYkZmM3VaTEF2MmhDYzdnelRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAW98TAwQC
uZ7QAwQAwm7MAwQCw+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOC
AQEArNFyHa36h6a9d3wl9ijdyoxA4PmhbTM2hXwpxW4Hw0WP+9qxHgNucAS2ukLr
nqc7inGRzuhkbRWKY3Nnm1m40onZYxXKBM9seOTN2H+nNkkwnjQgNFNZfJnn+kjN
Y8EBSN27iVL+9cP6+XTHbBxoRh6CgJ7jQwfJ/3QM1mXXFqaocSktwM7gxIJNgNBC
Vluxs9fP5A+N/DSCIM5sPMEjwTqHP5RXWaj1nUn0F+qA3S0jnzlRHw2TLEV4+4NX
2Te42f7zDrwDZtrhFmI//ht7P7qsVaqCObk8gEC5UJeo/UZUDrLhYmtAZF+kvXu6
mmh9LMujR4szV6NTliYWoqVz2A==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:42 2024 by rpki-client on console.sobornost.net