Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/jQsiSn1kSSa60AFpmNiWNG5hgjs.roa
File: jQsiSn1kSSa60AFpmNiWNG5hgjs.roa (raw, json)
Hash identifier: hkCNIFbxm7c0Am48RfW6GvHb8FXbOhlx2hszNK1Z2to=
Subject key identifier: 8D:0B:22:4A:7D:64:49:26:BA:D0:01:69:98:D8:96:34:6E:61:82:3B
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018CC4249923F6E69C3044BC77DF5DE6E968
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/jQsiSn1kSSa60AFpmNiWNG5hgjs.roa
Signing time: Mon 01 Jan 2024 08:29:41 +0000
ROA not before: Mon 01 Jan 2024 08:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199077
IP address blocks: 46.21.17.0/24 maxlen: 24
46.21.21.0/24 maxlen: 24
46.21.22.0/24 maxlen: 24
46.21.18.0/24 maxlen: 24
46.21.19.0/24 maxlen: 24
193.222.105.0/24 maxlen: 24
193.222.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:99:23:f6:e6:9c:30:44:bc:77:df:5d:e6:e9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 1 08:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d0b224a7d644926bad0016998d896346e61823b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:91:4c:c8:e5:48:fe:01:fe:c8:9a:dd:0b:
0f:e9:5b:8f:38:64:6a:9e:85:3f:a5:0d:2a:5c:ed:
f2:11:62:2d:e5:53:ab:c7:eb:e5:54:1c:62:8f:92:
5b:00:e2:9c:b0:ea:9e:de:fc:32:ef:eb:da:2c:be:
02:f3:35:41:ad:75:6b:5d:69:4d:ca:f3:e5:10:d4:
6b:19:6c:10:70:bc:a6:4e:44:f8:d8:7e:89:c9:64:
5a:6a:c8:96:ac:64:85:c8:52:02:82:2c:49:9c:b0:
23:70:29:de:34:aa:5d:8d:98:bd:86:eb:77:62:89:
ab:1e:3f:68:97:3d:eb:77:fa:2c:2e:fc:75:ba:10:
17:f6:b1:6e:31:ea:20:22:59:27:ca:df:78:f0:01:
05:db:ce:8d:9c:5b:83:e4:f4:9a:da:d7:3d:1a:42:
d2:d3:15:f3:82:19:4f:e2:48:21:29:c4:27:24:2b:
8e:2e:72:0c:db:49:2f:8a:c9:76:36:bb:df:0e:21:
c6:8d:e3:97:0f:e3:ee:7c:23:25:97:94:ec:8b:30:
e4:9f:17:43:8e:eb:c2:2c:23:49:97:2b:a2:98:fa:
a1:ea:b3:7b:20:ee:cc:61:11:9e:c1:12:1d:ff:20:
a8:c5:89:71:d7:d1:5c:b4:d0:aa:c4:f2:39:c7:8e:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0B:22:4A:7D:64:49:26:BA:D0:01:69:98:D8:96:34:6E:61:82:3B
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/jQsiSn1kSSa60AFpmNiWNG5hgjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.17.0-46.21.19.255
46.21.21.0-46.21.22.255
193.222.104.0/23
Signature Algorithm: sha256WithRSAEncryption
99:6a:33:eb:93:91:d1:df:ce:f1:3a:bf:9e:6e:e0:d9:25:fc:
1e:54:85:f2:2e:75:c9:3e:f8:57:1f:cc:22:31:b3:b7:02:d9:
25:f2:8f:cd:cb:c1:65:97:19:df:75:a5:a1:32:7b:07:95:4e:
aa:fe:77:8a:ef:61:96:6c:60:0c:41:49:f0:33:9b:a9:9d:e3:
79:24:96:bb:a7:04:a9:08:2d:f5:84:87:41:b2:e1:a4:89:23:
2f:b4:1e:f7:a4:b3:a2:3e:82:01:e6:f0:87:b7:b2:30:10:8b:
10:ce:ea:d6:40:6b:2e:90:d2:f3:e3:3f:a5:e8:72:f7:3d:cb:
26:4a:c1:c1:e6:54:7e:c0:3e:18:93:17:c6:30:51:62:77:8f:
69:08:b2:3d:c6:18:7b:45:9b:3e:ea:b5:44:06:20:2f:5f:a1:
a9:e5:9e:70:a1:c3:12:4b:86:59:a9:bc:95:2a:e1:6a:33:9a:
20:ef:72:39:65:f4:fc:c9:c3:72:63:71:4f:cb:f3:9a:ef:fc:
9b:d2:4c:50:da:dd:6c:42:d2:af:c5:0c:51:1e:a2:69:aa:a3:
a6:fa:14:2b:22:c2:55:a0:6e:80:f9:04:08:7b:42:79:5c:ee:
f6:ed:c0:62:e7:04:d1:90:f5:fb:c8:fa:fd:a5:2a:a9:ad:94:
01:a2:f0:49
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzEJJkj9uacMES8d99d5uloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwMTAxMDgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBiMjI0YTdkNjQ0OTI2YmFkMDAxNjk5OGQ4OTYzNDZlNjE4MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHaRTMjlSP4B/sia3QsP6VuPOGRq
noU/pQ0qXO3yEWIt5VOrx+vlVBxij5JbAOKcsOqe3vwy7+vaLL4C8zVBrXVrXWlN
yvPlENRrGWwQcLymTkT42H6JyWRaasiWrGSFyFICgixJnLAjcCneNKpdjZi9hut3
YomrHj9olz3rd/osLvx1uhAX9rFuMeogIlknyt948AEF286NnFuD5PSa2tc9GkLS
0xXzghlP4kghKcQnJCuOLnIM20kvisl2NrvfDiHGjeOXD+PufCMll5TsizDknxdD
juvCLCNJlyuimPqh6rN7IO7MYRGewRId/yCoxYlx19FctNCqxPI5x46jCQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFI0LIkp9ZEkmutABaZjYljRuYYI7MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvalFzaVNuMWtTU2E2MEFGcG1OaVdORzVoZ2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAuFRED
BAIuFRAwDAMEAC4VFQMEAC4VFgMEAcHeaDANBgkqhkiG9w0BAQsFAAOCAQEAmWoz
65OR0d/O8Tq/nm7g2SX8HlSF8i51yT74Vx/MIjGztwLZJfKPzcvBZZcZ33WloTJ7
B5VOqv53iu9hlmxgDEFJ8DObqZ3jeSSWu6cEqQgt9YSHQbLhpIkjL7Qe96Szoj6C
Aebwh7eyMBCLEM7q1kBrLpDS8+M/pehy9z3LJkrBweZUfsA+GJMXxjBRYnePaQiy
PcYYe0WbPuq1RAYgL1+hqeWecKHDEkuGWam8lSrhajOaIO9yOWX0/MnDcmNxT8vz
mu/8m9JMUNrdbELSr8UMUR6iaaqjpvoUKyLCVaBugPkECHtCeVzu9u3AYucE0ZD1
+8j6/aUqqa2UAaLwSQ==
-----END CERTIFICATE-----
Generated at Thu May 9 03:56:50 2024 by rpki-client on console.sobornost.net