Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/ulfnS4VODpeY1ryoXpkprtczm0M.roa
File: ulfnS4VODpeY1ryoXpkprtczm0M.roa (raw, json)
Hash identifier: IDOgdJGIayidPPniQ4T6Km8WvdFiiJAq+Ac7MEB++4Q=
Subject key identifier: BA:57:E7:4B:85:4E:0E:97:98:D6:BC:A8:5E:99:29:AE:D7:33:9B:43
Certificate issuer: /CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Certificate serial: 018CC94C9C989ACEE6153D5ED069F9B31798
Authority key identifier: 83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/ulfnS4VODpeY1ryoXpkprtczm0M.roa
Signing time: Tue 02 Jan 2024 08:31:30 +0000
ROA not before: Tue 02 Jan 2024 08:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16167
IP address blocks: 193.41.230.0/24 maxlen: 24
185.243.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:9c:98:9a:ce:e6:15:3d:5e:d0:69:f9:b3:17:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Validity
Not Before: Jan 2 08:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba57e74b854e0e9798d6bca85e9929aed7339b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7b:6d:2d:af:59:52:cc:ab:9e:aa:4f:e6:6f:
2e:16:79:d3:95:05:3a:f4:4e:b5:d7:47:9c:fc:fb:
67:5c:e4:b5:bb:70:17:b9:e6:89:30:6b:2b:98:d1:
95:6f:1c:5b:30:b8:a0:c6:02:82:53:35:e4:06:27:
0e:c0:79:80:be:ae:db:ee:34:a1:91:f8:96:3d:c8:
9d:82:d2:15:50:8b:6d:ce:d6:ed:b7:07:1e:ea:7e:
28:cc:df:56:76:93:27:73:15:a7:27:7d:ff:f6:99:
4c:75:94:3a:14:ed:24:ac:01:81:b2:cf:f0:12:06:
8d:bd:93:74:80:0b:0e:c6:03:81:70:28:13:0f:8d:
bf:19:07:85:ce:12:89:46:fb:df:03:ee:10:81:84:
01:d4:38:b7:3d:2a:95:42:06:77:3a:84:15:8a:27:
aa:0d:e8:00:9c:f1:9f:cd:6a:b2:67:3a:d5:ae:bc:
c4:99:01:23:da:bd:30:c9:bb:bb:9b:01:80:8f:fe:
b2:66:bf:4e:ac:99:78:fe:fe:e5:ec:0f:54:06:cc:
79:29:9b:f7:da:f7:ba:d1:31:e8:36:81:e0:1c:eb:
ea:52:f3:f9:4f:60:dc:33:f6:38:1e:a5:22:78:70:
c4:83:f1:2f:b2:b6:6b:c5:1f:85:fc:06:a9:50:cf:
d3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:57:E7:4B:85:4E:0E:97:98:D6:BC:A8:5E:99:29:AE:D7:33:9B:43
X509v3 Authority Key Identifier:
keyid:83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/ulfnS4VODpeY1ryoXpkprtczm0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.0.0/24
193.41.230.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7c:1d:39:29:30:46:46:85:66:72:74:ba:14:43:63:db:9e:
85:ca:ea:8f:e1:8b:f5:fc:12:f1:a4:55:d3:10:62:0a:a5:49:
12:d0:d1:27:14:14:aa:df:50:48:78:aa:bd:2c:dd:7f:06:09:
8f:23:96:00:a1:44:b1:2c:45:e1:b7:a5:d4:ef:81:30:08:ce:
58:aa:6e:60:83:fb:b3:d6:01:b4:f5:9e:68:be:a7:91:e5:d9:
da:63:f9:ac:e5:96:63:60:00:42:12:8b:b8:55:16:de:47:fd:
f6:bb:83:dd:33:44:b1:56:7f:b6:6f:1f:af:a8:c5:42:e6:32:
fb:f7:ce:9a:42:2b:78:77:96:d7:d9:4b:f8:8e:a5:e3:f9:f8:
87:6c:a6:7b:3d:26:cc:b4:e6:41:80:69:89:20:94:44:ee:ef:
e0:1a:dd:78:ab:a1:87:7d:22:b2:38:d4:f7:15:dc:6e:f1:c2:
77:d8:d4:fb:4e:9c:f7:6c:84:8f:e8:c8:ff:c0:f0:b3:16:bc:
e9:e5:e7:57:b6:16:1c:c6:86:e7:13:2b:b1:f7:87:64:d1:7f:
eb:e9:b7:0a:46:cc:95:9e:7f:38:28:19:e4:4e:9d:80:ac:46:
56:9c:0c:e2:c3:4e:3e:6d:06:d7:f8:b0:35:46:da:95:73:c7:
66:8f:01:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTJyYms7mFT1e0Gn5sxeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZDgyOTI2M2IzYzVmNjM5NjgwMzdmOWU4NjNmZDBmZDAx
ZTc4NjkwHhcNMjQwMTAyMDgzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTU3ZTc0Yjg1NGUwZTk3OThkNmJjYTg1ZTk5MjlhZWQ3MzM5YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXttLa9ZUsyrnqpP5m8uFnnTlQU6
9E6110ec/PtnXOS1u3AXueaJMGsrmNGVbxxbMLigxgKCUzXkBicOwHmAvq7b7jSh
kfiWPcidgtIVUIttztbttwce6n4ozN9WdpMncxWnJ33/9plMdZQ6FO0krAGBss/w
EgaNvZN0gAsOxgOBcCgTD42/GQeFzhKJRvvfA+4QgYQB1Di3PSqVQgZ3OoQViieq
DegAnPGfzWqyZzrVrrzEmQEj2r0wybu7mwGAj/6yZr9OrJl4/v7l7A9UBsx5KZv3
2ve60THoNoHgHOvqUvP5T2DcM/Y4HqUieHDEg/EvsrZrxR+F/AapUM/T/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLpX50uFTg6XmNa8qF6ZKa7XM5tDMB8GA1UdIwQY
MBaAFIPYKSY7PF9jloA3+ehj/Q/QHnhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYt
M2MzNGE4YzI4Y2ExLzEvdWxmblM0Vk9EcGVZMXJ5b1hwa3BydGN6bTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYtM2MzNGE4YzI4Y2Ex
LzEvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufMAAwQA
wSnmMA0GCSqGSIb3DQEBCwUAA4IBAQAYfB05KTBGRoVmcnS6FENj256FyuqP4Yv1
/BLxpFXTEGIKpUkS0NEnFBSq31BIeKq9LN1/BgmPI5YAoUSxLEXht6XU74EwCM5Y
qm5gg/uz1gG09Z5ovqeR5dnaY/ms5ZZjYABCEou4VRbeR/32u4PdM0SxVn+2bx+v
qMVC5jL7986aQit4d5bX2Uv4jqXj+fiHbKZ7PSbMtOZBgGmJIJRE7u/gGt14q6GH
fSKyONT3Fdxu8cJ32NT7Tpz3bISP6Mj/wPCzFrzp5edXthYcxobnEyux94dk0X/r
6bcKRsyVnn84KBnkTp2ArEZWnAziw04+bQbX+LA1RtqVc8dmjwFv
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:44 2024 by rpki-client on console.sobornost.net