Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Kn4Dk7UbLtG9LDbWmUQkOem5YaA.roa
File: Kn4Dk7UbLtG9LDbWmUQkOem5YaA.roa (raw, json)
Hash identifier: 3ifYlJ9HF1rfeBApRpnTIi3IzPYoflWxV9Bb5zK8v8o=
Subject key identifier: 2A:7E:03:93:B5:1B:2E:D1:BD:2C:36:D6:99:44:24:39:E9:B9:61:A0
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC5006FFDCF3319FBD814A30EFC20BDEF
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Kn4Dk7UbLtG9LDbWmUQkOem5YaA.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197393
IP address blocks: 193.138.152.0/22 maxlen: 22
185.138.68.0/22 maxlen: 22
2a07:bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:6f:fd:cf:33:19:fb:d8:14:a3:0e:fc:20:bd:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a7e0393b51b2ed1bd2c36d699442439e9b961a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b7:1e:c4:af:4d:8b:c3:10:fb:d4:b8:7e:26:
b2:38:d7:67:c1:ec:6d:04:14:b8:11:db:7d:bb:91:
4a:b4:37:ee:25:ab:83:3c:41:00:bd:e0:17:6f:ac:
f1:b8:8b:c1:59:4f:1c:e4:3e:6a:f8:45:10:99:9a:
db:51:b1:fc:55:df:02:5a:8f:7f:e9:e2:99:03:14:
9b:20:a8:67:57:9c:11:96:01:4f:57:62:9a:82:54:
cc:ee:05:3c:4d:aa:8c:65:d8:ed:c1:c0:aa:f1:a1:
91:0b:1d:e4:51:ca:ca:45:7e:ba:08:90:bd:2b:b2:
7b:4f:d4:93:a4:41:74:69:68:05:f7:60:3d:34:b0:
a6:47:f6:37:ab:88:dc:df:5d:aa:a3:98:70:3a:6b:
2e:8e:cb:c0:0e:a6:6b:ab:94:5a:41:db:f5:8e:f8:
72:c2:f2:1b:29:31:4e:ba:15:6c:38:3d:97:a1:d2:
e2:1f:2e:4c:b4:1f:b9:14:0f:b3:fd:43:7c:40:8a:
f7:2d:7d:e2:ae:be:eb:2e:61:54:9f:a9:74:35:fc:
5b:26:90:2d:12:0d:9f:78:e2:7a:40:8c:37:0f:93:
a4:27:6e:fc:1e:6f:c6:81:4b:e5:a8:be:cc:3e:b5:
1c:af:f4:ac:42:92:a5:78:3f:24:37:79:c5:56:b3:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7E:03:93:B5:1B:2E:D1:BD:2C:36:D6:99:44:24:39:E9:B9:61:A0
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Kn4Dk7UbLtG9LDbWmUQkOem5YaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.68.0/22
193.138.152.0/22
IPv6:
2a07:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
72:3f:18:20:20:8f:b8:64:48:29:db:28:26:8c:b3:d9:b7:21:
27:54:0d:76:f9:ce:82:90:82:65:b2:4c:f9:c0:da:42:f2:59:
98:ed:31:b2:41:cd:35:0b:c3:1b:72:bd:66:30:53:c9:bb:23:
d1:3e:6d:47:74:7f:ff:76:0b:05:72:f2:64:3e:09:50:b3:1e:
b4:82:82:70:c2:23:a9:7d:1b:1c:ca:85:e7:83:34:64:bf:bc:
dc:0f:66:87:24:ed:31:14:44:03:33:de:14:1c:27:d4:13:a3:
86:5c:8e:57:23:36:b6:09:f2:85:35:48:77:04:e8:5c:69:60:
5b:5b:88:26:d6:84:a6:e3:30:38:07:ed:cd:f2:74:7d:91:ee:
6d:ae:84:e5:ce:51:d9:07:a5:c9:39:5a:de:87:60:fd:6b:6e:
6d:b6:f0:f8:2d:9b:b0:2a:aa:13:ec:7c:ad:13:dd:3c:c4:71:
9b:19:88:74:9e:10:47:82:b5:ae:5c:91:bc:ee:08:c6:e6:24:
aa:f6:f6:df:99:59:15:1f:7a:f4:26:b3:7e:f3:a6:d0:c7:60:
d7:ee:2d:a4:94:44:22:65:0b:4d:17:36:f5:96:9c:54:9c:ac:
4c:da:5f:46:01:16:7c:1e:3a:f1:77:d6:e8:39:0e:21:dc:9a:
31:52:0c:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAG/9zzMZ+9gUow78IL3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdlMDM5M2I1MWIyZWQxYmQyYzM2ZDY5OTQ0MjQzOWU5Yjk2MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbcexK9Ni8MQ+9S4fiayONdnwext
BBS4Edt9u5FKtDfuJauDPEEAveAXb6zxuIvBWU8c5D5q+EUQmZrbUbH8Vd8CWo9/
6eKZAxSbIKhnV5wRlgFPV2KaglTM7gU8TaqMZdjtwcCq8aGRCx3kUcrKRX66CJC9
K7J7T9STpEF0aWgF92A9NLCmR/Y3q4jc312qo5hwOmsujsvADqZrq5RaQdv1jvhy
wvIbKTFOuhVsOD2XodLiHy5MtB+5FA+z/UN8QIr3LX3irr7rLmFUn6l0NfxbJpAt
Eg2feOJ6QIw3D5OkJ278Hm/GgUvlqL7MPrUcr/SsQpKleD8kN3nFVrOjNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCp+A5O1Gy7RvSw21plEJDnpuWGgMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvS240RGs3VWJMdEc5TERiV21VUWtPZW01WWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYpEAwQC
wYqYMA0EAgACMAcDBQMqBwvAMA0GCSqGSIb3DQEBCwUAA4IBAQByPxggII+4ZEgp
2ygmjLPZtyEnVA12+c6CkIJlskz5wNpC8lmY7TGyQc01C8Mbcr1mMFPJuyPRPm1H
dH//dgsFcvJkPglQsx60goJwwiOpfRscyoXngzRkv7zcD2aHJO0xFEQDM94UHCfU
E6OGXI5XIza2CfKFNUh3BOhcaWBbW4gm1oSm4zA4B+3N8nR9ke5troTlzlHZB6XJ
OVreh2D9a25ttvD4LZuwKqoT7HytE908xHGbGYh0nhBHgrWuXJG87gjG5iSq9vbf
mVkVH3r0JrN+86bQx2DX7i2klEQiZQtNFzb1lpxUnKxM2l9GARZ8Hjrxd9boOQ4h
3JoxUgz5
-----END CERTIFICATE-----
Generated at Fri Sep 27 20:09:04 2024 by rpki-client on console.sobornost.net